gateway.v1alpha1.envoyProxy
"EnvoyProxy is the schema for the envoyproxies API."
Index
fn new(name)
obj metadata
fn withAnnotations(annotations)
fn withAnnotationsMixin(annotations)
fn withClusterName(clusterName)
fn withCreationTimestamp(creationTimestamp)
fn withDeletionGracePeriodSeconds(deletionGracePeriodSeconds)
fn withDeletionTimestamp(deletionTimestamp)
fn withFinalizers(finalizers)
fn withFinalizersMixin(finalizers)
fn withGenerateName(generateName)
fn withGeneration(generation)
fn withLabels(labels)
fn withLabelsMixin(labels)
fn withName(name)
fn withNamespace(namespace)
fn withOwnerReferences(ownerReferences)
fn withOwnerReferencesMixin(ownerReferences)
fn withResourceVersion(resourceVersion)
fn withSelfLink(selfLink)
fn withUid(uid)
obj spec
fn withConcurrency(concurrency)
fn withExtraArgs(extraArgs)
fn withExtraArgsMixin(extraArgs)
fn withFilterOrder(filterOrder)
fn withFilterOrderMixin(filterOrder)
fn withIpFamily(ipFamily)
fn withMergeGateways(mergeGateways)
fn withRoutingType(routingType)
obj spec.backendTLS
fn withAlpnProtocols(alpnProtocols)
fn withAlpnProtocolsMixin(alpnProtocols)
fn withCiphers(ciphers)
fn withCiphersMixin(ciphers)
fn withEcdhCurves(ecdhCurves)
fn withEcdhCurvesMixin(ecdhCurves)
fn withMaxVersion(maxVersion)
fn withMinVersion(minVersion)
fn withSignatureAlgorithms(signatureAlgorithms)
fn withSignatureAlgorithmsMixin(signatureAlgorithms)
obj spec.backendTLS.clientCertificateRef
obj spec.bootstrap
obj spec.filterOrder
obj spec.logging
obj spec.provider
fn withType(type)
obj spec.provider.kubernetes
fn withUseListenerPortAsContainerPort(useListenerPortAsContainerPort)
obj spec.provider.kubernetes.envoyDaemonSet
fn withName(name)
obj spec.provider.kubernetes.envoyDaemonSet.container
fn withEnv(env)
fn withEnvMixin(env)
fn withImage(image)
fn withVolumeMounts(volumeMounts)
fn withVolumeMountsMixin(volumeMounts)
obj spec.provider.kubernetes.envoyDaemonSet.container.env
fn withName(name)
fn withValue(value)
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.configMapKeyRef
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.fieldRef
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.resourceFieldRef
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.secretKeyRef
obj spec.provider.kubernetes.envoyDaemonSet.container.resources
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext
fn withAllowPrivilegeEscalation(allowPrivilegeEscalation)
fn withPrivileged(privileged)
fn withProcMount(procMount)
fn withReadOnlyRootFilesystem(readOnlyRootFilesystem)
fn withRunAsGroup(runAsGroup)
fn withRunAsNonRoot(runAsNonRoot)
fn withRunAsUser(runAsUser)
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.appArmorProfile
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.capabilities
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seLinuxOptions
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seccompProfile
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.windowsOptions
obj spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts
obj spec.provider.kubernetes.envoyDaemonSet.patch
obj spec.provider.kubernetes.envoyDaemonSet.pod
fn withAnnotations(annotations)
fn withAnnotationsMixin(annotations)
fn withImagePullSecrets(imagePullSecrets)
fn withImagePullSecretsMixin(imagePullSecrets)
fn withLabels(labels)
fn withLabelsMixin(labels)
fn withNodeSelector(nodeSelector)
fn withNodeSelectorMixin(nodeSelector)
fn withTolerations(tolerations)
fn withTolerationsMixin(tolerations)
fn withTopologySpreadConstraints(topologySpreadConstraints)
fn withTopologySpreadConstraintsMixin(topologySpreadConstraints)
fn withVolumes(volumes)
fn withVolumesMixin(volumes)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity
fn withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
fn withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution
fn withWeight(weight)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchFields(matchFields)
fn withMatchFieldsMixin(matchFields)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution
fn withNodeSelectorTerms(nodeSelectorTerms)
fn withNodeSelectorTermsMixin(nodeSelectorTerms)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchFields(matchFields)
fn withMatchFieldsMixin(matchFields)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity
fn withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
fn withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
fn withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)
fn withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution
fn withWeight(weight)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMismatchLabelKeys(mismatchLabelKeys)
fn withMismatchLabelKeysMixin(mismatchLabelKeys)
fn withNamespaces(namespaces)
fn withNamespacesMixin(namespaces)
fn withTopologyKey(topologyKey)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMismatchLabelKeys(mismatchLabelKeys)
fn withMismatchLabelKeysMixin(mismatchLabelKeys)
fn withNamespaces(namespaces)
fn withNamespacesMixin(namespaces)
fn withTopologyKey(topologyKey)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity
fn withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
fn withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
fn withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)
fn withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution
fn withWeight(weight)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMismatchLabelKeys(mismatchLabelKeys)
fn withMismatchLabelKeysMixin(mismatchLabelKeys)
fn withNamespaces(namespaces)
fn withNamespacesMixin(namespaces)
fn withTopologyKey(topologyKey)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMismatchLabelKeys(mismatchLabelKeys)
fn withMismatchLabelKeysMixin(mismatchLabelKeys)
fn withNamespaces(namespaces)
fn withNamespacesMixin(namespaces)
fn withTopologyKey(topologyKey)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions
obj spec.provider.kubernetes.envoyDaemonSet.pod.imagePullSecrets
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext
fn withFsGroup(fsGroup)
fn withFsGroupChangePolicy(fsGroupChangePolicy)
fn withRunAsGroup(runAsGroup)
fn withRunAsNonRoot(runAsNonRoot)
fn withRunAsUser(runAsUser)
fn withSupplementalGroups(supplementalGroups)
fn withSupplementalGroupsMixin(supplementalGroups)
fn withSupplementalGroupsPolicy(supplementalGroupsPolicy)
fn withSysctls(sysctls)
fn withSysctlsMixin(sysctls)
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.appArmorProfile
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seLinuxOptions
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seccompProfile
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.sysctls
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.windowsOptions
obj spec.provider.kubernetes.envoyDaemonSet.pod.tolerations
obj spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMaxSkew(maxSkew)
fn withMinDomains(minDomains)
fn withNodeAffinityPolicy(nodeAffinityPolicy)
fn withNodeTaintsPolicy(nodeTaintsPolicy)
fn withTopologyKey(topologyKey)
fn withWhenUnsatisfiable(whenUnsatisfiable)
obj spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes
fn withName(name)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.awsElasticBlockStore
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureDisk
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureFile
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cinder
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI
fn withDefaultMode(defaultMode)
fn withItems(items)
fn withItemsMixin(items)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.emptyDir
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate
fn withMetadata(metadata)
fn withMetadataMixin(metadata)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec
fn withAccessModes(accessModes)
fn withAccessModesMixin(accessModes)
fn withStorageClassName(storageClassName)
fn withVolumeAttributesClassName(volumeAttributesClassName)
fn withVolumeMode(volumeMode)
fn withVolumeName(volumeName)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flocker
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gcePersistentDisk
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gitRepo
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.glusterfs
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.hostPath
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.image
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi
fn withChapAuthDiscovery(chapAuthDiscovery)
fn withChapAuthSession(chapAuthSession)
fn withFsType(fsType)
fn withInitiatorName(initiatorName)
fn withIqn(iqn)
fn withIscsiInterface(iscsiInterface)
fn withLun(lun)
fn withPortals(portals)
fn withPortalsMixin(portals)
fn withReadOnly(readOnly)
fn withTargetPortal(targetPortal)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.secretRef
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.nfs
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.persistentVolumeClaim
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.photonPersistentDisk
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.portworxVolume
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected
fn withDefaultMode(defaultMode)
fn withSources(sources)
fn withSourcesMixin(sources)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle
fn withName(name)
fn withOptional(optional)
fn withPath(path)
fn withSignerName(signerName)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI
fn withItems(items)
fn withItemsMixin(items)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.serviceAccountToken
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.quobyte
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO
fn withFsType(fsType)
fn withGateway(gateway)
fn withProtectionDomain(protectionDomain)
fn withReadOnly(readOnly)
fn withSslEnabled(sslEnabled)
fn withStorageMode(storageMode)
fn withStoragePool(storagePool)
fn withSystem(system)
fn withVolumeName(volumeName)
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.secretRef
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.storageos
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.vsphereVolume
obj spec.provider.kubernetes.envoyDaemonSet.strategy
obj spec.provider.kubernetes.envoyDeployment
fn withInitContainers(initContainers)
fn withInitContainersMixin(initContainers)
fn withName(name)
fn withReplicas(replicas)
obj spec.provider.kubernetes.envoyDeployment.container
fn withEnv(env)
fn withEnvMixin(env)
fn withImage(image)
fn withVolumeMounts(volumeMounts)
fn withVolumeMountsMixin(volumeMounts)
obj spec.provider.kubernetes.envoyDeployment.container.env
fn withName(name)
fn withValue(value)
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.configMapKeyRef
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.fieldRef
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.resourceFieldRef
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.secretKeyRef
obj spec.provider.kubernetes.envoyDeployment.container.resources
obj spec.provider.kubernetes.envoyDeployment.container.securityContext
fn withAllowPrivilegeEscalation(allowPrivilegeEscalation)
fn withPrivileged(privileged)
fn withProcMount(procMount)
fn withReadOnlyRootFilesystem(readOnlyRootFilesystem)
fn withRunAsGroup(runAsGroup)
fn withRunAsNonRoot(runAsNonRoot)
fn withRunAsUser(runAsUser)
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.appArmorProfile
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.capabilities
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.seLinuxOptions
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.seccompProfile
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.windowsOptions
obj spec.provider.kubernetes.envoyDeployment.container.volumeMounts
obj spec.provider.kubernetes.envoyDeployment.initContainers
fn withArgs(args)
fn withArgsMixin(args)
fn withCommand(command)
fn withCommandMixin(command)
fn withEnv(env)
fn withEnvFrom(envFrom)
fn withEnvFromMixin(envFrom)
fn withEnvMixin(env)
fn withImage(image)
fn withImagePullPolicy(imagePullPolicy)
fn withName(name)
fn withPorts(ports)
fn withPortsMixin(ports)
fn withResizePolicy(resizePolicy)
fn withResizePolicyMixin(resizePolicy)
fn withRestartPolicy(restartPolicy)
fn withStdin(stdin)
fn withStdinOnce(stdinOnce)
fn withTerminationMessagePath(terminationMessagePath)
fn withTerminationMessagePolicy(terminationMessagePolicy)
fn withTty(tty)
fn withVolumeDevices(volumeDevices)
fn withVolumeDevicesMixin(volumeDevices)
fn withVolumeMounts(volumeMounts)
fn withVolumeMountsMixin(volumeMounts)
fn withWorkingDir(workingDir)
obj spec.provider.kubernetes.envoyDeployment.initContainers.env
fn withName(name)
fn withValue(value)
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.configMapKeyRef
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.fieldRef
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.resourceFieldRef
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.secretKeyRef
obj spec.provider.kubernetes.envoyDeployment.initContainers.envFrom
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.exec
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.sleep
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.tcpSocket
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.exec
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.sleep
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.tcpSocket
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe
fn withFailureThreshold(failureThreshold)
fn withInitialDelaySeconds(initialDelaySeconds)
fn withPeriodSeconds(periodSeconds)
fn withSuccessThreshold(successThreshold)
fn withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)
fn withTimeoutSeconds(timeoutSeconds)
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.exec
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.grpc
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.tcpSocket
obj spec.provider.kubernetes.envoyDeployment.initContainers.ports
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe
fn withFailureThreshold(failureThreshold)
fn withInitialDelaySeconds(initialDelaySeconds)
fn withPeriodSeconds(periodSeconds)
fn withSuccessThreshold(successThreshold)
fn withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)
fn withTimeoutSeconds(timeoutSeconds)
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.exec
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.grpc
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.tcpSocket
obj spec.provider.kubernetes.envoyDeployment.initContainers.resizePolicy
obj spec.provider.kubernetes.envoyDeployment.initContainers.resources
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext
fn withAllowPrivilegeEscalation(allowPrivilegeEscalation)
fn withPrivileged(privileged)
fn withProcMount(procMount)
fn withReadOnlyRootFilesystem(readOnlyRootFilesystem)
fn withRunAsGroup(runAsGroup)
fn withRunAsNonRoot(runAsNonRoot)
fn withRunAsUser(runAsUser)
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.appArmorProfile
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.capabilities
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seLinuxOptions
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seccompProfile
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.windowsOptions
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe
fn withFailureThreshold(failureThreshold)
fn withInitialDelaySeconds(initialDelaySeconds)
fn withPeriodSeconds(periodSeconds)
fn withSuccessThreshold(successThreshold)
fn withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)
fn withTimeoutSeconds(timeoutSeconds)
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.exec
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.grpc
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.tcpSocket
obj spec.provider.kubernetes.envoyDeployment.initContainers.volumeDevices
obj spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts
obj spec.provider.kubernetes.envoyDeployment.patch
obj spec.provider.kubernetes.envoyDeployment.pod
fn withAnnotations(annotations)
fn withAnnotationsMixin(annotations)
fn withImagePullSecrets(imagePullSecrets)
fn withImagePullSecretsMixin(imagePullSecrets)
fn withLabels(labels)
fn withLabelsMixin(labels)
fn withNodeSelector(nodeSelector)
fn withNodeSelectorMixin(nodeSelector)
fn withTolerations(tolerations)
fn withTolerationsMixin(tolerations)
fn withTopologySpreadConstraints(topologySpreadConstraints)
fn withTopologySpreadConstraintsMixin(topologySpreadConstraints)
fn withVolumes(volumes)
fn withVolumesMixin(volumes)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity
fn withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
fn withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution
fn withWeight(weight)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchFields(matchFields)
fn withMatchFieldsMixin(matchFields)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution
fn withNodeSelectorTerms(nodeSelectorTerms)
fn withNodeSelectorTermsMixin(nodeSelectorTerms)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchFields(matchFields)
fn withMatchFieldsMixin(matchFields)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity
fn withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
fn withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
fn withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)
fn withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution
fn withWeight(weight)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMismatchLabelKeys(mismatchLabelKeys)
fn withMismatchLabelKeysMixin(mismatchLabelKeys)
fn withNamespaces(namespaces)
fn withNamespacesMixin(namespaces)
fn withTopologyKey(topologyKey)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMismatchLabelKeys(mismatchLabelKeys)
fn withMismatchLabelKeysMixin(mismatchLabelKeys)
fn withNamespaces(namespaces)
fn withNamespacesMixin(namespaces)
fn withTopologyKey(topologyKey)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity
fn withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
fn withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
fn withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)
fn withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution
fn withWeight(weight)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMismatchLabelKeys(mismatchLabelKeys)
fn withMismatchLabelKeysMixin(mismatchLabelKeys)
fn withNamespaces(namespaces)
fn withNamespacesMixin(namespaces)
fn withTopologyKey(topologyKey)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMismatchLabelKeys(mismatchLabelKeys)
fn withMismatchLabelKeysMixin(mismatchLabelKeys)
fn withNamespaces(namespaces)
fn withNamespacesMixin(namespaces)
fn withTopologyKey(topologyKey)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector
fn withMatchExpressions(matchExpressions)
fn withMatchExpressionsMixin(matchExpressions)
fn withMatchLabels(matchLabels)
fn withMatchLabelsMixin(matchLabels)
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions
obj spec.provider.kubernetes.envoyDeployment.pod.imagePullSecrets
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext
fn withFsGroup(fsGroup)
fn withFsGroupChangePolicy(fsGroupChangePolicy)
fn withRunAsGroup(runAsGroup)
fn withRunAsNonRoot(runAsNonRoot)
fn withRunAsUser(runAsUser)
fn withSupplementalGroups(supplementalGroups)
fn withSupplementalGroupsMixin(supplementalGroups)
fn withSupplementalGroupsPolicy(supplementalGroupsPolicy)
fn withSysctls(sysctls)
fn withSysctlsMixin(sysctls)
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.appArmorProfile
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.seLinuxOptions
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.seccompProfile
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.sysctls
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.windowsOptions
obj spec.provider.kubernetes.envoyDeployment.pod.tolerations
obj spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints
fn withMatchLabelKeys(matchLabelKeys)
fn withMatchLabelKeysMixin(matchLabelKeys)
fn withMaxSkew(maxSkew)
fn withMinDomains(minDomains)
fn withNodeAffinityPolicy(nodeAffinityPolicy)
fn withNodeTaintsPolicy(nodeTaintsPolicy)
fn withTopologyKey(topologyKey)
fn withWhenUnsatisfiable(whenUnsatisfiable)
obj spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector
obj spec.provider.kubernetes.envoyDeployment.pod.volumes
fn withName(name)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.awsElasticBlockStore
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.azureDisk
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.azureFile
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.cinder
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.csi
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI
fn withDefaultMode(defaultMode)
fn withItems(items)
fn withItemsMixin(items)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.emptyDir
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate
fn withMetadata(metadata)
fn withMetadataMixin(metadata)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec
fn withAccessModes(accessModes)
fn withAccessModesMixin(accessModes)
fn withStorageClassName(storageClassName)
fn withVolumeAttributesClassName(volumeAttributesClassName)
fn withVolumeMode(volumeMode)
fn withVolumeName(volumeName)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.fc
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.flocker
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.gcePersistentDisk
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.gitRepo
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.glusterfs
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.hostPath
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.image
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi
fn withChapAuthDiscovery(chapAuthDiscovery)
fn withChapAuthSession(chapAuthSession)
fn withFsType(fsType)
fn withInitiatorName(initiatorName)
fn withIqn(iqn)
fn withIscsiInterface(iscsiInterface)
fn withLun(lun)
fn withPortals(portals)
fn withPortalsMixin(portals)
fn withReadOnly(readOnly)
fn withTargetPortal(targetPortal)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.secretRef
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.nfs
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.persistentVolumeClaim
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.photonPersistentDisk
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.portworxVolume
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected
fn withDefaultMode(defaultMode)
fn withSources(sources)
fn withSourcesMixin(sources)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle
fn withName(name)
fn withOptional(optional)
fn withPath(path)
fn withSignerName(signerName)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI
fn withItems(items)
fn withItemsMixin(items)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.serviceAccountToken
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.quobyte
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO
fn withFsType(fsType)
fn withGateway(gateway)
fn withProtectionDomain(protectionDomain)
fn withReadOnly(readOnly)
fn withSslEnabled(sslEnabled)
fn withStorageMode(storageMode)
fn withStoragePool(storagePool)
fn withSystem(system)
fn withVolumeName(volumeName)
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.secretRef
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.secret
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.storageos
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.vsphereVolume
obj spec.provider.kubernetes.envoyDeployment.strategy
obj spec.provider.kubernetes.envoyHpa
fn withMaxReplicas(maxReplicas)
fn withMetrics(metrics)
fn withMetricsMixin(metrics)
fn withMinReplicas(minReplicas)
obj spec.provider.kubernetes.envoyHpa.behavior
obj spec.provider.kubernetes.envoyHpa.metrics
fn withType(type)
obj spec.provider.kubernetes.envoyHpa.metrics.containerResource
obj spec.provider.kubernetes.envoyHpa.metrics.external
obj spec.provider.kubernetes.envoyHpa.metrics.external.metric
fn withName(name)
obj spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector
obj spec.provider.kubernetes.envoyHpa.metrics.external.target
obj spec.provider.kubernetes.envoyHpa.metrics.object
obj spec.provider.kubernetes.envoyHpa.metrics.object.describedObject
obj spec.provider.kubernetes.envoyHpa.metrics.object.metric
fn withName(name)
obj spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector
obj spec.provider.kubernetes.envoyHpa.metrics.object.target
obj spec.provider.kubernetes.envoyHpa.metrics.pods
obj spec.provider.kubernetes.envoyHpa.metrics.pods.metric
fn withName(name)
obj spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector
obj spec.provider.kubernetes.envoyHpa.metrics.pods.target
obj spec.provider.kubernetes.envoyHpa.metrics.resource
obj spec.provider.kubernetes.envoyPDB
obj spec.provider.kubernetes.envoyService
fn withAllocateLoadBalancerNodePorts(allocateLoadBalancerNodePorts)
fn withAnnotations(annotations)
fn withAnnotationsMixin(annotations)
fn withExternalTrafficPolicy(externalTrafficPolicy)
fn withLabels(labels)
fn withLabelsMixin(labels)
fn withLoadBalancerClass(loadBalancerClass)
fn withLoadBalancerIP(loadBalancerIP)
fn withLoadBalancerSourceRanges(loadBalancerSourceRanges)
fn withLoadBalancerSourceRangesMixin(loadBalancerSourceRanges)
fn withName(name)
fn withType(type)
obj spec.provider.kubernetes.envoyService.patch
obj spec.shutdown
obj spec.telemetry
obj spec.telemetry.accessLog
fn withDisable(disable)
fn withSettings(settings)
fn withSettingsMixin(settings)
obj spec.telemetry.accessLog.settings
fn withMatches(matches)
fn withMatchesMixin(matches)
fn withSinks(sinks)
fn withSinksMixin(sinks)
fn withType(type)
obj spec.telemetry.accessLog.settings.format
obj spec.telemetry.accessLog.settings.sinks
fn withType(type)
obj spec.telemetry.accessLog.settings.sinks.als
fn withBackendRefs(backendRefs)
fn withBackendRefsMixin(backendRefs)
fn withLogName(logName)
fn withType(type)
obj spec.telemetry.accessLog.settings.sinks.als.backendRef
obj spec.telemetry.accessLog.settings.sinks.als.backendRefs
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.circuitBreaker
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.connection
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.dns
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active
fn withHealthyThreshold(healthyThreshold)
fn withInterval(interval)
fn withTimeout(timeout)
fn withType(type)
fn withUnhealthyThreshold(unhealthyThreshold)
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.grpc
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive
fn withBaseEjectionTime(baseEjectionTime)
fn withConsecutive5XxErrors(consecutive5XxErrors)
fn withConsecutiveGatewayErrors(consecutiveGatewayErrors)
fn withConsecutiveLocalOriginFailures(consecutiveLocalOriginFailures)
fn withInterval(interval)
fn withMaxEjectionPercent(maxEjectionPercent)
fn withSplitExternalLocalOriginErrors(splitExternalLocalOriginErrors)
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.http2
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer
fn withType(type)
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.slowStart
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.proxyProtocol
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.tcpKeepalive
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.timeout
obj spec.telemetry.accessLog.settings.sinks.als.http
obj spec.telemetry.accessLog.settings.sinks.file
obj spec.telemetry.accessLog.settings.sinks.openTelemetry
fn withBackendRefs(backendRefs)
fn withBackendRefsMixin(backendRefs)
fn withHost(host)
fn withPort(port)
fn withResources(resources)
fn withResourcesMixin(resources)
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRef
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRefs
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.circuitBreaker
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.connection
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.dns
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active
fn withHealthyThreshold(healthyThreshold)
fn withInterval(interval)
fn withTimeout(timeout)
fn withType(type)
fn withUnhealthyThreshold(unhealthyThreshold)
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.grpc
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive
fn withBaseEjectionTime(baseEjectionTime)
fn withConsecutive5XxErrors(consecutive5XxErrors)
fn withConsecutiveGatewayErrors(consecutiveGatewayErrors)
fn withConsecutiveLocalOriginFailures(consecutiveLocalOriginFailures)
fn withInterval(interval)
fn withMaxEjectionPercent(maxEjectionPercent)
fn withSplitExternalLocalOriginErrors(splitExternalLocalOriginErrors)
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.http2
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer
fn withType(type)
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.slowStart
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.proxyProtocol
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.tcpKeepalive
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.timeout
obj spec.telemetry.metrics
fn withEnablePerEndpointStats(enablePerEndpointStats)
fn withEnableRequestResponseSizesStats(enableRequestResponseSizesStats)
fn withEnableVirtualHostStats(enableVirtualHostStats)
fn withMatches(matches)
fn withMatchesMixin(matches)
fn withSinks(sinks)
fn withSinksMixin(sinks)
obj spec.telemetry.metrics.matches
obj spec.telemetry.metrics.prometheus
obj spec.telemetry.metrics.sinks
fn withType(type)
obj spec.telemetry.metrics.sinks.openTelemetry
fn withBackendRefs(backendRefs)
fn withBackendRefsMixin(backendRefs)
fn withHost(host)
fn withPort(port)
obj spec.telemetry.metrics.sinks.openTelemetry.backendRef
obj spec.telemetry.metrics.sinks.openTelemetry.backendRefs
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.circuitBreaker
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.connection
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.dns
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active
fn withHealthyThreshold(healthyThreshold)
fn withInterval(interval)
fn withTimeout(timeout)
fn withType(type)
fn withUnhealthyThreshold(unhealthyThreshold)
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.grpc
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive
fn withBaseEjectionTime(baseEjectionTime)
fn withConsecutive5XxErrors(consecutive5XxErrors)
fn withConsecutiveGatewayErrors(consecutiveGatewayErrors)
fn withConsecutiveLocalOriginFailures(consecutiveLocalOriginFailures)
fn withInterval(interval)
fn withMaxEjectionPercent(maxEjectionPercent)
fn withSplitExternalLocalOriginErrors(splitExternalLocalOriginErrors)
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.http2
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer
fn withType(type)
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.slowStart
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.proxyProtocol
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.tcpKeepalive
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.timeout
obj spec.telemetry.tracing
fn withCustomTags(customTags)
fn withCustomTagsMixin(customTags)
fn withSamplingRate(samplingRate)
obj spec.telemetry.tracing.provider
fn withBackendRefs(backendRefs)
fn withBackendRefsMixin(backendRefs)
fn withHost(host)
fn withPort(port)
fn withType(type)
obj spec.telemetry.tracing.provider.backendRef
obj spec.telemetry.tracing.provider.backendRefs
obj spec.telemetry.tracing.provider.backendSettings
obj spec.telemetry.tracing.provider.backendSettings.circuitBreaker
obj spec.telemetry.tracing.provider.backendSettings.connection
obj spec.telemetry.tracing.provider.backendSettings.dns
obj spec.telemetry.tracing.provider.backendSettings.healthCheck
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active
fn withHealthyThreshold(healthyThreshold)
fn withInterval(interval)
fn withTimeout(timeout)
fn withType(type)
fn withUnhealthyThreshold(unhealthyThreshold)
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.grpc
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.passive
fn withBaseEjectionTime(baseEjectionTime)
fn withConsecutive5XxErrors(consecutive5XxErrors)
fn withConsecutiveGatewayErrors(consecutiveGatewayErrors)
fn withConsecutiveLocalOriginFailures(consecutiveLocalOriginFailures)
fn withInterval(interval)
fn withMaxEjectionPercent(maxEjectionPercent)
fn withSplitExternalLocalOriginErrors(splitExternalLocalOriginErrors)
obj spec.telemetry.tracing.provider.backendSettings.http2
obj spec.telemetry.tracing.provider.backendSettings.loadBalancer
fn withType(type)
obj spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash
obj spec.telemetry.tracing.provider.backendSettings.loadBalancer.slowStart
obj spec.telemetry.tracing.provider.backendSettings.proxyProtocol
obj spec.telemetry.tracing.provider.backendSettings.retry
obj spec.telemetry.tracing.provider.backendSettings.tcpKeepalive
obj spec.telemetry.tracing.provider.backendSettings.timeout
obj spec.telemetry.tracing.provider.zipkin
Fields
fn new
new(name)
new returns an instance of EnvoyProxy
obj metadata
"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create."
fn metadata.withAnnotations
withAnnotations(annotations)
"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"
fn metadata.withAnnotationsMixin
withAnnotationsMixin(annotations)
"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"
Note: This function appends passed data to existing values
fn metadata.withClusterName
withClusterName(clusterName)
"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request."
fn metadata.withCreationTimestamp
withCreationTimestamp(creationTimestamp)
"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."
fn metadata.withDeletionGracePeriodSeconds
withDeletionGracePeriodSeconds(deletionGracePeriodSeconds)
"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only."
fn metadata.withDeletionTimestamp
withDeletionTimestamp(deletionTimestamp)
"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."
fn metadata.withFinalizers
withFinalizers(finalizers)
"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."
fn metadata.withFinalizersMixin
withFinalizersMixin(finalizers)
"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."
Note: This function appends passed data to existing values
fn metadata.withGenerateName
withGenerateName(generateName)
"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"
fn metadata.withGeneration
withGeneration(generation)
"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only."
fn metadata.withLabels
withLabels(labels)
"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"
fn metadata.withLabelsMixin
withLabelsMixin(labels)
"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"
Note: This function appends passed data to existing values
fn metadata.withName
withName(name)
"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names"
fn metadata.withNamespace
withNamespace(namespace)
"Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces"
fn metadata.withOwnerReferences
withOwnerReferences(ownerReferences)
"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."
fn metadata.withOwnerReferencesMixin
withOwnerReferencesMixin(ownerReferences)
"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."
Note: This function appends passed data to existing values
fn metadata.withResourceVersion
withResourceVersion(resourceVersion)
"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"
fn metadata.withSelfLink
withSelfLink(selfLink)
"SelfLink is a URL representing this object. Populated by the system. Read-only.\n\nDEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release."
fn metadata.withUid
withUid(uid)
"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids"
obj spec
"EnvoyProxySpec defines the desired state of EnvoyProxy."
fn spec.withConcurrency
withConcurrency(concurrency)
"Concurrency defines the number of worker threads to run. If unset, it defaults to\nthe number of cpuset threads on the platform."
fn spec.withExtraArgs
withExtraArgs(extraArgs)
"ExtraArgs defines additional command line options that are provided to Envoy.\nMore info: https://www.envoyproxy.io/docs/envoy/latest/operations/cli#command-line-options\nNote: some command line options are used internally(e.g. --log-level) so they cannot be provided here."
fn spec.withExtraArgsMixin
withExtraArgsMixin(extraArgs)
"ExtraArgs defines additional command line options that are provided to Envoy.\nMore info: https://www.envoyproxy.io/docs/envoy/latest/operations/cli#command-line-options\nNote: some command line options are used internally(e.g. --log-level) so they cannot be provided here."
Note: This function appends passed data to existing values
fn spec.withFilterOrder
withFilterOrder(filterOrder)
"FilterOrder defines the order of filters in the Envoy proxy's HTTP filter chain.\nThe FilterPosition in the list will be applied in the order they are defined.\nIf unspecified, the default filter order is applied.\nDefault filter order is:\n\n- envoy.filters.http.health_check\n\n- envoy.filters.http.fault\n\n- envoy.filters.http.cors\n\n- envoy.filters.http.ext_authz\n\n- envoy.filters.http.basic_auth\n\n- envoy.filters.http.oauth2\n\n- envoy.filters.http.jwt_authn\n\n- envoy.filters.http.stateful_session\n\n- envoy.filters.http.ext_proc\n\n- envoy.filters.http.wasm\n\n- envoy.filters.http.rbac\n\n- envoy.filters.http.local_ratelimit\n\n- envoy.filters.http.ratelimit\n\n- envoy.filters.http.custom_response\n\n- envoy.filters.http.router\n\nNote: \"envoy.filters.http.router\" cannot be reordered, it's always the last filter in the chain."
fn spec.withFilterOrderMixin
withFilterOrderMixin(filterOrder)
"FilterOrder defines the order of filters in the Envoy proxy's HTTP filter chain.\nThe FilterPosition in the list will be applied in the order they are defined.\nIf unspecified, the default filter order is applied.\nDefault filter order is:\n\n- envoy.filters.http.health_check\n\n- envoy.filters.http.fault\n\n- envoy.filters.http.cors\n\n- envoy.filters.http.ext_authz\n\n- envoy.filters.http.basic_auth\n\n- envoy.filters.http.oauth2\n\n- envoy.filters.http.jwt_authn\n\n- envoy.filters.http.stateful_session\n\n- envoy.filters.http.ext_proc\n\n- envoy.filters.http.wasm\n\n- envoy.filters.http.rbac\n\n- envoy.filters.http.local_ratelimit\n\n- envoy.filters.http.ratelimit\n\n- envoy.filters.http.custom_response\n\n- envoy.filters.http.router\n\nNote: \"envoy.filters.http.router\" cannot be reordered, it's always the last filter in the chain."
Note: This function appends passed data to existing values
fn spec.withIpFamily
withIpFamily(ipFamily)
"IPFamily specifies the IP family for the EnvoyProxy fleet.\nThis setting only affects the Gateway listener port and does not impact\nother aspects of the Envoy proxy configuration.\nIf not specified, the system will operate as follows:\n- It defaults to IPv4 only.\n- IPv6 and dual-stack environments are not supported in this default configuration.\nNote: To enable IPv6 or dual-stack functionality, explicit configuration is required."
fn spec.withMergeGateways
withMergeGateways(mergeGateways)
"MergeGateways defines if Gateway resources should be merged onto the same Envoy Proxy Infrastructure.\nSetting this field to true would merge all Gateway Listeners under the parent Gateway Class.\nThis means that the port, protocol and hostname tuple must be unique for every listener.\nIf a duplicate listener is detected, the newer listener (based on timestamp) will be rejected and its status will be updated with a \"Accepted=False\" condition."
fn spec.withRoutingType
withRoutingType(routingType)
"RoutingType can be set to \"Service\" to use the Service Cluster IP for routing to the backend,\nor it can be set to \"Endpoint\" to use Endpoint routing. The default is \"Endpoint\"."
obj spec.backendTLS
"BackendTLS is the TLS configuration for the Envoy proxy to use when connecting to backends.\nThese settings are applied on backends for which TLS policies are specified."
fn spec.backendTLS.withAlpnProtocols
withAlpnProtocols(alpnProtocols)
"ALPNProtocols supplies the list of ALPN protocols that should be\nexposed by the listener. By default h2 and http/1.1 are enabled.\nSupported values are:\n- http/1.0\n- http/1.1\n- h2"
fn spec.backendTLS.withAlpnProtocolsMixin
withAlpnProtocolsMixin(alpnProtocols)
"ALPNProtocols supplies the list of ALPN protocols that should be\nexposed by the listener. By default h2 and http/1.1 are enabled.\nSupported values are:\n- http/1.0\n- http/1.1\n- h2"
Note: This function appends passed data to existing values
fn spec.backendTLS.withCiphers
withCiphers(ciphers)
"Ciphers specifies the set of cipher suites supported when\nnegotiating TLS 1.0 - 1.2. This setting has no effect for TLS 1.3.\nIn non-FIPS Envoy Proxy builds the default cipher list is:\n- [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\n- [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\n- ECDHE-ECDSA-AES256-GCM-SHA384\n- ECDHE-RSA-AES256-GCM-SHA384\nIn builds using BoringSSL FIPS the default cipher list is:\n- ECDHE-ECDSA-AES128-GCM-SHA256\n- ECDHE-RSA-AES128-GCM-SHA256\n- ECDHE-ECDSA-AES256-GCM-SHA384\n- ECDHE-RSA-AES256-GCM-SHA384"
fn spec.backendTLS.withCiphersMixin
withCiphersMixin(ciphers)
"Ciphers specifies the set of cipher suites supported when\nnegotiating TLS 1.0 - 1.2. This setting has no effect for TLS 1.3.\nIn non-FIPS Envoy Proxy builds the default cipher list is:\n- [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]\n- [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]\n- ECDHE-ECDSA-AES256-GCM-SHA384\n- ECDHE-RSA-AES256-GCM-SHA384\nIn builds using BoringSSL FIPS the default cipher list is:\n- ECDHE-ECDSA-AES128-GCM-SHA256\n- ECDHE-RSA-AES128-GCM-SHA256\n- ECDHE-ECDSA-AES256-GCM-SHA384\n- ECDHE-RSA-AES256-GCM-SHA384"
Note: This function appends passed data to existing values
fn spec.backendTLS.withEcdhCurves
withEcdhCurves(ecdhCurves)
"ECDHCurves specifies the set of supported ECDH curves.\nIn non-FIPS Envoy Proxy builds the default curves are:\n- X25519\n- P-256\nIn builds using BoringSSL FIPS the default curve is:\n- P-256"
fn spec.backendTLS.withEcdhCurvesMixin
withEcdhCurvesMixin(ecdhCurves)
"ECDHCurves specifies the set of supported ECDH curves.\nIn non-FIPS Envoy Proxy builds the default curves are:\n- X25519\n- P-256\nIn builds using BoringSSL FIPS the default curve is:\n- P-256"
Note: This function appends passed data to existing values
fn spec.backendTLS.withMaxVersion
withMaxVersion(maxVersion)
"Max specifies the maximal TLS protocol version to allow\nThe default is TLS 1.3 if this is not specified."
fn spec.backendTLS.withMinVersion
withMinVersion(minVersion)
"Min specifies the minimal TLS protocol version to allow.\nThe default is TLS 1.2 if this is not specified."
fn spec.backendTLS.withSignatureAlgorithms
withSignatureAlgorithms(signatureAlgorithms)
"SignatureAlgorithms specifies which signature algorithms the listener should\nsupport."
fn spec.backendTLS.withSignatureAlgorithmsMixin
withSignatureAlgorithmsMixin(signatureAlgorithms)
"SignatureAlgorithms specifies which signature algorithms the listener should\nsupport."
Note: This function appends passed data to existing values
obj spec.backendTLS.clientCertificateRef
"ClientCertificateRef defines the reference to a Kubernetes Secret that contains\nthe client certificate and private key for Envoy to use when connecting to\nbackend services and external services, such as ExtAuth, ALS, OpenTelemetry, etc.\nThis secret should be located within the same namespace as the Envoy proxy resource that references it."
fn spec.backendTLS.clientCertificateRef.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.backendTLS.clientCertificateRef.withKind
withKind(kind)
"Kind is kind of the referent. For example \"Secret\"."
fn spec.backendTLS.clientCertificateRef.withName
withName(name)
"Name is the name of the referent."
fn spec.backendTLS.clientCertificateRef.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the referenced object. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
obj spec.bootstrap
"Bootstrap defines the Envoy Bootstrap as a YAML string.\nVisit https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/bootstrap/v3/bootstrap.proto#envoy-v3-api-msg-config-bootstrap-v3-bootstrap\nto learn more about the syntax.\nIf set, this is the Bootstrap configuration used for the managed Envoy Proxy fleet instead of the default Bootstrap configuration\nset by Envoy Gateway.\nSome fields within the Bootstrap that are required to communicate with the xDS Server (Envoy Gateway) and receive xDS resources\nfrom it are not configurable and will result in the EnvoyProxy
resource being rejected.\nBackward compatibility across minor versions is not guaranteed.\nWe strongly recommend using egctl x translate
to generate a EnvoyProxy
resource with the Bootstrap
field set to the default\nBootstrap configuration used. You can edit this configuration, and rerun egctl x translate
to ensure there are no validation errors."
fn spec.bootstrap.withJsonPatches
withJsonPatches(jsonPatches)
"JSONPatches is an array of JSONPatches to be applied to the default bootstrap. Patches are\napplied in the order in which they are defined."
fn spec.bootstrap.withJsonPatchesMixin
withJsonPatchesMixin(jsonPatches)
"JSONPatches is an array of JSONPatches to be applied to the default bootstrap. Patches are\napplied in the order in which they are defined."
Note: This function appends passed data to existing values
fn spec.bootstrap.withType
withType(type)
"Type is the type of the bootstrap configuration, it should be either Replace, Merge, or JSONPatch.\nIf unspecified, it defaults to Replace."
fn spec.bootstrap.withValue
withValue(value)
"Value is a YAML string of the bootstrap."
obj spec.bootstrap.jsonPatches
"JSONPatches is an array of JSONPatches to be applied to the default bootstrap. Patches are\napplied in the order in which they are defined."
fn spec.bootstrap.jsonPatches.withFrom
withFrom(from)
"From is the source location of the value to be copied or moved. Only valid\nfor move or copy operations\nRefer to https://datatracker.ietf.org/doc/html/rfc6901 for more details."
fn spec.bootstrap.jsonPatches.withJsonPath
withJsonPath(jsonPath)
"JSONPath is a JSONPath expression. Refer to https://datatracker.ietf.org/doc/rfc9535/ for more details.\nIt produces one or more JSONPointer expressions based on the given JSON document.\nIf no JSONPointer is found, it will result in an error.\nIf the 'Path' property is also set, it will be appended to the resulting JSONPointer expressions from the JSONPath evaluation.\nThis is useful when creating a property that does not yet exist in the JSON document.\nThe final JSONPointer expressions specifies the locations in the target document/field where the operation will be applied."
fn spec.bootstrap.jsonPatches.withOp
withOp(op)
"Op is the type of operation to perform"
fn spec.bootstrap.jsonPatches.withPath
withPath(path)
"Path is a JSONPointer expression. Refer to https://datatracker.ietf.org/doc/html/rfc6901 for more details.\nIt specifies the location of the target document/field where the operation will be performed"
fn spec.bootstrap.jsonPatches.withValue
withValue(value)
"Value is the new value of the path location. The value is only used by\nthe add
and replace
operations."
obj spec.filterOrder
"FilterOrder defines the order of filters in the Envoy proxy's HTTP filter chain.\nThe FilterPosition in the list will be applied in the order they are defined.\nIf unspecified, the default filter order is applied.\nDefault filter order is:\n\n- envoy.filters.http.health_check\n\n- envoy.filters.http.fault\n\n- envoy.filters.http.cors\n\n- envoy.filters.http.ext_authz\n\n- envoy.filters.http.basic_auth\n\n- envoy.filters.http.oauth2\n\n- envoy.filters.http.jwt_authn\n\n- envoy.filters.http.stateful_session\n\n- envoy.filters.http.ext_proc\n\n- envoy.filters.http.wasm\n\n- envoy.filters.http.rbac\n\n- envoy.filters.http.local_ratelimit\n\n- envoy.filters.http.ratelimit\n\n- envoy.filters.http.custom_response\n\n- envoy.filters.http.router\n\nNote: \"envoy.filters.http.router\" cannot be reordered, it's always the last filter in the chain."
fn spec.filterOrder.withAfter
withAfter(after)
"After defines the filter that should come after the filter.\nOnly one of Before or After must be set."
fn spec.filterOrder.withBefore
withBefore(before)
"Before defines the filter that should come before the filter.\nOnly one of Before or After must be set."
fn spec.filterOrder.withName
withName(name)
"Name of the filter."
obj spec.logging
"Logging defines logging parameters for managed proxies."
fn spec.logging.withLevel
withLevel(level)
"Level is a map of logging level per component, where the component is the key\nand the log level is the value. If unspecified, defaults to \"default: warn\"."
fn spec.logging.withLevelMixin
withLevelMixin(level)
"Level is a map of logging level per component, where the component is the key\nand the log level is the value. If unspecified, defaults to \"default: warn\"."
Note: This function appends passed data to existing values
obj spec.provider
"Provider defines the desired resource provider and provider-specific configuration.\nIf unspecified, the \"Kubernetes\" resource provider is used with default configuration\nparameters."
fn spec.provider.withType
withType(type)
"Type is the type of resource provider to use. A resource provider provides\ninfrastructure resources for running the data plane, e.g. Envoy proxy, and\noptional auxiliary control planes. Supported types are \"Kubernetes\"."
obj spec.provider.kubernetes
"Kubernetes defines the desired state of the Kubernetes resource provider.\nKubernetes provides infrastructure resources for running the data plane,\ne.g. Envoy proxy. If unspecified and type is \"Kubernetes\", default settings\nfor managed Kubernetes resources are applied."
fn spec.provider.kubernetes.withUseListenerPortAsContainerPort
withUseListenerPortAsContainerPort(useListenerPortAsContainerPort)
"UseListenerPortAsContainerPort disables the port shifting feature in the Envoy Proxy.\nWhen set to false (default value), if the service port is a privileged port (1-1023), add a constant to the value converting it into an ephemeral port.\nThis allows the container to bind to the port without needing a CAP_NET_BIND_SERVICE capability."
obj spec.provider.kubernetes.envoyDaemonSet
"EnvoyDaemonSet defines the desired state of the Envoy daemonset resource.\nDisabled by default, a deployment resource is used instead to provision the Envoy Proxy fleet"
fn spec.provider.kubernetes.envoyDaemonSet.withName
withName(name)
"Name of the daemonSet.\nWhen unset, this defaults to an autogenerated name."
obj spec.provider.kubernetes.envoyDaemonSet.container
"Container defines the desired specification of main container."
fn spec.provider.kubernetes.envoyDaemonSet.container.withEnv
withEnv(env)
"List of environment variables to set in the container."
fn spec.provider.kubernetes.envoyDaemonSet.container.withEnvMixin
withEnvMixin(env)
"List of environment variables to set in the container."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.container.withImage
withImage(image)
"Image specifies the EnvoyProxy container image to be used, instead of the default image."
fn spec.provider.kubernetes.envoyDaemonSet.container.withVolumeMounts
withVolumeMounts(volumeMounts)
"VolumeMounts are volumes to mount into the container's filesystem.\nCannot be updated."
fn spec.provider.kubernetes.envoyDaemonSet.container.withVolumeMountsMixin
withVolumeMountsMixin(volumeMounts)
"VolumeMounts are volumes to mount into the container's filesystem.\nCannot be updated."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.container.env
"List of environment variables to set in the container."
fn spec.provider.kubernetes.envoyDaemonSet.container.env.withName
withName(name)
"Name of the environment variable. Must be a C_IDENTIFIER."
fn spec.provider.kubernetes.envoyDaemonSet.container.env.withValue
withValue(value)
"Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom
"Source for the environment variable's value. Cannot be used if value is not empty."
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.configMapKeyRef
"Selects a key of a ConfigMap."
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.configMapKeyRef.withKey
withKey(key)
"The key to select."
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.configMapKeyRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.configMapKeyRef.withOptional
withOptional(optional)
"Specify whether the ConfigMap or its key must be defined"
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.fieldRef
"Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>']
, metadata.annotations['<KEY>']
,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.fieldRef.withApiVersion
withApiVersion(apiVersion)
"Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.fieldRef.withFieldPath
withFieldPath(fieldPath)
"Path of the field to select in the specified API version."
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.resourceFieldRef
"Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.resourceFieldRef.withContainerName
withContainerName(containerName)
"Container name: required for volumes, optional for env vars"
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.resourceFieldRef.withDivisor
withDivisor(divisor)
"Specifies the output format of the exposed resources, defaults to \"1\
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.resourceFieldRef.withResource
withResource(resource)
"Required: resource to select"
obj spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.secretKeyRef
"Selects a key of a secret in the pod's namespace"
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.secretKeyRef.withKey
withKey(key)
"The key of the secret to select from. Must be a valid secret key."
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.secretKeyRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDaemonSet.container.env.valueFrom.secretKeyRef.withOptional
withOptional(optional)
"Specify whether the Secret or its key must be defined"
obj spec.provider.kubernetes.envoyDaemonSet.container.resources
"Resources required by this container.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDaemonSet.container.resources.withClaims
withClaims(claims)
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
fn spec.provider.kubernetes.envoyDaemonSet.container.resources.withClaimsMixin
withClaimsMixin(claims)
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.container.resources.withLimits
withLimits(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDaemonSet.container.resources.withLimitsMixin
withLimitsMixin(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.container.resources.withRequests
withRequests(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDaemonSet.container.resources.withRequestsMixin
withRequestsMixin(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.container.resources.claims
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
fn spec.provider.kubernetes.envoyDaemonSet.container.resources.claims.withName
withName(name)
"Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
fn spec.provider.kubernetes.envoyDaemonSet.container.resources.claims.withRequest
withRequest(request)
"Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request."
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext
"SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.withAllowPrivilegeEscalation
withAllowPrivilegeEscalation(allowPrivilegeEscalation)
"AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.withPrivileged
withPrivileged(privileged)
"Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.withProcMount
withProcMount(procMount)
"procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.withReadOnlyRootFilesystem
withReadOnlyRootFilesystem(readOnlyRootFilesystem)
"Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.withRunAsGroup
withRunAsGroup(runAsGroup)
"The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.withRunAsNonRoot
withRunAsNonRoot(runAsNonRoot)
"Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.withRunAsUser
withRunAsUser(runAsUser)
"The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.appArmorProfile
"appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.appArmorProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.appArmorProfile.withType
withType(type)
"type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.capabilities
"The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.capabilities.withAdd
withAdd(add)
"Added capabilities"
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.capabilities.withAddMixin
withAddMixin(add)
"Added capabilities"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.capabilities.withDrop
withDrop(drop)
"Removed capabilities"
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.capabilities.withDropMixin
withDropMixin(drop)
"Removed capabilities"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seLinuxOptions
"The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seLinuxOptions.withLevel
withLevel(level)
"Level is SELinux level label that applies to the container."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seLinuxOptions.withRole
withRole(role)
"Role is a SELinux role label that applies to the container."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seLinuxOptions.withType
withType(type)
"Type is a SELinux type label that applies to the container."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seLinuxOptions.withUser
withUser(user)
"User is a SELinux user label that applies to the container."
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seccompProfile
"The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seccompProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.seccompProfile.withType
withType(type)
"type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
obj spec.provider.kubernetes.envoyDaemonSet.container.securityContext.windowsOptions
"The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.windowsOptions.withGmsaCredentialSpec
withGmsaCredentialSpec(gmsaCredentialSpec)
"GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.windowsOptions.withGmsaCredentialSpecName
withGmsaCredentialSpecName(gmsaCredentialSpecName)
"GMSACredentialSpecName is the name of the GMSA credential spec to use."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.windowsOptions.withHostProcess
withHostProcess(hostProcess)
"HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
fn spec.provider.kubernetes.envoyDaemonSet.container.securityContext.windowsOptions.withRunAsUserName
withRunAsUserName(runAsUserName)
"The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
obj spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts
"VolumeMounts are volumes to mount into the container's filesystem.\nCannot be updated."
fn spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts.withMountPath
withMountPath(mountPath)
"Path within the container at which the volume should be mounted. Must\nnot contain ':'."
fn spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts.withMountPropagation
withMountPropagation(mountPropagation)
"mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)."
fn spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts.withName
withName(name)
"This must match the Name of a Volume."
fn spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts.withReadOnly
withReadOnly(readOnly)
"Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
fn spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts.withRecursiveReadOnly
withRecursiveReadOnly(recursiveReadOnly)
"RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled."
fn spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts.withSubPath
withSubPath(subPath)
"Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
fn spec.provider.kubernetes.envoyDaemonSet.container.volumeMounts.withSubPathExpr
withSubPathExpr(subPathExpr)
"Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
obj spec.provider.kubernetes.envoyDaemonSet.patch
"Patch defines how to perform the patch operation to daemonset"
fn spec.provider.kubernetes.envoyDaemonSet.patch.withType
withType(type)
"Type is the type of merge operation to perform\n\nBy default, StrategicMerge is used as the patch type."
fn spec.provider.kubernetes.envoyDaemonSet.patch.withValue
withValue(value)
"Object contains the raw configuration for merged object"
obj spec.provider.kubernetes.envoyDaemonSet.pod
"Pod defines the desired specification of pod."
fn spec.provider.kubernetes.envoyDaemonSet.pod.withAnnotations
withAnnotations(annotations)
"Annotations are the annotations that should be appended to the pods.\nBy default, no pod annotations are appended."
fn spec.provider.kubernetes.envoyDaemonSet.pod.withAnnotationsMixin
withAnnotationsMixin(annotations)
"Annotations are the annotations that should be appended to the pods.\nBy default, no pod annotations are appended."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.withImagePullSecrets
withImagePullSecrets(imagePullSecrets)
"ImagePullSecrets is an optional list of references to secrets\nin the same namespace to use for pulling any of the images used by this PodSpec.\nIf specified, these secrets will be passed to individual puller implementations for them to use.\nMore info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod"
fn spec.provider.kubernetes.envoyDaemonSet.pod.withImagePullSecretsMixin
withImagePullSecretsMixin(imagePullSecrets)
"ImagePullSecrets is an optional list of references to secrets\nin the same namespace to use for pulling any of the images used by this PodSpec.\nIf specified, these secrets will be passed to individual puller implementations for them to use.\nMore info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.withLabels
withLabels(labels)
"Labels are the additional labels that should be tagged to the pods.\nBy default, no additional pod labels are tagged."
fn spec.provider.kubernetes.envoyDaemonSet.pod.withLabelsMixin
withLabelsMixin(labels)
"Labels are the additional labels that should be tagged to the pods.\nBy default, no additional pod labels are tagged."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.withNodeSelector
withNodeSelector(nodeSelector)
"NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/"
fn spec.provider.kubernetes.envoyDaemonSet.pod.withNodeSelectorMixin
withNodeSelectorMixin(nodeSelector)
"NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.withTolerations
withTolerations(tolerations)
"If specified, the pod's tolerations."
fn spec.provider.kubernetes.envoyDaemonSet.pod.withTolerationsMixin
withTolerationsMixin(tolerations)
"If specified, the pod's tolerations."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.withTopologySpreadConstraints
withTopologySpreadConstraints(topologySpreadConstraints)
"TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.withTopologySpreadConstraintsMixin
withTopologySpreadConstraintsMixin(topologySpreadConstraints)
"TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.withVolumes
withVolumes(volumes)
"Volumes that can be mounted by containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes"
fn spec.provider.kubernetes.envoyDaemonSet.pod.withVolumesMixin
withVolumesMixin(volumes)
"Volumes that can be mounted by containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity
"If specified, the pod's scheduling constraints."
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity
"Describes node affinity scheduling rules for the pod."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.withPreferredDuringSchedulingIgnoredDuringExecution
withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin
withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.withWeight
withWeight(weight)
"Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100."
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference
"A node selector term, associated with the corresponding weight."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.withMatchExpressions
withMatchExpressions(matchExpressions)
"A list of node selector requirements by node's labels."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"A list of node selector requirements by node's labels."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.withMatchFields
withMatchFields(matchFields)
"A list of node selector requirements by node's fields."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.withMatchFieldsMixin
withMatchFieldsMixin(matchFields)
"A list of node selector requirements by node's fields."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions
"A list of node selector requirements by node's labels."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions.withKey
withKey(key)
"The label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions.withOperator
withOperator(operator)
"Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions.withValues
withValues(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions.withValuesMixin
withValuesMixin(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields
"A list of node selector requirements by node's fields."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields.withKey
withKey(key)
"The label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields.withOperator
withOperator(operator)
"Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields.withValues
withValues(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields.withValuesMixin
withValuesMixin(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution
"If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNodeSelectorTerms
withNodeSelectorTerms(nodeSelectorTerms)
"Required. A list of node selector terms. The terms are ORed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNodeSelectorTermsMixin
withNodeSelectorTermsMixin(nodeSelectorTerms)
"Required. A list of node selector terms. The terms are ORed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms
"Required. A list of node selector terms. The terms are ORed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.withMatchExpressions
withMatchExpressions(matchExpressions)
"A list of node selector requirements by node's labels."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"A list of node selector requirements by node's labels."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.withMatchFields
withMatchFields(matchFields)
"A list of node selector requirements by node's fields."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.withMatchFieldsMixin
withMatchFieldsMixin(matchFields)
"A list of node selector requirements by node's fields."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions
"A list of node selector requirements by node's labels."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions.withKey
withKey(key)
"The label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions.withOperator
withOperator(operator)
"Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions.withValues
withValues(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions.withValuesMixin
withValuesMixin(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields
"A list of node selector requirements by node's fields."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields.withKey
withKey(key)
"The label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields.withOperator
withOperator(operator)
"Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields.withValues
withValues(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields.withValuesMixin
withValuesMixin(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity
"Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.withPreferredDuringSchedulingIgnoredDuringExecution
withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin
withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.withRequiredDuringSchedulingIgnoredDuringExecution
withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)
"If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.withRequiredDuringSchedulingIgnoredDuringExecutionMixin
withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)
"If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.withWeight
withWeight(weight)
"weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm
"Required. A pod affinity term, associated with the corresponding weight."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMismatchLabelKeys
withMismatchLabelKeys(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMismatchLabelKeysMixin
withMismatchLabelKeysMixin(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withNamespaces
withNamespaces(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withNamespacesMixin
withNamespacesMixin(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withTopologyKey
withTopologyKey(topologyKey)
"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector
"A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector
"A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution
"If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMismatchLabelKeys
withMismatchLabelKeys(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMismatchLabelKeysMixin
withMismatchLabelKeysMixin(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNamespaces
withNamespaces(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNamespacesMixin
withNamespacesMixin(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withTopologyKey
withTopologyKey(topologyKey)
"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector
"A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector
"A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity
"Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.withPreferredDuringSchedulingIgnoredDuringExecution
withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin
withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.withRequiredDuringSchedulingIgnoredDuringExecution
withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)
"If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.withRequiredDuringSchedulingIgnoredDuringExecutionMixin
withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)
"If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.withWeight
withWeight(weight)
"weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm
"Required. A pod affinity term, associated with the corresponding weight."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMismatchLabelKeys
withMismatchLabelKeys(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMismatchLabelKeysMixin
withMismatchLabelKeysMixin(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withNamespaces
withNamespaces(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withNamespacesMixin
withNamespacesMixin(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withTopologyKey
withTopologyKey(topologyKey)
"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector
"A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector
"A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution
"If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMismatchLabelKeys
withMismatchLabelKeys(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMismatchLabelKeysMixin
withMismatchLabelKeysMixin(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNamespaces
withNamespaces(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNamespacesMixin
withNamespacesMixin(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withTopologyKey
withTopologyKey(topologyKey)
"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector
"A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector
"A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.imagePullSecrets
"ImagePullSecrets is an optional list of references to secrets\nin the same namespace to use for pulling any of the images used by this PodSpec.\nIf specified, these secrets will be passed to individual puller implementations for them to use.\nMore info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod"
fn spec.provider.kubernetes.envoyDaemonSet.pod.imagePullSecrets.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext
"SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withFsGroup
withFsGroup(fsGroup)
"A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withFsGroupChangePolicy
withFsGroupChangePolicy(fsGroupChangePolicy)
"fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withRunAsGroup
withRunAsGroup(runAsGroup)
"The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withRunAsNonRoot
withRunAsNonRoot(runAsNonRoot)
"Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withRunAsUser
withRunAsUser(runAsUser)
"The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withSupplementalGroups
withSupplementalGroups(supplementalGroups)
"A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withSupplementalGroupsMixin
withSupplementalGroupsMixin(supplementalGroups)
"A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withSupplementalGroupsPolicy
withSupplementalGroupsPolicy(supplementalGroupsPolicy)
"Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withSysctls
withSysctls(sysctls)
"Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.withSysctlsMixin
withSysctlsMixin(sysctls)
"Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.appArmorProfile
"appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.appArmorProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.appArmorProfile.withType
withType(type)
"type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seLinuxOptions
"The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seLinuxOptions.withLevel
withLevel(level)
"Level is SELinux level label that applies to the container."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seLinuxOptions.withRole
withRole(role)
"Role is a SELinux role label that applies to the container."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seLinuxOptions.withType
withType(type)
"Type is a SELinux type label that applies to the container."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seLinuxOptions.withUser
withUser(user)
"User is a SELinux user label that applies to the container."
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seccompProfile
"The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seccompProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.seccompProfile.withType
withType(type)
"type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.sysctls
"Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.sysctls.withName
withName(name)
"Name of a property to set"
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.sysctls.withValue
withValue(value)
"Value of a property to set"
obj spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.windowsOptions
"The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.windowsOptions.withGmsaCredentialSpec
withGmsaCredentialSpec(gmsaCredentialSpec)
"GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.windowsOptions.withGmsaCredentialSpecName
withGmsaCredentialSpecName(gmsaCredentialSpecName)
"GMSACredentialSpecName is the name of the GMSA credential spec to use."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.windowsOptions.withHostProcess
withHostProcess(hostProcess)
"HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
fn spec.provider.kubernetes.envoyDaemonSet.pod.securityContext.windowsOptions.withRunAsUserName
withRunAsUserName(runAsUserName)
"The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
obj spec.provider.kubernetes.envoyDaemonSet.pod.tolerations
"If specified, the pod's tolerations."
fn spec.provider.kubernetes.envoyDaemonSet.pod.tolerations.withEffect
withEffect(effect)
"Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute."
fn spec.provider.kubernetes.envoyDaemonSet.pod.tolerations.withKey
withKey(key)
"Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys."
fn spec.provider.kubernetes.envoyDaemonSet.pod.tolerations.withOperator
withOperator(operator)
"Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category."
fn spec.provider.kubernetes.envoyDaemonSet.pod.tolerations.withTolerationSeconds
withTolerationSeconds(tolerationSeconds)
"TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system."
fn spec.provider.kubernetes.envoyDaemonSet.pod.tolerations.withValue
withValue(value)
"Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string."
obj spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints
"TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.withMaxSkew
withMaxSkew(maxSkew)
"MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen whenUnsatisfiable=DoNotSchedule
, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen whenUnsatisfiable=ScheduleAnyway
, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.withMinDomains
withMinDomains(minDomains)
"MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.withNodeAffinityPolicy
withNodeAffinityPolicy(nodeAffinityPolicy)
"NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.withNodeTaintsPolicy
withNodeTaintsPolicy(nodeTaintsPolicy)
"NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.withTopologyKey
withTopologyKey(topologyKey)
"TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.withWhenUnsatisfiable
withWhenUnsatisfiable(whenUnsatisfiable)
"WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it more imbalanced.\nIt's a required field."
obj spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector
"LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.topologySpreadConstraints.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes
"Volumes that can be mounted by containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.withName
withName(name)
"name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.awsElasticBlockStore
"awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.awsElasticBlockStore.withFsType
withFsType(fsType)
"fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.awsElasticBlockStore.withPartition
withPartition(partition)
"partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.awsElasticBlockStore.withReadOnly
withReadOnly(readOnly)
"readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.awsElasticBlockStore.withVolumeID
withVolumeID(volumeID)
"volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureDisk
"azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureDisk.withCachingMode
withCachingMode(cachingMode)
"cachingMode is the Host Caching mode: None, Read Only, Read Write."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureDisk.withDiskName
withDiskName(diskName)
"diskName is the Name of the data disk in the blob storage"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureDisk.withDiskURI
withDiskURI(diskURI)
"diskURI is the URI of data disk in the blob storage"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureDisk.withFsType
withFsType(fsType)
"fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureDisk.withKind
withKind(kind)
"kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureDisk.withReadOnly
withReadOnly(readOnly)
"readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureFile
"azureFile represents an Azure File Service mount on the host and bind mount to the pod."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureFile.withReadOnly
withReadOnly(readOnly)
"readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureFile.withSecretName
withSecretName(secretName)
"secretName is the name of secret that contains Azure Storage Account Name and Key"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.azureFile.withShareName
withShareName(shareName)
"shareName is the azure share Name"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs
"cephFS represents a Ceph FS mount on the host that shares a pod's lifetime"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs.withMonitors
withMonitors(monitors)
"monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs.withMonitorsMixin
withMonitorsMixin(monitors)
"monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs.withPath
withPath(path)
"path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs.withReadOnly
withReadOnly(readOnly)
"readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs.withSecretFile
withSecretFile(secretFile)
"secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs.withUser
withUser(user)
"user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs.secretRef
"secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cephfs.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cinder
"cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cinder.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cinder.withReadOnly
withReadOnly(readOnly)
"readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cinder.withVolumeID
withVolumeID(volumeID)
"volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cinder.secretRef
"secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.cinder.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap
"configMap represents a configMap that should populate this volume"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.withDefaultMode
withDefaultMode(defaultMode)
"defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.withItems
withItems(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.withItemsMixin
withItemsMixin(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.withOptional
withOptional(optional)
"optional specify whether the ConfigMap or its keys must be defined"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.items
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.items.withKey
withKey(key)
"key is the key to project."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.items.withMode
withMode(mode)
"mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.configMap.items.withPath
withPath(path)
"path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi
"csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi.withDriver
withDriver(driver)
"driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi.withFsType
withFsType(fsType)
"fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi.withReadOnly
withReadOnly(readOnly)
"readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi.withVolumeAttributes
withVolumeAttributes(volumeAttributes)
"volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi.withVolumeAttributesMixin
withVolumeAttributesMixin(volumeAttributes)
"volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi.nodePublishSecretRef
"nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.csi.nodePublishSecretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI
"downwardAPI represents downward API about the pod that should populate this volume"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.withDefaultMode
withDefaultMode(defaultMode)
"Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.withItems
withItems(items)
"Items is a list of downward API volume file"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.withItemsMixin
withItemsMixin(items)
"Items is a list of downward API volume file"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items
"Items is a list of downward API volume file"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.withMode
withMode(mode)
"Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.withPath
withPath(path)
"Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.fieldRef
"Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.fieldRef.withApiVersion
withApiVersion(apiVersion)
"Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.fieldRef.withFieldPath
withFieldPath(fieldPath)
"Path of the field to select in the specified API version."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.resourceFieldRef
"Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.resourceFieldRef.withContainerName
withContainerName(containerName)
"Container name: required for volumes, optional for env vars"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.resourceFieldRef.withDivisor
withDivisor(divisor)
"Specifies the output format of the exposed resources, defaults to \"1\
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.downwardAPI.items.resourceFieldRef.withResource
withResource(resource)
"Required: resource to select"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.emptyDir
"emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.emptyDir.withMedium
withMedium(medium)
"medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.emptyDir.withSizeLimit
withSizeLimit(sizeLimit)
"sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral
"ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate
"Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be <pod name>-<volume name>
where\n<volume name>
is the name from the PodSpec.Volumes
array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill not be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.withMetadata
withMetadata(metadata)
"May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.withMetadataMixin
withMetadataMixin(metadata)
"May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec
"The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.withAccessModes
withAccessModes(accessModes)
"accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.withAccessModesMixin
withAccessModesMixin(accessModes)
"accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.withStorageClassName
withStorageClassName(storageClassName)
"storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.withVolumeAttributesClassName
withVolumeAttributesClassName(volumeAttributesClassName)
"volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.withVolumeMode
withVolumeMode(volumeMode)
"volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.withVolumeName
withVolumeName(volumeName)
"volumeName is the binding reference to the PersistentVolume backing this claim."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource
"dataSource field can be used to specify either:\n An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource.withApiGroup
withApiGroup(apiGroup)
"APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource.withKind
withKind(kind)
"Kind is the type of resource being referenced"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource.withName
withName(name)
"Name is the name of resource being referenced"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef
"dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef.withApiGroup
withApiGroup(apiGroup)
"APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef.withKind
withKind(kind)
"Kind is the type of resource being referenced"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef.withName
withName(name)
"Name is the name of resource being referenced"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef.withNamespace
withNamespace(namespace)
"Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources
"resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources.withLimits
withLimits(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources.withLimitsMixin
withLimitsMixin(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources.withRequests
withRequests(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources.withRequestsMixin
withRequestsMixin(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector
"selector is a label query over volumes to consider for binding."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc
"fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc.withLun
withLun(lun)
"lun is Optional: FC target lun number"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc.withReadOnly
withReadOnly(readOnly)
"readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc.withTargetWWNs
withTargetWWNs(targetWWNs)
"targetWWNs is Optional: FC target worldwide names (WWNs)"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc.withTargetWWNsMixin
withTargetWWNsMixin(targetWWNs)
"targetWWNs is Optional: FC target worldwide names (WWNs)"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc.withWwids
withWwids(wwids)
"wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.fc.withWwidsMixin
withWwidsMixin(wwids)
"wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume
"flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume.withDriver
withDriver(driver)
"driver is the name of the driver to use for this volume."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume.withOptions
withOptions(options)
"options is Optional: this field holds extra command options if any."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume.withOptionsMixin
withOptionsMixin(options)
"options is Optional: this field holds extra command options if any."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume.withReadOnly
withReadOnly(readOnly)
"readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume.secretRef
"secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flexVolume.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flocker
"flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flocker.withDatasetName
withDatasetName(datasetName)
"datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.flocker.withDatasetUUID
withDatasetUUID(datasetUUID)
"datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gcePersistentDisk
"gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gcePersistentDisk.withFsType
withFsType(fsType)
"fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gcePersistentDisk.withPartition
withPartition(partition)
"partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gcePersistentDisk.withPdName
withPdName(pdName)
"pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gcePersistentDisk.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gitRepo
"gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gitRepo.withDirectory
withDirectory(directory)
"directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gitRepo.withRepository
withRepository(repository)
"repository is the URL"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.gitRepo.withRevision
withRevision(revision)
"revision is the commit hash for the specified revision."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.glusterfs
"glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.glusterfs.withEndpoints
withEndpoints(endpoints)
"endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.glusterfs.withPath
withPath(path)
"path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.glusterfs.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.hostPath
"hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.hostPath.withPath
withPath(path)
"path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.hostPath.withType
withType(type)
"type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.image
"image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.image.withPullPolicy
withPullPolicy(pullPolicy)
"Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.image.withReference
withReference(reference)
"Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi
"iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withChapAuthDiscovery
withChapAuthDiscovery(chapAuthDiscovery)
"chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withChapAuthSession
withChapAuthSession(chapAuthSession)
"chapAuthSession defines whether support iSCSI Session CHAP authentication"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withFsType
withFsType(fsType)
"fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withInitiatorName
withInitiatorName(initiatorName)
"initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withIqn
withIqn(iqn)
"iqn is the target iSCSI Qualified Name."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withIscsiInterface
withIscsiInterface(iscsiInterface)
"iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withLun
withLun(lun)
"lun represents iSCSI Target Lun number."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withPortals
withPortals(portals)
"portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withPortalsMixin
withPortalsMixin(portals)
"portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.withTargetPortal
withTargetPortal(targetPortal)
"targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.secretRef
"secretRef is the CHAP Secret for iSCSI target and initiator authentication"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.iscsi.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.nfs
"nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.nfs.withPath
withPath(path)
"path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.nfs.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.nfs.withServer
withServer(server)
"server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.persistentVolumeClaim
"persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.persistentVolumeClaim.withClaimName
withClaimName(claimName)
"claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.persistentVolumeClaim.withReadOnly
withReadOnly(readOnly)
"readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.photonPersistentDisk
"photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.photonPersistentDisk.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.photonPersistentDisk.withPdID
withPdID(pdID)
"pdID is the ID that identifies Photon Controller persistent disk"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.portworxVolume
"portworxVolume represents a portworx volume attached and mounted on kubelets host machine"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.portworxVolume.withFsType
withFsType(fsType)
"fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.portworxVolume.withReadOnly
withReadOnly(readOnly)
"readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.portworxVolume.withVolumeID
withVolumeID(volumeID)
"volumeID uniquely identifies a Portworx volume"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected
"projected items for all in one resources secrets, configmaps, and downward API"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.withDefaultMode
withDefaultMode(defaultMode)
"defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.withSources
withSources(sources)
"sources is the list of volume projections. Each entry in this list\nhandles one source."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.withSourcesMixin
withSourcesMixin(sources)
"sources is the list of volume projections. Each entry in this list\nhandles one source."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources
"sources is the list of volume projections. Each entry in this list\nhandles one source."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle
"ClusterTrustBundle allows a pod to access the .spec.trustBundle
field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.withName
withName(name)
"Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.withOptional
withOptional(optional)
"If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.withPath
withPath(path)
"Relative path from the volume root to write the bundle."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.withSignerName
withSignerName(signerName)
"Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector
"Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap
"configMap information about the configMap data to project"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap.withItems
withItems(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap.withItemsMixin
withItemsMixin(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap.withOptional
withOptional(optional)
"optional specify whether the ConfigMap or its keys must be defined"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap.items
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap.items.withKey
withKey(key)
"key is the key to project."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap.items.withMode
withMode(mode)
"mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.configMap.items.withPath
withPath(path)
"path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI
"downwardAPI information about the downwardAPI data to project"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.withItems
withItems(items)
"Items is a list of DownwardAPIVolume file"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.withItemsMixin
withItemsMixin(items)
"Items is a list of DownwardAPIVolume file"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items
"Items is a list of DownwardAPIVolume file"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.withMode
withMode(mode)
"Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.withPath
withPath(path)
"Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.fieldRef
"Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.fieldRef.withApiVersion
withApiVersion(apiVersion)
"Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.fieldRef.withFieldPath
withFieldPath(fieldPath)
"Path of the field to select in the specified API version."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.resourceFieldRef
"Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.resourceFieldRef.withContainerName
withContainerName(containerName)
"Container name: required for volumes, optional for env vars"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.resourceFieldRef.withDivisor
withDivisor(divisor)
"Specifies the output format of the exposed resources, defaults to \"1\
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.downwardAPI.items.resourceFieldRef.withResource
withResource(resource)
"Required: resource to select"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret
"secret information about the secret data to project"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret.withItems
withItems(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret.withItemsMixin
withItemsMixin(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret.withOptional
withOptional(optional)
"optional field specify whether the Secret or its key must be defined"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret.items
"items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret.items.withKey
withKey(key)
"key is the key to project."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret.items.withMode
withMode(mode)
"mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.secret.items.withPath
withPath(path)
"path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.serviceAccountToken
"serviceAccountToken is information about the serviceAccountToken data to project"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.serviceAccountToken.withAudience
withAudience(audience)
"audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.serviceAccountToken.withExpirationSeconds
withExpirationSeconds(expirationSeconds)
"expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.projected.sources.serviceAccountToken.withPath
withPath(path)
"path is the path relative to the mount point of the file to project the\ntoken into."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.quobyte
"quobyte represents a Quobyte mount on the host that shares a pod's lifetime"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.quobyte.withGroup
withGroup(group)
"group to map volume access to\nDefault is no group"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.quobyte.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.quobyte.withRegistry
withRegistry(registry)
"registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.quobyte.withTenant
withTenant(tenant)
"tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.quobyte.withUser
withUser(user)
"user to map volume access to\nDefaults to serivceaccount user"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.quobyte.withVolume
withVolume(volume)
"volume is a string that references an already created Quobyte volume by name."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd
"rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.withFsType
withFsType(fsType)
"fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.withImage
withImage(image)
"image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.withKeyring
withKeyring(keyring)
"keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.withMonitors
withMonitors(monitors)
"monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.withMonitorsMixin
withMonitorsMixin(monitors)
"monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.withPool
withPool(pool)
"pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.withUser
withUser(user)
"user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.secretRef
"secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.rbd.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO
"scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withGateway
withGateway(gateway)
"gateway is the host address of the ScaleIO API Gateway."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withProtectionDomain
withProtectionDomain(protectionDomain)
"protectionDomain is the name of the ScaleIO Protection Domain for the configured storage."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withReadOnly
withReadOnly(readOnly)
"readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withSslEnabled
withSslEnabled(sslEnabled)
"sslEnabled Flag enable/disable SSL communication with Gateway, default false"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withStorageMode
withStorageMode(storageMode)
"storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withStoragePool
withStoragePool(storagePool)
"storagePool is the ScaleIO Storage Pool associated with the protection domain."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withSystem
withSystem(system)
"system is the name of the storage system as configured in ScaleIO."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.withVolumeName
withVolumeName(volumeName)
"volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.secretRef
"secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.scaleIO.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret
"secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.withDefaultMode
withDefaultMode(defaultMode)
"defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.withItems
withItems(items)
"items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.withItemsMixin
withItemsMixin(items)
"items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.withOptional
withOptional(optional)
"optional field specify whether the Secret or its keys must be defined"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.withSecretName
withSecretName(secretName)
"secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.items
"items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.items.withKey
withKey(key)
"key is the key to project."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.items.withMode
withMode(mode)
"mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.secret.items.withPath
withPath(path)
"path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.storageos
"storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.storageos.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.storageos.withReadOnly
withReadOnly(readOnly)
"readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.storageos.withVolumeName
withVolumeName(volumeName)
"volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.storageos.withVolumeNamespace
withVolumeNamespace(volumeNamespace)
"volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created."
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.storageos.secretRef
"secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.storageos.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDaemonSet.pod.volumes.vsphereVolume
"vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine"
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.vsphereVolume.withFsType
withFsType(fsType)
"fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.vsphereVolume.withStoragePolicyID
withStoragePolicyID(storagePolicyID)
"storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.vsphereVolume.withStoragePolicyName
withStoragePolicyName(storagePolicyName)
"storagePolicyName is the storage Policy Based Management (SPBM) profile name."
fn spec.provider.kubernetes.envoyDaemonSet.pod.volumes.vsphereVolume.withVolumePath
withVolumePath(volumePath)
"volumePath is the path that identifies vSphere volume vmdk"
obj spec.provider.kubernetes.envoyDaemonSet.strategy
"The daemonset strategy to use to replace existing pods with new ones."
fn spec.provider.kubernetes.envoyDaemonSet.strategy.withType
withType(type)
"Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is RollingUpdate."
obj spec.provider.kubernetes.envoyDaemonSet.strategy.rollingUpdate
"Rolling update config params. Present only if type = \"RollingUpdate\"."
fn spec.provider.kubernetes.envoyDaemonSet.strategy.rollingUpdate.withMaxSurge
withMaxSurge(maxSurge)
"The maximum number of nodes with an existing available DaemonSet pod that\ncan have an updated DaemonSet pod during during an update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up to a minimum of 1.\nDefault value is 0.\nExample: when this is set to 30%, at most 30% of the total number of nodes\nthat should be running the daemon pod (i.e. status.desiredNumberScheduled)\ncan have their a new pod created before the old pod is marked as deleted.\nThe update starts by launching new pods on 30% of nodes. Once an updated\npod is available (Ready for at least minReadySeconds) the old DaemonSet pod\non that node is marked deleted. If the old pod becomes unavailable for any\nreason (Ready transitions to false, is evicted, or is drained) an updated\npod is immediatedly created on that node without considering surge limits.\nAllowing surge implies the possibility that the resources consumed by the\ndaemonset on any given node can double if the readiness check fails, and\nso resource intensive daemonsets should take into account that they may\ncause evictions during disruption."
fn spec.provider.kubernetes.envoyDaemonSet.strategy.rollingUpdate.withMaxUnavailable
withMaxUnavailable(maxUnavailable)
"The maximum number of DaemonSet pods that can be unavailable during the\nupdate. Value can be an absolute number (ex: 5) or a percentage of total\nnumber of DaemonSet pods at the start of the update (ex: 10%). Absolute\nnumber is calculated from percentage by rounding up.\nThis cannot be 0 if MaxSurge is 0\nDefault value is 1.\nExample: when this is set to 30%, at most 30% of the total number of nodes\nthat should be running the daemon pod (i.e. status.desiredNumberScheduled)\ncan have their pods stopped for an update at any given time. The update\nstarts by stopping at most 30% of those DaemonSet pods and then brings\nup new DaemonSet pods in their place. Once the new pods are available,\nit then proceeds onto other DaemonSet pods, thus ensuring that at least\n70% of original number of DaemonSet pods are available at all times during\nthe update."
obj spec.provider.kubernetes.envoyDeployment
"EnvoyDeployment defines the desired state of the Envoy deployment resource.\nIf unspecified, default settings for the managed Envoy deployment resource\nare applied."
fn spec.provider.kubernetes.envoyDeployment.withInitContainers
withInitContainers(initContainers)
"List of initialization containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/"
fn spec.provider.kubernetes.envoyDeployment.withInitContainersMixin
withInitContainersMixin(initContainers)
"List of initialization containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.withName
withName(name)
"Name of the deployment.\nWhen unset, this defaults to an autogenerated name."
fn spec.provider.kubernetes.envoyDeployment.withReplicas
withReplicas(replicas)
"Replicas is the number of desired pods. Defaults to 1."
obj spec.provider.kubernetes.envoyDeployment.container
"Container defines the desired specification of main container."
fn spec.provider.kubernetes.envoyDeployment.container.withEnv
withEnv(env)
"List of environment variables to set in the container."
fn spec.provider.kubernetes.envoyDeployment.container.withEnvMixin
withEnvMixin(env)
"List of environment variables to set in the container."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.container.withImage
withImage(image)
"Image specifies the EnvoyProxy container image to be used, instead of the default image."
fn spec.provider.kubernetes.envoyDeployment.container.withVolumeMounts
withVolumeMounts(volumeMounts)
"VolumeMounts are volumes to mount into the container's filesystem.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.container.withVolumeMountsMixin
withVolumeMountsMixin(volumeMounts)
"VolumeMounts are volumes to mount into the container's filesystem.\nCannot be updated."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.container.env
"List of environment variables to set in the container."
fn spec.provider.kubernetes.envoyDeployment.container.env.withName
withName(name)
"Name of the environment variable. Must be a C_IDENTIFIER."
fn spec.provider.kubernetes.envoyDeployment.container.env.withValue
withValue(value)
"Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom
"Source for the environment variable's value. Cannot be used if value is not empty."
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.configMapKeyRef
"Selects a key of a ConfigMap."
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.configMapKeyRef.withKey
withKey(key)
"The key to select."
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.configMapKeyRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.configMapKeyRef.withOptional
withOptional(optional)
"Specify whether the ConfigMap or its key must be defined"
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.fieldRef
"Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>']
, metadata.annotations['<KEY>']
,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.fieldRef.withApiVersion
withApiVersion(apiVersion)
"Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.fieldRef.withFieldPath
withFieldPath(fieldPath)
"Path of the field to select in the specified API version."
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.resourceFieldRef
"Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.resourceFieldRef.withContainerName
withContainerName(containerName)
"Container name: required for volumes, optional for env vars"
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.resourceFieldRef.withDivisor
withDivisor(divisor)
"Specifies the output format of the exposed resources, defaults to \"1\
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.resourceFieldRef.withResource
withResource(resource)
"Required: resource to select"
obj spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.secretKeyRef
"Selects a key of a secret in the pod's namespace"
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.secretKeyRef.withKey
withKey(key)
"The key of the secret to select from. Must be a valid secret key."
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.secretKeyRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.container.env.valueFrom.secretKeyRef.withOptional
withOptional(optional)
"Specify whether the Secret or its key must be defined"
obj spec.provider.kubernetes.envoyDeployment.container.resources
"Resources required by this container.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDeployment.container.resources.withClaims
withClaims(claims)
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
fn spec.provider.kubernetes.envoyDeployment.container.resources.withClaimsMixin
withClaimsMixin(claims)
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.container.resources.withLimits
withLimits(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDeployment.container.resources.withLimitsMixin
withLimitsMixin(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.container.resources.withRequests
withRequests(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDeployment.container.resources.withRequestsMixin
withRequestsMixin(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.container.resources.claims
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
fn spec.provider.kubernetes.envoyDeployment.container.resources.claims.withName
withName(name)
"Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
fn spec.provider.kubernetes.envoyDeployment.container.resources.claims.withRequest
withRequest(request)
"Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request."
obj spec.provider.kubernetes.envoyDeployment.container.securityContext
"SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.withAllowPrivilegeEscalation
withAllowPrivilegeEscalation(allowPrivilegeEscalation)
"AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.withPrivileged
withPrivileged(privileged)
"Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.withProcMount
withProcMount(procMount)
"procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.withReadOnlyRootFilesystem
withReadOnlyRootFilesystem(readOnlyRootFilesystem)
"Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.withRunAsGroup
withRunAsGroup(runAsGroup)
"The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.withRunAsNonRoot
withRunAsNonRoot(runAsNonRoot)
"Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.withRunAsUser
withRunAsUser(runAsUser)
"The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.appArmorProfile
"appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.appArmorProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.appArmorProfile.withType
withType(type)
"type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.capabilities
"The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.capabilities.withAdd
withAdd(add)
"Added capabilities"
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.capabilities.withAddMixin
withAddMixin(add)
"Added capabilities"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.capabilities.withDrop
withDrop(drop)
"Removed capabilities"
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.capabilities.withDropMixin
withDropMixin(drop)
"Removed capabilities"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.seLinuxOptions
"The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.seLinuxOptions.withLevel
withLevel(level)
"Level is SELinux level label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.seLinuxOptions.withRole
withRole(role)
"Role is a SELinux role label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.seLinuxOptions.withType
withType(type)
"Type is a SELinux type label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.seLinuxOptions.withUser
withUser(user)
"User is a SELinux user label that applies to the container."
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.seccompProfile
"The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.seccompProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.seccompProfile.withType
withType(type)
"type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
obj spec.provider.kubernetes.envoyDeployment.container.securityContext.windowsOptions
"The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.windowsOptions.withGmsaCredentialSpec
withGmsaCredentialSpec(gmsaCredentialSpec)
"GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.windowsOptions.withGmsaCredentialSpecName
withGmsaCredentialSpecName(gmsaCredentialSpecName)
"GMSACredentialSpecName is the name of the GMSA credential spec to use."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.windowsOptions.withHostProcess
withHostProcess(hostProcess)
"HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
fn spec.provider.kubernetes.envoyDeployment.container.securityContext.windowsOptions.withRunAsUserName
withRunAsUserName(runAsUserName)
"The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
obj spec.provider.kubernetes.envoyDeployment.container.volumeMounts
"VolumeMounts are volumes to mount into the container's filesystem.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.container.volumeMounts.withMountPath
withMountPath(mountPath)
"Path within the container at which the volume should be mounted. Must\nnot contain ':'."
fn spec.provider.kubernetes.envoyDeployment.container.volumeMounts.withMountPropagation
withMountPropagation(mountPropagation)
"mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)."
fn spec.provider.kubernetes.envoyDeployment.container.volumeMounts.withName
withName(name)
"This must match the Name of a Volume."
fn spec.provider.kubernetes.envoyDeployment.container.volumeMounts.withReadOnly
withReadOnly(readOnly)
"Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
fn spec.provider.kubernetes.envoyDeployment.container.volumeMounts.withRecursiveReadOnly
withRecursiveReadOnly(recursiveReadOnly)
"RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled."
fn spec.provider.kubernetes.envoyDeployment.container.volumeMounts.withSubPath
withSubPath(subPath)
"Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
fn spec.provider.kubernetes.envoyDeployment.container.volumeMounts.withSubPathExpr
withSubPathExpr(subPathExpr)
"Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
obj spec.provider.kubernetes.envoyDeployment.initContainers
"List of initialization containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/"
fn spec.provider.kubernetes.envoyDeployment.initContainers.withArgs
withArgs(args)
"Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
fn spec.provider.kubernetes.envoyDeployment.initContainers.withArgsMixin
withArgsMixin(args)
"Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.withCommand
withCommand(command)
"Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
fn spec.provider.kubernetes.envoyDeployment.initContainers.withCommandMixin
withCommandMixin(command)
"Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.withEnv
withEnv(env)
"List of environment variables to set in the container.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withEnvFrom
withEnvFrom(envFrom)
"List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withEnvFromMixin
withEnvFromMixin(envFrom)
"List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.withEnvMixin
withEnvMixin(env)
"List of environment variables to set in the container.\nCannot be updated."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.withImage
withImage(image)
"Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withImagePullPolicy
withImagePullPolicy(imagePullPolicy)
"Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images"
fn spec.provider.kubernetes.envoyDeployment.initContainers.withName
withName(name)
"Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withPorts
withPorts(ports)
"List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withPortsMixin
withPortsMixin(ports)
"List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.withResizePolicy
withResizePolicy(resizePolicy)
"Resources resize policy for the container."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withResizePolicyMixin
withResizePolicyMixin(resizePolicy)
"Resources resize policy for the container."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.withRestartPolicy
withRestartPolicy(restartPolicy)
"RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withStdin
withStdin(stdin)
"Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withStdinOnce
withStdinOnce(stdinOnce)
"Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false"
fn spec.provider.kubernetes.envoyDeployment.initContainers.withTerminationMessagePath
withTerminationMessagePath(terminationMessagePath)
"Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withTerminationMessagePolicy
withTerminationMessagePolicy(terminationMessagePolicy)
"Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withTty
withTty(tty)
"Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withVolumeDevices
withVolumeDevices(volumeDevices)
"volumeDevices is the list of block devices to be used by the container."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withVolumeDevicesMixin
withVolumeDevicesMixin(volumeDevices)
"volumeDevices is the list of block devices to be used by the container."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.withVolumeMounts
withVolumeMounts(volumeMounts)
"Pod volumes to mount into the container's filesystem.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.withVolumeMountsMixin
withVolumeMountsMixin(volumeMounts)
"Pod volumes to mount into the container's filesystem.\nCannot be updated."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.withWorkingDir
withWorkingDir(workingDir)
"Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated."
obj spec.provider.kubernetes.envoyDeployment.initContainers.env
"List of environment variables to set in the container.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.withName
withName(name)
"Name of the environment variable. Must be a C_IDENTIFIER."
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.withValue
withValue(value)
"Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"."
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom
"Source for the environment variable's value. Cannot be used if value is not empty."
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.configMapKeyRef
"Selects a key of a ConfigMap."
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.configMapKeyRef.withKey
withKey(key)
"The key to select."
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.configMapKeyRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.configMapKeyRef.withOptional
withOptional(optional)
"Specify whether the ConfigMap or its key must be defined"
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.fieldRef
"Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>']
, metadata.annotations['<KEY>']
,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.fieldRef.withApiVersion
withApiVersion(apiVersion)
"Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.fieldRef.withFieldPath
withFieldPath(fieldPath)
"Path of the field to select in the specified API version."
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.resourceFieldRef
"Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.resourceFieldRef.withContainerName
withContainerName(containerName)
"Container name: required for volumes, optional for env vars"
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.resourceFieldRef.withDivisor
withDivisor(divisor)
"Specifies the output format of the exposed resources, defaults to \"1\
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.resourceFieldRef.withResource
withResource(resource)
"Required: resource to select"
obj spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.secretKeyRef
"Selects a key of a secret in the pod's namespace"
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.secretKeyRef.withKey
withKey(key)
"The key of the secret to select from. Must be a valid secret key."
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.secretKeyRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.initContainers.env.valueFrom.secretKeyRef.withOptional
withOptional(optional)
"Specify whether the Secret or its key must be defined"
obj spec.provider.kubernetes.envoyDeployment.initContainers.envFrom
"List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.envFrom.withPrefix
withPrefix(prefix)
"An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER."
obj spec.provider.kubernetes.envoyDeployment.initContainers.envFrom.configMapRef
"The ConfigMap to select from"
fn spec.provider.kubernetes.envoyDeployment.initContainers.envFrom.configMapRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.initContainers.envFrom.configMapRef.withOptional
withOptional(optional)
"Specify whether the ConfigMap must be defined"
obj spec.provider.kubernetes.envoyDeployment.initContainers.envFrom.secretRef
"The Secret to select from"
fn spec.provider.kubernetes.envoyDeployment.initContainers.envFrom.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.initContainers.envFrom.secretRef.withOptional
withOptional(optional)
"Specify whether the Secret must be defined"
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle
"Actions that the management system should take in response to container lifecycle events.\nCannot be updated."
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart
"PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.exec
"Exec specifies the action to take."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.exec.withCommand
withCommand(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.exec.withCommandMixin
withCommandMixin(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet
"HTTPGet specifies the http request to perform."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.withHost
withHost(host)
"Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.withHttpHeaders
withHttpHeaders(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.withHttpHeadersMixin
withHttpHeadersMixin(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.withPath
withPath(path)
"Path to access on the HTTP server."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.withPort
withPort(port)
"Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.withScheme
withScheme(scheme)
"Scheme to use for connecting to the host.\nDefaults to HTTP."
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.httpHeaders
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.httpHeaders.withName
withName(name)
"The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.httpGet.httpHeaders.withValue
withValue(value)
"The header field value"
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.sleep
"Sleep represents the duration that the container should sleep before being terminated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.sleep.withSeconds
withSeconds(seconds)
"Seconds is the number of seconds to sleep."
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.tcpSocket
"Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.tcpSocket.withHost
withHost(host)
"Optional: Host name to connect to, defaults to the pod IP."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.postStart.tcpSocket.withPort
withPort(port)
"Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop
"PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks"
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.exec
"Exec specifies the action to take."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.exec.withCommand
withCommand(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.exec.withCommandMixin
withCommandMixin(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet
"HTTPGet specifies the http request to perform."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.withHost
withHost(host)
"Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.withHttpHeaders
withHttpHeaders(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.withHttpHeadersMixin
withHttpHeadersMixin(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.withPath
withPath(path)
"Path to access on the HTTP server."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.withPort
withPort(port)
"Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.withScheme
withScheme(scheme)
"Scheme to use for connecting to the host.\nDefaults to HTTP."
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.httpHeaders
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.httpHeaders.withName
withName(name)
"The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.httpGet.httpHeaders.withValue
withValue(value)
"The header field value"
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.sleep
"Sleep represents the duration that the container should sleep before being terminated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.sleep.withSeconds
withSeconds(seconds)
"Seconds is the number of seconds to sleep."
obj spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.tcpSocket
"Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.tcpSocket.withHost
withHost(host)
"Optional: Host name to connect to, defaults to the pod IP."
fn spec.provider.kubernetes.envoyDeployment.initContainers.lifecycle.preStop.tcpSocket.withPort
withPort(port)
"Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe
"Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.withFailureThreshold
withFailureThreshold(failureThreshold)
"Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.withInitialDelaySeconds
withInitialDelaySeconds(initialDelaySeconds)
"Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.withPeriodSeconds
withPeriodSeconds(periodSeconds)
"How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.withSuccessThreshold
withSuccessThreshold(successThreshold)
"Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.withTerminationGracePeriodSeconds
withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)
"Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.withTimeoutSeconds
withTimeoutSeconds(timeoutSeconds)
"Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.exec
"Exec specifies the action to take."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.exec.withCommand
withCommand(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.exec.withCommandMixin
withCommandMixin(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.grpc
"GRPC specifies an action involving a GRPC port."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.grpc.withPort
withPort(port)
"Port number of the gRPC service. Number must be in the range 1 to 65535."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.grpc.withService
withService(service)
"Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet
"HTTPGet specifies the http request to perform."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.withHost
withHost(host)
"Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.withHttpHeaders
withHttpHeaders(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.withHttpHeadersMixin
withHttpHeadersMixin(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.withPath
withPath(path)
"Path to access on the HTTP server."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.withPort
withPort(port)
"Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.withScheme
withScheme(scheme)
"Scheme to use for connecting to the host.\nDefaults to HTTP."
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.httpHeaders
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.httpHeaders.withName
withName(name)
"The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.httpGet.httpHeaders.withValue
withValue(value)
"The header field value"
obj spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.tcpSocket
"TCPSocket specifies an action involving a TCP port."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.tcpSocket.withHost
withHost(host)
"Optional: Host name to connect to, defaults to the pod IP."
fn spec.provider.kubernetes.envoyDeployment.initContainers.livenessProbe.tcpSocket.withPort
withPort(port)
"Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
obj spec.provider.kubernetes.envoyDeployment.initContainers.ports
"List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.ports.withContainerPort
withContainerPort(containerPort)
"Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536."
fn spec.provider.kubernetes.envoyDeployment.initContainers.ports.withHostIP
withHostIP(hostIP)
"What host IP to bind the external port to."
fn spec.provider.kubernetes.envoyDeployment.initContainers.ports.withHostPort
withHostPort(hostPort)
"Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this."
fn spec.provider.kubernetes.envoyDeployment.initContainers.ports.withName
withName(name)
"If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services."
fn spec.provider.kubernetes.envoyDeployment.initContainers.ports.withProtocol
withProtocol(protocol)
"Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"."
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe
"Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.withFailureThreshold
withFailureThreshold(failureThreshold)
"Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.withInitialDelaySeconds
withInitialDelaySeconds(initialDelaySeconds)
"Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.withPeriodSeconds
withPeriodSeconds(periodSeconds)
"How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.withSuccessThreshold
withSuccessThreshold(successThreshold)
"Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.withTerminationGracePeriodSeconds
withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)
"Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.withTimeoutSeconds
withTimeoutSeconds(timeoutSeconds)
"Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.exec
"Exec specifies the action to take."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.exec.withCommand
withCommand(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.exec.withCommandMixin
withCommandMixin(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.grpc
"GRPC specifies an action involving a GRPC port."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.grpc.withPort
withPort(port)
"Port number of the gRPC service. Number must be in the range 1 to 65535."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.grpc.withService
withService(service)
"Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet
"HTTPGet specifies the http request to perform."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.withHost
withHost(host)
"Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.withHttpHeaders
withHttpHeaders(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.withHttpHeadersMixin
withHttpHeadersMixin(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.withPath
withPath(path)
"Path to access on the HTTP server."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.withPort
withPort(port)
"Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.withScheme
withScheme(scheme)
"Scheme to use for connecting to the host.\nDefaults to HTTP."
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.httpHeaders
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.httpHeaders.withName
withName(name)
"The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.httpGet.httpHeaders.withValue
withValue(value)
"The header field value"
obj spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.tcpSocket
"TCPSocket specifies an action involving a TCP port."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.tcpSocket.withHost
withHost(host)
"Optional: Host name to connect to, defaults to the pod IP."
fn spec.provider.kubernetes.envoyDeployment.initContainers.readinessProbe.tcpSocket.withPort
withPort(port)
"Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
obj spec.provider.kubernetes.envoyDeployment.initContainers.resizePolicy
"Resources resize policy for the container."
fn spec.provider.kubernetes.envoyDeployment.initContainers.resizePolicy.withResourceName
withResourceName(resourceName)
"Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory."
fn spec.provider.kubernetes.envoyDeployment.initContainers.resizePolicy.withRestartPolicy
withRestartPolicy(restartPolicy)
"Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired."
obj spec.provider.kubernetes.envoyDeployment.initContainers.resources
"Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDeployment.initContainers.resources.withClaims
withClaims(claims)
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.resources.withClaimsMixin
withClaimsMixin(claims)
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.resources.withLimits
withLimits(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDeployment.initContainers.resources.withLimitsMixin
withLimitsMixin(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.resources.withRequests
withRequests(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDeployment.initContainers.resources.withRequestsMixin
withRequestsMixin(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.initContainers.resources.claims
"Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.resources.claims.withName
withName(name)
"Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container."
fn spec.provider.kubernetes.envoyDeployment.initContainers.resources.claims.withRequest
withRequest(request)
"Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request."
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext
"SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.withAllowPrivilegeEscalation
withAllowPrivilegeEscalation(allowPrivilegeEscalation)
"AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.withPrivileged
withPrivileged(privileged)
"Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.withProcMount
withProcMount(procMount)
"procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.withReadOnlyRootFilesystem
withReadOnlyRootFilesystem(readOnlyRootFilesystem)
"Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.withRunAsGroup
withRunAsGroup(runAsGroup)
"The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.withRunAsNonRoot
withRunAsNonRoot(runAsNonRoot)
"Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.withRunAsUser
withRunAsUser(runAsUser)
"The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.appArmorProfile
"appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.appArmorProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.appArmorProfile.withType
withType(type)
"type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.capabilities
"The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.capabilities.withAdd
withAdd(add)
"Added capabilities"
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.capabilities.withAddMixin
withAddMixin(add)
"Added capabilities"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.capabilities.withDrop
withDrop(drop)
"Removed capabilities"
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.capabilities.withDropMixin
withDropMixin(drop)
"Removed capabilities"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seLinuxOptions
"The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seLinuxOptions.withLevel
withLevel(level)
"Level is SELinux level label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seLinuxOptions.withRole
withRole(role)
"Role is a SELinux role label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seLinuxOptions.withType
withType(type)
"Type is a SELinux type label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seLinuxOptions.withUser
withUser(user)
"User is a SELinux user label that applies to the container."
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seccompProfile
"The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seccompProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.seccompProfile.withType
withType(type)
"type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
obj spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.windowsOptions
"The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.windowsOptions.withGmsaCredentialSpec
withGmsaCredentialSpec(gmsaCredentialSpec)
"GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.windowsOptions.withGmsaCredentialSpecName
withGmsaCredentialSpecName(gmsaCredentialSpecName)
"GMSACredentialSpecName is the name of the GMSA credential spec to use."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.windowsOptions.withHostProcess
withHostProcess(hostProcess)
"HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
fn spec.provider.kubernetes.envoyDeployment.initContainers.securityContext.windowsOptions.withRunAsUserName
withRunAsUserName(runAsUserName)
"The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe
"StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.withFailureThreshold
withFailureThreshold(failureThreshold)
"Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.withInitialDelaySeconds
withInitialDelaySeconds(initialDelaySeconds)
"Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.withPeriodSeconds
withPeriodSeconds(periodSeconds)
"How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.withSuccessThreshold
withSuccessThreshold(successThreshold)
"Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.withTerminationGracePeriodSeconds
withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)
"Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.withTimeoutSeconds
withTimeoutSeconds(timeoutSeconds)
"Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.exec
"Exec specifies the action to take."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.exec.withCommand
withCommand(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.exec.withCommandMixin
withCommandMixin(command)
"Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.grpc
"GRPC specifies an action involving a GRPC port."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.grpc.withPort
withPort(port)
"Port number of the gRPC service. Number must be in the range 1 to 65535."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.grpc.withService
withService(service)
"Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet
"HTTPGet specifies the http request to perform."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.withHost
withHost(host)
"Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.withHttpHeaders
withHttpHeaders(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.withHttpHeadersMixin
withHttpHeadersMixin(httpHeaders)
"Custom headers to set in the request. HTTP allows repeated headers."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.withPath
withPath(path)
"Path to access on the HTTP server."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.withPort
withPort(port)
"Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.withScheme
withScheme(scheme)
"Scheme to use for connecting to the host.\nDefaults to HTTP."
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.httpHeaders
"Custom headers to set in the request. HTTP allows repeated headers."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.httpHeaders.withName
withName(name)
"The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.httpGet.httpHeaders.withValue
withValue(value)
"The header field value"
obj spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.tcpSocket
"TCPSocket specifies an action involving a TCP port."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.tcpSocket.withHost
withHost(host)
"Optional: Host name to connect to, defaults to the pod IP."
fn spec.provider.kubernetes.envoyDeployment.initContainers.startupProbe.tcpSocket.withPort
withPort(port)
"Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME."
obj spec.provider.kubernetes.envoyDeployment.initContainers.volumeDevices
"volumeDevices is the list of block devices to be used by the container."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeDevices.withDevicePath
withDevicePath(devicePath)
"devicePath is the path inside of the container that the device will be mapped to."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeDevices.withName
withName(name)
"name must match the name of a persistentVolumeClaim in the pod"
obj spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts
"Pod volumes to mount into the container's filesystem.\nCannot be updated."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts.withMountPath
withMountPath(mountPath)
"Path within the container at which the volume should be mounted. Must\nnot contain ':'."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts.withMountPropagation
withMountPropagation(mountPropagation)
"mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts.withName
withName(name)
"This must match the Name of a Volume."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts.withReadOnly
withReadOnly(readOnly)
"Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts.withRecursiveReadOnly
withRecursiveReadOnly(recursiveReadOnly)
"RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts.withSubPath
withSubPath(subPath)
"Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)."
fn spec.provider.kubernetes.envoyDeployment.initContainers.volumeMounts.withSubPathExpr
withSubPathExpr(subPathExpr)
"Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive."
obj spec.provider.kubernetes.envoyDeployment.patch
"Patch defines how to perform the patch operation to deployment"
fn spec.provider.kubernetes.envoyDeployment.patch.withType
withType(type)
"Type is the type of merge operation to perform\n\nBy default, StrategicMerge is used as the patch type."
fn spec.provider.kubernetes.envoyDeployment.patch.withValue
withValue(value)
"Object contains the raw configuration for merged object"
obj spec.provider.kubernetes.envoyDeployment.pod
"Pod defines the desired specification of pod."
fn spec.provider.kubernetes.envoyDeployment.pod.withAnnotations
withAnnotations(annotations)
"Annotations are the annotations that should be appended to the pods.\nBy default, no pod annotations are appended."
fn spec.provider.kubernetes.envoyDeployment.pod.withAnnotationsMixin
withAnnotationsMixin(annotations)
"Annotations are the annotations that should be appended to the pods.\nBy default, no pod annotations are appended."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.withImagePullSecrets
withImagePullSecrets(imagePullSecrets)
"ImagePullSecrets is an optional list of references to secrets\nin the same namespace to use for pulling any of the images used by this PodSpec.\nIf specified, these secrets will be passed to individual puller implementations for them to use.\nMore info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod"
fn spec.provider.kubernetes.envoyDeployment.pod.withImagePullSecretsMixin
withImagePullSecretsMixin(imagePullSecrets)
"ImagePullSecrets is an optional list of references to secrets\nin the same namespace to use for pulling any of the images used by this PodSpec.\nIf specified, these secrets will be passed to individual puller implementations for them to use.\nMore info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.withLabels
withLabels(labels)
"Labels are the additional labels that should be tagged to the pods.\nBy default, no additional pod labels are tagged."
fn spec.provider.kubernetes.envoyDeployment.pod.withLabelsMixin
withLabelsMixin(labels)
"Labels are the additional labels that should be tagged to the pods.\nBy default, no additional pod labels are tagged."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.withNodeSelector
withNodeSelector(nodeSelector)
"NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/"
fn spec.provider.kubernetes.envoyDeployment.pod.withNodeSelectorMixin
withNodeSelectorMixin(nodeSelector)
"NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.withTolerations
withTolerations(tolerations)
"If specified, the pod's tolerations."
fn spec.provider.kubernetes.envoyDeployment.pod.withTolerationsMixin
withTolerationsMixin(tolerations)
"If specified, the pod's tolerations."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.withTopologySpreadConstraints
withTopologySpreadConstraints(topologySpreadConstraints)
"TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.withTopologySpreadConstraintsMixin
withTopologySpreadConstraintsMixin(topologySpreadConstraints)
"TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.withVolumes
withVolumes(volumes)
"Volumes that can be mounted by containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes"
fn spec.provider.kubernetes.envoyDeployment.pod.withVolumesMixin
withVolumesMixin(volumes)
"Volumes that can be mounted by containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity
"If specified, the pod's scheduling constraints."
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity
"Describes node affinity scheduling rules for the pod."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.withPreferredDuringSchedulingIgnoredDuringExecution
withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin
withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.withWeight
withWeight(weight)
"Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100."
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference
"A node selector term, associated with the corresponding weight."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.withMatchExpressions
withMatchExpressions(matchExpressions)
"A list of node selector requirements by node's labels."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"A list of node selector requirements by node's labels."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.withMatchFields
withMatchFields(matchFields)
"A list of node selector requirements by node's fields."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.withMatchFieldsMixin
withMatchFieldsMixin(matchFields)
"A list of node selector requirements by node's fields."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions
"A list of node selector requirements by node's labels."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions.withKey
withKey(key)
"The label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions.withOperator
withOperator(operator)
"Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions.withValues
withValues(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchExpressions.withValuesMixin
withValuesMixin(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields
"A list of node selector requirements by node's fields."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields.withKey
withKey(key)
"The label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields.withOperator
withOperator(operator)
"Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields.withValues
withValues(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution.preference.matchFields.withValuesMixin
withValuesMixin(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution
"If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNodeSelectorTerms
withNodeSelectorTerms(nodeSelectorTerms)
"Required. A list of node selector terms. The terms are ORed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNodeSelectorTermsMixin
withNodeSelectorTermsMixin(nodeSelectorTerms)
"Required. A list of node selector terms. The terms are ORed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms
"Required. A list of node selector terms. The terms are ORed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.withMatchExpressions
withMatchExpressions(matchExpressions)
"A list of node selector requirements by node's labels."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"A list of node selector requirements by node's labels."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.withMatchFields
withMatchFields(matchFields)
"A list of node selector requirements by node's fields."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.withMatchFieldsMixin
withMatchFieldsMixin(matchFields)
"A list of node selector requirements by node's fields."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions
"A list of node selector requirements by node's labels."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions.withKey
withKey(key)
"The label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions.withOperator
withOperator(operator)
"Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions.withValues
withValues(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions.withValuesMixin
withValuesMixin(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields
"A list of node selector requirements by node's fields."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields.withKey
withKey(key)
"The label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields.withOperator
withOperator(operator)
"Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields.withValues
withValues(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchFields.withValuesMixin
withValuesMixin(values)
"An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity
"Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.withPreferredDuringSchedulingIgnoredDuringExecution
withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin
withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.withRequiredDuringSchedulingIgnoredDuringExecution
withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)
"If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.withRequiredDuringSchedulingIgnoredDuringExecutionMixin
withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)
"If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.withWeight
withWeight(weight)
"weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm
"Required. A pod affinity term, associated with the corresponding weight."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMismatchLabelKeys
withMismatchLabelKeys(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMismatchLabelKeysMixin
withMismatchLabelKeysMixin(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withNamespaces
withNamespaces(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withNamespacesMixin
withNamespacesMixin(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withTopologyKey
withTopologyKey(topologyKey)
"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector
"A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector
"A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution
"If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMismatchLabelKeys
withMismatchLabelKeys(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMismatchLabelKeysMixin
withMismatchLabelKeysMixin(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNamespaces
withNamespaces(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNamespacesMixin
withNamespacesMixin(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.withTopologyKey
withTopologyKey(topologyKey)
"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector
"A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector
"A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity
"Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.withPreferredDuringSchedulingIgnoredDuringExecution
withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin
withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.withRequiredDuringSchedulingIgnoredDuringExecution
withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)
"If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.withRequiredDuringSchedulingIgnoredDuringExecutionMixin
withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)
"If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution
"The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.withWeight
withWeight(weight)
"weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100."
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm
"Required. A pod affinity term, associated with the corresponding weight."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMismatchLabelKeys
withMismatchLabelKeys(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withMismatchLabelKeysMixin
withMismatchLabelKeysMixin(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withNamespaces
withNamespaces(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withNamespacesMixin
withNamespacesMixin(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.withTopologyKey
withTopologyKey(topologyKey)
"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector
"A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector
"A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.namespaceSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution
"If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key in (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMismatchLabelKeys
withMismatchLabelKeys(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withMismatchLabelKeysMixin
withMismatchLabelKeysMixin(mismatchLabelKeys)
"MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with labelSelector
as key notin (value)
\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNamespaces
withNamespaces(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNamespacesMixin
withNamespacesMixin(namespaces)
"namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.withTopologyKey
withTopologyKey(topologyKey)
"This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed."
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector
"A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector
"A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution.namespaceSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.imagePullSecrets
"ImagePullSecrets is an optional list of references to secrets\nin the same namespace to use for pulling any of the images used by this PodSpec.\nIf specified, these secrets will be passed to individual puller implementations for them to use.\nMore info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod"
fn spec.provider.kubernetes.envoyDeployment.pod.imagePullSecrets.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext
"SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withFsGroup
withFsGroup(fsGroup)
"A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withFsGroupChangePolicy
withFsGroupChangePolicy(fsGroupChangePolicy)
"fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withRunAsGroup
withRunAsGroup(runAsGroup)
"The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withRunAsNonRoot
withRunAsNonRoot(runAsNonRoot)
"Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withRunAsUser
withRunAsUser(runAsUser)
"The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withSupplementalGroups
withSupplementalGroups(supplementalGroups)
"A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withSupplementalGroupsMixin
withSupplementalGroupsMixin(supplementalGroups)
"A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withSupplementalGroupsPolicy
withSupplementalGroupsPolicy(supplementalGroupsPolicy)
"Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withSysctls
withSysctls(sysctls)
"Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.withSysctlsMixin
withSysctlsMixin(sysctls)
"Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.appArmorProfile
"appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.appArmorProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.appArmorProfile.withType
withType(type)
"type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement."
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.seLinuxOptions
"The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.seLinuxOptions.withLevel
withLevel(level)
"Level is SELinux level label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.seLinuxOptions.withRole
withRole(role)
"Role is a SELinux role label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.seLinuxOptions.withType
withType(type)
"Type is a SELinux type label that applies to the container."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.seLinuxOptions.withUser
withUser(user)
"User is a SELinux user label that applies to the container."
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.seccompProfile
"The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.seccompProfile.withLocalhostProfile
withLocalhostProfile(localhostProfile)
"localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.seccompProfile.withType
withType(type)
"type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied."
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.sysctls
"Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.sysctls.withName
withName(name)
"Name of a property to set"
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.sysctls.withValue
withValue(value)
"Value of a property to set"
obj spec.provider.kubernetes.envoyDeployment.pod.securityContext.windowsOptions
"The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.windowsOptions.withGmsaCredentialSpec
withGmsaCredentialSpec(gmsaCredentialSpec)
"GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.windowsOptions.withGmsaCredentialSpecName
withGmsaCredentialSpecName(gmsaCredentialSpecName)
"GMSACredentialSpecName is the name of the GMSA credential spec to use."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.windowsOptions.withHostProcess
withHostProcess(hostProcess)
"HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true."
fn spec.provider.kubernetes.envoyDeployment.pod.securityContext.windowsOptions.withRunAsUserName
withRunAsUserName(runAsUserName)
"The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence."
obj spec.provider.kubernetes.envoyDeployment.pod.tolerations
"If specified, the pod's tolerations."
fn spec.provider.kubernetes.envoyDeployment.pod.tolerations.withEffect
withEffect(effect)
"Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute."
fn spec.provider.kubernetes.envoyDeployment.pod.tolerations.withKey
withKey(key)
"Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys."
fn spec.provider.kubernetes.envoyDeployment.pod.tolerations.withOperator
withOperator(operator)
"Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category."
fn spec.provider.kubernetes.envoyDeployment.pod.tolerations.withTolerationSeconds
withTolerationSeconds(tolerationSeconds)
"TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system."
fn spec.provider.kubernetes.envoyDeployment.pod.tolerations.withValue
withValue(value)
"Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string."
obj spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints
"TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.withMatchLabelKeys
withMatchLabelKeys(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.withMatchLabelKeysMixin
withMatchLabelKeysMixin(matchLabelKeys)
"MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.withMaxSkew
withMaxSkew(maxSkew)
"MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen whenUnsatisfiable=DoNotSchedule
, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen whenUnsatisfiable=ScheduleAnyway
, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.withMinDomains
withMinDomains(minDomains)
"MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.withNodeAffinityPolicy
withNodeAffinityPolicy(nodeAffinityPolicy)
"NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.withNodeTaintsPolicy
withNodeTaintsPolicy(nodeTaintsPolicy)
"NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.withTopologyKey
withTopologyKey(topologyKey)
"TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.withWhenUnsatisfiable
withWhenUnsatisfiable(whenUnsatisfiable)
"WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it more imbalanced.\nIt's a required field."
obj spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector
"LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.topologySpreadConstraints.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes
"Volumes that can be mounted by containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.withName
withName(name)
"name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.awsElasticBlockStore
"awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.awsElasticBlockStore.withFsType
withFsType(fsType)
"fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.awsElasticBlockStore.withPartition
withPartition(partition)
"partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.awsElasticBlockStore.withReadOnly
withReadOnly(readOnly)
"readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.awsElasticBlockStore.withVolumeID
withVolumeID(volumeID)
"volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.azureDisk
"azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureDisk.withCachingMode
withCachingMode(cachingMode)
"cachingMode is the Host Caching mode: None, Read Only, Read Write."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureDisk.withDiskName
withDiskName(diskName)
"diskName is the Name of the data disk in the blob storage"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureDisk.withDiskURI
withDiskURI(diskURI)
"diskURI is the URI of data disk in the blob storage"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureDisk.withFsType
withFsType(fsType)
"fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureDisk.withKind
withKind(kind)
"kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureDisk.withReadOnly
withReadOnly(readOnly)
"readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.azureFile
"azureFile represents an Azure File Service mount on the host and bind mount to the pod."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureFile.withReadOnly
withReadOnly(readOnly)
"readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureFile.withSecretName
withSecretName(secretName)
"secretName is the name of secret that contains Azure Storage Account Name and Key"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.azureFile.withShareName
withShareName(shareName)
"shareName is the azure share Name"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs
"cephFS represents a Ceph FS mount on the host that shares a pod's lifetime"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs.withMonitors
withMonitors(monitors)
"monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs.withMonitorsMixin
withMonitorsMixin(monitors)
"monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs.withPath
withPath(path)
"path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs.withReadOnly
withReadOnly(readOnly)
"readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs.withSecretFile
withSecretFile(secretFile)
"secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs.withUser
withUser(user)
"user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs.secretRef
"secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cephfs.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.cinder
"cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cinder.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cinder.withReadOnly
withReadOnly(readOnly)
"readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cinder.withVolumeID
withVolumeID(volumeID)
"volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.cinder.secretRef
"secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.cinder.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap
"configMap represents a configMap that should populate this volume"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.withDefaultMode
withDefaultMode(defaultMode)
"defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.withItems
withItems(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.withItemsMixin
withItemsMixin(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.withOptional
withOptional(optional)
"optional specify whether the ConfigMap or its keys must be defined"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.items
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.items.withKey
withKey(key)
"key is the key to project."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.items.withMode
withMode(mode)
"mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.configMap.items.withPath
withPath(path)
"path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.csi
"csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.csi.withDriver
withDriver(driver)
"driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.csi.withFsType
withFsType(fsType)
"fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.csi.withReadOnly
withReadOnly(readOnly)
"readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.csi.withVolumeAttributes
withVolumeAttributes(volumeAttributes)
"volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.csi.withVolumeAttributesMixin
withVolumeAttributesMixin(volumeAttributes)
"volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.csi.nodePublishSecretRef
"nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.csi.nodePublishSecretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI
"downwardAPI represents downward API about the pod that should populate this volume"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.withDefaultMode
withDefaultMode(defaultMode)
"Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.withItems
withItems(items)
"Items is a list of downward API volume file"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.withItemsMixin
withItemsMixin(items)
"Items is a list of downward API volume file"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items
"Items is a list of downward API volume file"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.withMode
withMode(mode)
"Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.withPath
withPath(path)
"Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.fieldRef
"Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.fieldRef.withApiVersion
withApiVersion(apiVersion)
"Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.fieldRef.withFieldPath
withFieldPath(fieldPath)
"Path of the field to select in the specified API version."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.resourceFieldRef
"Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.resourceFieldRef.withContainerName
withContainerName(containerName)
"Container name: required for volumes, optional for env vars"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.resourceFieldRef.withDivisor
withDivisor(divisor)
"Specifies the output format of the exposed resources, defaults to \"1\
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.downwardAPI.items.resourceFieldRef.withResource
withResource(resource)
"Required: resource to select"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.emptyDir
"emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.emptyDir.withMedium
withMedium(medium)
"medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.emptyDir.withSizeLimit
withSizeLimit(sizeLimit)
"sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral
"ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate
"Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be <pod name>-<volume name>
where\n<volume name>
is the name from the PodSpec.Volumes
array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill not be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.withMetadata
withMetadata(metadata)
"May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.withMetadataMixin
withMetadataMixin(metadata)
"May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec
"The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.withAccessModes
withAccessModes(accessModes)
"accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.withAccessModesMixin
withAccessModesMixin(accessModes)
"accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.withStorageClassName
withStorageClassName(storageClassName)
"storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.withVolumeAttributesClassName
withVolumeAttributesClassName(volumeAttributesClassName)
"volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.withVolumeMode
withVolumeMode(volumeMode)
"volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.withVolumeName
withVolumeName(volumeName)
"volumeName is the binding reference to the PersistentVolume backing this claim."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource
"dataSource field can be used to specify either:\n An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource.withApiGroup
withApiGroup(apiGroup)
"APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource.withKind
withKind(kind)
"Kind is the type of resource being referenced"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSource.withName
withName(name)
"Name is the name of resource being referenced"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef
"dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef.withApiGroup
withApiGroup(apiGroup)
"APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef.withKind
withKind(kind)
"Kind is the type of resource being referenced"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef.withName
withName(name)
"Name is the name of resource being referenced"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.dataSourceRef.withNamespace
withNamespace(namespace)
"Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources
"resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources.withLimits
withLimits(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources.withLimitsMixin
withLimitsMixin(limits)
"Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources.withRequests
withRequests(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.resources.withRequestsMixin
withRequestsMixin(requests)
"Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector
"selector is a label query over volumes to consider for binding."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.fc
"fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.fc.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.fc.withLun
withLun(lun)
"lun is Optional: FC target lun number"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.fc.withReadOnly
withReadOnly(readOnly)
"readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.fc.withTargetWWNs
withTargetWWNs(targetWWNs)
"targetWWNs is Optional: FC target worldwide names (WWNs)"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.fc.withTargetWWNsMixin
withTargetWWNsMixin(targetWWNs)
"targetWWNs is Optional: FC target worldwide names (WWNs)"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.fc.withWwids
withWwids(wwids)
"wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.fc.withWwidsMixin
withWwidsMixin(wwids)
"wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume
"flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume.withDriver
withDriver(driver)
"driver is the name of the driver to use for this volume."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume.withOptions
withOptions(options)
"options is Optional: this field holds extra command options if any."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume.withOptionsMixin
withOptionsMixin(options)
"options is Optional: this field holds extra command options if any."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume.withReadOnly
withReadOnly(readOnly)
"readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume.secretRef
"secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.flexVolume.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.flocker
"flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.flocker.withDatasetName
withDatasetName(datasetName)
"datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.flocker.withDatasetUUID
withDatasetUUID(datasetUUID)
"datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.gcePersistentDisk
"gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.gcePersistentDisk.withFsType
withFsType(fsType)
"fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.gcePersistentDisk.withPartition
withPartition(partition)
"partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.gcePersistentDisk.withPdName
withPdName(pdName)
"pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.gcePersistentDisk.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.gitRepo
"gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.gitRepo.withDirectory
withDirectory(directory)
"directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.gitRepo.withRepository
withRepository(repository)
"repository is the URL"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.gitRepo.withRevision
withRevision(revision)
"revision is the commit hash for the specified revision."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.glusterfs
"glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.glusterfs.withEndpoints
withEndpoints(endpoints)
"endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.glusterfs.withPath
withPath(path)
"path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.glusterfs.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.hostPath
"hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.hostPath.withPath
withPath(path)
"path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.hostPath.withType
withType(type)
"type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.image
"image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.image.withPullPolicy
withPullPolicy(pullPolicy)
"Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.image.withReference
withReference(reference)
"Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi
"iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withChapAuthDiscovery
withChapAuthDiscovery(chapAuthDiscovery)
"chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withChapAuthSession
withChapAuthSession(chapAuthSession)
"chapAuthSession defines whether support iSCSI Session CHAP authentication"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withFsType
withFsType(fsType)
"fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withInitiatorName
withInitiatorName(initiatorName)
"initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withIqn
withIqn(iqn)
"iqn is the target iSCSI Qualified Name."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withIscsiInterface
withIscsiInterface(iscsiInterface)
"iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withLun
withLun(lun)
"lun represents iSCSI Target Lun number."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withPortals
withPortals(portals)
"portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withPortalsMixin
withPortalsMixin(portals)
"portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.withTargetPortal
withTargetPortal(targetPortal)
"targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.secretRef
"secretRef is the CHAP Secret for iSCSI target and initiator authentication"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.iscsi.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.nfs
"nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.nfs.withPath
withPath(path)
"path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.nfs.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.nfs.withServer
withServer(server)
"server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.persistentVolumeClaim
"persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.persistentVolumeClaim.withClaimName
withClaimName(claimName)
"claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.persistentVolumeClaim.withReadOnly
withReadOnly(readOnly)
"readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.photonPersistentDisk
"photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.photonPersistentDisk.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.photonPersistentDisk.withPdID
withPdID(pdID)
"pdID is the ID that identifies Photon Controller persistent disk"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.portworxVolume
"portworxVolume represents a portworx volume attached and mounted on kubelets host machine"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.portworxVolume.withFsType
withFsType(fsType)
"fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.portworxVolume.withReadOnly
withReadOnly(readOnly)
"readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.portworxVolume.withVolumeID
withVolumeID(volumeID)
"volumeID uniquely identifies a Portworx volume"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected
"projected items for all in one resources secrets, configmaps, and downward API"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.withDefaultMode
withDefaultMode(defaultMode)
"defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.withSources
withSources(sources)
"sources is the list of volume projections. Each entry in this list\nhandles one source."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.withSourcesMixin
withSourcesMixin(sources)
"sources is the list of volume projections. Each entry in this list\nhandles one source."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources
"sources is the list of volume projections. Each entry in this list\nhandles one source."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle
"ClusterTrustBundle allows a pod to access the .spec.trustBundle
field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.withName
withName(name)
"Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.withOptional
withOptional(optional)
"If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.withPath
withPath(path)
"Relative path from the volume root to write the bundle."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.withSignerName
withSignerName(signerName)
"Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector
"Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.clusterTrustBundle.labelSelector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap
"configMap information about the configMap data to project"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap.withItems
withItems(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap.withItemsMixin
withItemsMixin(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap.withOptional
withOptional(optional)
"optional specify whether the ConfigMap or its keys must be defined"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap.items
"items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap.items.withKey
withKey(key)
"key is the key to project."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap.items.withMode
withMode(mode)
"mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.configMap.items.withPath
withPath(path)
"path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI
"downwardAPI information about the downwardAPI data to project"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.withItems
withItems(items)
"Items is a list of DownwardAPIVolume file"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.withItemsMixin
withItemsMixin(items)
"Items is a list of DownwardAPIVolume file"
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items
"Items is a list of DownwardAPIVolume file"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.withMode
withMode(mode)
"Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.withPath
withPath(path)
"Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.fieldRef
"Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.fieldRef.withApiVersion
withApiVersion(apiVersion)
"Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.fieldRef.withFieldPath
withFieldPath(fieldPath)
"Path of the field to select in the specified API version."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.resourceFieldRef
"Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.resourceFieldRef.withContainerName
withContainerName(containerName)
"Container name: required for volumes, optional for env vars"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.resourceFieldRef.withDivisor
withDivisor(divisor)
"Specifies the output format of the exposed resources, defaults to \"1\
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.downwardAPI.items.resourceFieldRef.withResource
withResource(resource)
"Required: resource to select"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret
"secret information about the secret data to project"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret.withItems
withItems(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret.withItemsMixin
withItemsMixin(items)
"items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret.withOptional
withOptional(optional)
"optional field specify whether the Secret or its key must be defined"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret.items
"items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret.items.withKey
withKey(key)
"key is the key to project."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret.items.withMode
withMode(mode)
"mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.secret.items.withPath
withPath(path)
"path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.serviceAccountToken
"serviceAccountToken is information about the serviceAccountToken data to project"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.serviceAccountToken.withAudience
withAudience(audience)
"audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.serviceAccountToken.withExpirationSeconds
withExpirationSeconds(expirationSeconds)
"expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.projected.sources.serviceAccountToken.withPath
withPath(path)
"path is the path relative to the mount point of the file to project the\ntoken into."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.quobyte
"quobyte represents a Quobyte mount on the host that shares a pod's lifetime"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.quobyte.withGroup
withGroup(group)
"group to map volume access to\nDefault is no group"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.quobyte.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.quobyte.withRegistry
withRegistry(registry)
"registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.quobyte.withTenant
withTenant(tenant)
"tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.quobyte.withUser
withUser(user)
"user to map volume access to\nDefaults to serivceaccount user"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.quobyte.withVolume
withVolume(volume)
"volume is a string that references an already created Quobyte volume by name."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd
"rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.withFsType
withFsType(fsType)
"fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.withImage
withImage(image)
"image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.withKeyring
withKeyring(keyring)
"keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.withMonitors
withMonitors(monitors)
"monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.withMonitorsMixin
withMonitorsMixin(monitors)
"monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.withPool
withPool(pool)
"pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.withReadOnly
withReadOnly(readOnly)
"readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.withUser
withUser(user)
"user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.secretRef
"secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.rbd.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO
"scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withGateway
withGateway(gateway)
"gateway is the host address of the ScaleIO API Gateway."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withProtectionDomain
withProtectionDomain(protectionDomain)
"protectionDomain is the name of the ScaleIO Protection Domain for the configured storage."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withReadOnly
withReadOnly(readOnly)
"readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withSslEnabled
withSslEnabled(sslEnabled)
"sslEnabled Flag enable/disable SSL communication with Gateway, default false"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withStorageMode
withStorageMode(storageMode)
"storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withStoragePool
withStoragePool(storagePool)
"storagePool is the ScaleIO Storage Pool associated with the protection domain."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withSystem
withSystem(system)
"system is the name of the storage system as configured in ScaleIO."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.withVolumeName
withVolumeName(volumeName)
"volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.secretRef
"secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.scaleIO.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.secret
"secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.withDefaultMode
withDefaultMode(defaultMode)
"defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.withItems
withItems(items)
"items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.withItemsMixin
withItemsMixin(items)
"items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.withOptional
withOptional(optional)
"optional field specify whether the Secret or its keys must be defined"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.withSecretName
withSecretName(secretName)
"secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.items
"items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.items.withKey
withKey(key)
"key is the key to project."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.items.withMode
withMode(mode)
"mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.secret.items.withPath
withPath(path)
"path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.storageos
"storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.storageos.withFsType
withFsType(fsType)
"fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.storageos.withReadOnly
withReadOnly(readOnly)
"readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.storageos.withVolumeName
withVolumeName(volumeName)
"volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.storageos.withVolumeNamespace
withVolumeNamespace(volumeNamespace)
"volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created."
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.storageos.secretRef
"secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.storageos.secretRef.withName
withName(name)
"Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyDeployment.pod.volumes.vsphereVolume
"vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine"
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.vsphereVolume.withFsType
withFsType(fsType)
"fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.vsphereVolume.withStoragePolicyID
withStoragePolicyID(storagePolicyID)
"storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.vsphereVolume.withStoragePolicyName
withStoragePolicyName(storagePolicyName)
"storagePolicyName is the storage Policy Based Management (SPBM) profile name."
fn spec.provider.kubernetes.envoyDeployment.pod.volumes.vsphereVolume.withVolumePath
withVolumePath(volumePath)
"volumePath is the path that identifies vSphere volume vmdk"
obj spec.provider.kubernetes.envoyDeployment.strategy
"The deployment strategy to use to replace existing pods with new ones."
fn spec.provider.kubernetes.envoyDeployment.strategy.withType
withType(type)
"Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate."
obj spec.provider.kubernetes.envoyDeployment.strategy.rollingUpdate
"Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate."
fn spec.provider.kubernetes.envoyDeployment.strategy.rollingUpdate.withMaxSurge
withMaxSurge(maxSurge)
"The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 25%.\nExample: when this is set to 30%, the new ReplicaSet can be scaled up immediately when\nthe rolling update starts, such that the total number of old and new pods do not exceed\n130% of desired pods. Once old pods have been killed,\nnew ReplicaSet can be scaled up further, ensuring that total number of pods running\nat any time during the update is at most 130% of desired pods."
fn spec.provider.kubernetes.envoyDeployment.strategy.rollingUpdate.withMaxUnavailable
withMaxUnavailable(maxUnavailable)
"The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 25%.\nExample: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods\nimmediately when the rolling update starts. Once new pods are ready, old ReplicaSet\ncan be scaled down further, followed by scaling up the new ReplicaSet, ensuring\nthat the total number of pods available at all times during the update is at\nleast 70% of desired pods."
obj spec.provider.kubernetes.envoyHpa
"EnvoyHpa defines the Horizontal Pod Autoscaler settings for Envoy Proxy Deployment.\nOnce the HPA is being set, Replicas field from EnvoyDeployment will be ignored."
fn spec.provider.kubernetes.envoyHpa.withMaxReplicas
withMaxReplicas(maxReplicas)
"maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up.\nIt cannot be less that minReplicas."
fn spec.provider.kubernetes.envoyHpa.withMetrics
withMetrics(metrics)
"metrics contains the specifications for which to use to calculate the\ndesired replica count (the maximum replica count across all metrics will\nbe used).\nIf left empty, it defaults to being based on CPU utilization with average on 80% usage."
fn spec.provider.kubernetes.envoyHpa.withMetricsMixin
withMetricsMixin(metrics)
"metrics contains the specifications for which to use to calculate the\ndesired replica count (the maximum replica count across all metrics will\nbe used).\nIf left empty, it defaults to being based on CPU utilization with average on 80% usage."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyHpa.withMinReplicas
withMinReplicas(minReplicas)
"minReplicas is the lower limit for the number of replicas to which the autoscaler\ncan scale down. It defaults to 1 replica."
obj spec.provider.kubernetes.envoyHpa.behavior
"behavior configures the scaling behavior of the target\nin both Up and Down directions (scaleUp and scaleDown fields respectively).\nIf not set, the default HPAScalingRules for scale up and scale down are used.\nSee k8s.io.autoscaling.v2.HorizontalPodAutoScalerBehavior."
obj spec.provider.kubernetes.envoyHpa.behavior.scaleDown
"scaleDown is scaling policy for scaling Down.\nIf not set, the default value is to allow to scale down to minReplicas pods, with a\n300 second stabilization window (i.e., the highest recommendation for\nthe last 300sec is used)."
fn spec.provider.kubernetes.envoyHpa.behavior.scaleDown.withPolicies
withPolicies(policies)
"policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid"
fn spec.provider.kubernetes.envoyHpa.behavior.scaleDown.withPoliciesMixin
withPoliciesMixin(policies)
"policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyHpa.behavior.scaleDown.withSelectPolicy
withSelectPolicy(selectPolicy)
"selectPolicy is used to specify which policy should be used.\nIf not set, the default value Max is used."
fn spec.provider.kubernetes.envoyHpa.behavior.scaleDown.withStabilizationWindowSeconds
withStabilizationWindowSeconds(stabilizationWindowSeconds)
"stabilizationWindowSeconds is the number of seconds for which past recommendations should be\nconsidered while scaling up or scaling down.\nStabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour).\nIf not set, use the default values:\n- For scale up: 0 (i.e. no stabilization is done).\n- For scale down: 300 (i.e. the stabilization window is 300 seconds long)."
obj spec.provider.kubernetes.envoyHpa.behavior.scaleDown.policies
"policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid"
fn spec.provider.kubernetes.envoyHpa.behavior.scaleDown.policies.withPeriodSeconds
withPeriodSeconds(periodSeconds)
"periodSeconds specifies the window of time for which the policy should hold true.\nPeriodSeconds must be greater than zero and less than or equal to 1800 (30 min)."
fn spec.provider.kubernetes.envoyHpa.behavior.scaleDown.policies.withType
withType(type)
"type is used to specify the scaling policy."
fn spec.provider.kubernetes.envoyHpa.behavior.scaleDown.policies.withValue
withValue(value)
"value contains the amount of change which is permitted by the policy.\nIt must be greater than zero"
obj spec.provider.kubernetes.envoyHpa.behavior.scaleUp
"scaleUp is scaling policy for scaling Up.\nIf not set, the default value is the higher of:\n * increase no more than 4 pods per 60 seconds\n * double the number of pods per 60 seconds\nNo stabilization is used."
fn spec.provider.kubernetes.envoyHpa.behavior.scaleUp.withPolicies
withPolicies(policies)
"policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid"
fn spec.provider.kubernetes.envoyHpa.behavior.scaleUp.withPoliciesMixin
withPoliciesMixin(policies)
"policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid"
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyHpa.behavior.scaleUp.withSelectPolicy
withSelectPolicy(selectPolicy)
"selectPolicy is used to specify which policy should be used.\nIf not set, the default value Max is used."
fn spec.provider.kubernetes.envoyHpa.behavior.scaleUp.withStabilizationWindowSeconds
withStabilizationWindowSeconds(stabilizationWindowSeconds)
"stabilizationWindowSeconds is the number of seconds for which past recommendations should be\nconsidered while scaling up or scaling down.\nStabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour).\nIf not set, use the default values:\n- For scale up: 0 (i.e. no stabilization is done).\n- For scale down: 300 (i.e. the stabilization window is 300 seconds long)."
obj spec.provider.kubernetes.envoyHpa.behavior.scaleUp.policies
"policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid"
fn spec.provider.kubernetes.envoyHpa.behavior.scaleUp.policies.withPeriodSeconds
withPeriodSeconds(periodSeconds)
"periodSeconds specifies the window of time for which the policy should hold true.\nPeriodSeconds must be greater than zero and less than or equal to 1800 (30 min)."
fn spec.provider.kubernetes.envoyHpa.behavior.scaleUp.policies.withType
withType(type)
"type is used to specify the scaling policy."
fn spec.provider.kubernetes.envoyHpa.behavior.scaleUp.policies.withValue
withValue(value)
"value contains the amount of change which is permitted by the policy.\nIt must be greater than zero"
obj spec.provider.kubernetes.envoyHpa.metrics
"metrics contains the specifications for which to use to calculate the\ndesired replica count (the maximum replica count across all metrics will\nbe used).\nIf left empty, it defaults to being based on CPU utilization with average on 80% usage."
fn spec.provider.kubernetes.envoyHpa.metrics.withType
withType(type)
"type is the type of metric source. It should be one of \"ContainerResource\", \"External\",\n\"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.\nNote: \"ContainerResource\" type is available on when the feature-gate\nHPAContainerMetrics is enabled"
obj spec.provider.kubernetes.envoyHpa.metrics.containerResource
"containerResource refers to a resource metric (such as those specified in\nrequests and limits) known to Kubernetes describing a single container in\neach pod of the current scale target (e.g. CPU or memory). Such metrics are\nbuilt in to Kubernetes, and have special scaling options on top of those\navailable to normal per-pod metrics using the \"pods\" source.\nThis is an alpha feature and can be enabled by the HPAContainerMetrics feature flag."
fn spec.provider.kubernetes.envoyHpa.metrics.containerResource.withContainer
withContainer(container)
"container is the name of the container in the pods of the scaling target"
fn spec.provider.kubernetes.envoyHpa.metrics.containerResource.withName
withName(name)
"name is the name of the resource in question."
obj spec.provider.kubernetes.envoyHpa.metrics.containerResource.target
"target specifies the target value for the given metric"
fn spec.provider.kubernetes.envoyHpa.metrics.containerResource.target.withAverageUtilization
withAverageUtilization(averageUtilization)
"averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type"
fn spec.provider.kubernetes.envoyHpa.metrics.containerResource.target.withAverageValue
withAverageValue(averageValue)
"averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)"
fn spec.provider.kubernetes.envoyHpa.metrics.containerResource.target.withType
withType(type)
"type represents whether the metric type is Utilization, Value, or AverageValue"
fn spec.provider.kubernetes.envoyHpa.metrics.containerResource.target.withValue
withValue(value)
"value is the target value of the metric (as a quantity)."
obj spec.provider.kubernetes.envoyHpa.metrics.external
"external refers to a global metric that is not associated\nwith any Kubernetes object. It allows autoscaling based on information\ncoming from components running outside of cluster\n(for example length of queue in cloud messaging service, or\nQPS from loadbalancer running outside of cluster)."
obj spec.provider.kubernetes.envoyHpa.metrics.external.metric
"metric identifies the target metric by name and selector"
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.withName
withName(name)
"name is the name of the given metric"
obj spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector
"selector is the string-encoded form of a standard kubernetes label selector for the given metric\nWhen set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.\nWhen unset, just the metricName will be used to gather metrics."
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyHpa.metrics.external.metric.selector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyHpa.metrics.external.target
"target specifies the target value for the given metric"
fn spec.provider.kubernetes.envoyHpa.metrics.external.target.withAverageUtilization
withAverageUtilization(averageUtilization)
"averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type"
fn spec.provider.kubernetes.envoyHpa.metrics.external.target.withAverageValue
withAverageValue(averageValue)
"averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)"
fn spec.provider.kubernetes.envoyHpa.metrics.external.target.withType
withType(type)
"type represents whether the metric type is Utilization, Value, or AverageValue"
fn spec.provider.kubernetes.envoyHpa.metrics.external.target.withValue
withValue(value)
"value is the target value of the metric (as a quantity)."
obj spec.provider.kubernetes.envoyHpa.metrics.object
"object refers to a metric describing a single kubernetes object\n(for example, hits-per-second on an Ingress object)."
obj spec.provider.kubernetes.envoyHpa.metrics.object.describedObject
"describedObject specifies the descriptions of a object,such as kind,name apiVersion"
fn spec.provider.kubernetes.envoyHpa.metrics.object.describedObject.withApiVersion
withApiVersion(apiVersion)
"apiVersion is the API version of the referent"
fn spec.provider.kubernetes.envoyHpa.metrics.object.describedObject.withKind
withKind(kind)
"kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
fn spec.provider.kubernetes.envoyHpa.metrics.object.describedObject.withName
withName(name)
"name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"
obj spec.provider.kubernetes.envoyHpa.metrics.object.metric
"metric identifies the target metric by name and selector"
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.withName
withName(name)
"name is the name of the given metric"
obj spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector
"selector is the string-encoded form of a standard kubernetes label selector for the given metric\nWhen set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.\nWhen unset, just the metricName will be used to gather metrics."
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyHpa.metrics.object.metric.selector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyHpa.metrics.object.target
"target specifies the target value for the given metric"
fn spec.provider.kubernetes.envoyHpa.metrics.object.target.withAverageUtilization
withAverageUtilization(averageUtilization)
"averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type"
fn spec.provider.kubernetes.envoyHpa.metrics.object.target.withAverageValue
withAverageValue(averageValue)
"averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)"
fn spec.provider.kubernetes.envoyHpa.metrics.object.target.withType
withType(type)
"type represents whether the metric type is Utilization, Value, or AverageValue"
fn spec.provider.kubernetes.envoyHpa.metrics.object.target.withValue
withValue(value)
"value is the target value of the metric (as a quantity)."
obj spec.provider.kubernetes.envoyHpa.metrics.pods
"pods refers to a metric describing each pod in the current scale target\n(for example, transactions-processed-per-second). The values will be\naveraged together before being compared to the target value."
obj spec.provider.kubernetes.envoyHpa.metrics.pods.metric
"metric identifies the target metric by name and selector"
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.withName
withName(name)
"name is the name of the given metric"
obj spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector
"selector is the string-encoded form of a standard kubernetes label selector for the given metric\nWhen set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.\nWhen unset, just the metricName will be used to gather metrics."
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.withMatchExpressions
withMatchExpressions(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.withMatchExpressionsMixin
withMatchExpressionsMixin(matchExpressions)
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.withMatchLabels
withMatchLabels(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.withMatchLabelsMixin
withMatchLabelsMixin(matchLabels)
"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.matchExpressions
"matchExpressions is a list of label selector requirements. The requirements are ANDed."
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.matchExpressions.withKey
withKey(key)
"key is the label key that the selector applies to."
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.matchExpressions.withOperator
withOperator(operator)
"operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist."
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.matchExpressions.withValues
withValues(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
fn spec.provider.kubernetes.envoyHpa.metrics.pods.metric.selector.matchExpressions.withValuesMixin
withValuesMixin(values)
"values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch."
Note: This function appends passed data to existing values
obj spec.provider.kubernetes.envoyHpa.metrics.pods.target
"target specifies the target value for the given metric"
fn spec.provider.kubernetes.envoyHpa.metrics.pods.target.withAverageUtilization
withAverageUtilization(averageUtilization)
"averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type"
fn spec.provider.kubernetes.envoyHpa.metrics.pods.target.withAverageValue
withAverageValue(averageValue)
"averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)"
fn spec.provider.kubernetes.envoyHpa.metrics.pods.target.withType
withType(type)
"type represents whether the metric type is Utilization, Value, or AverageValue"
fn spec.provider.kubernetes.envoyHpa.metrics.pods.target.withValue
withValue(value)
"value is the target value of the metric (as a quantity)."
obj spec.provider.kubernetes.envoyHpa.metrics.resource
"resource refers to a resource metric (such as those specified in\nrequests and limits) known to Kubernetes describing each pod in the\ncurrent scale target (e.g. CPU or memory). Such metrics are built in to\nKubernetes, and have special scaling options on top of those available\nto normal per-pod metrics using the \"pods\" source."
fn spec.provider.kubernetes.envoyHpa.metrics.resource.withName
withName(name)
"name is the name of the resource in question."
obj spec.provider.kubernetes.envoyHpa.metrics.resource.target
"target specifies the target value for the given metric"
fn spec.provider.kubernetes.envoyHpa.metrics.resource.target.withAverageUtilization
withAverageUtilization(averageUtilization)
"averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type"
fn spec.provider.kubernetes.envoyHpa.metrics.resource.target.withAverageValue
withAverageValue(averageValue)
"averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)"
fn spec.provider.kubernetes.envoyHpa.metrics.resource.target.withType
withType(type)
"type represents whether the metric type is Utilization, Value, or AverageValue"
fn spec.provider.kubernetes.envoyHpa.metrics.resource.target.withValue
withValue(value)
"value is the target value of the metric (as a quantity)."
obj spec.provider.kubernetes.envoyPDB
"EnvoyPDB allows to control the pod disruption budget of an Envoy Proxy."
fn spec.provider.kubernetes.envoyPDB.withMinAvailable
withMinAvailable(minAvailable)
"MinAvailable specifies the minimum number of pods that must be available at all times during voluntary disruptions,\nsuch as node drains or updates. This setting ensures that your envoy proxy maintains a certain level of availability\nand resilience during maintenance operations."
obj spec.provider.kubernetes.envoyService
"EnvoyService defines the desired state of the Envoy service resource.\nIf unspecified, default settings for the managed Envoy service resource\nare applied."
fn spec.provider.kubernetes.envoyService.withAllocateLoadBalancerNodePorts
withAllocateLoadBalancerNodePorts(allocateLoadBalancerNodePorts)
"AllocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for\nservices with type LoadBalancer. Default is \"true\". It may be set to \"false\" if the cluster\nload-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a\nvalue), those requests will be respected, regardless of this field. This field may only be set for\nservices with type LoadBalancer and will be cleared if the type is changed to any other type."
fn spec.provider.kubernetes.envoyService.withAnnotations
withAnnotations(annotations)
"Annotations that should be appended to the service.\nBy default, no annotations are appended."
fn spec.provider.kubernetes.envoyService.withAnnotationsMixin
withAnnotationsMixin(annotations)
"Annotations that should be appended to the service.\nBy default, no annotations are appended."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyService.withExternalTrafficPolicy
withExternalTrafficPolicy(externalTrafficPolicy)
"ExternalTrafficPolicy determines the externalTrafficPolicy for the Envoy Service. Valid options\nare Local and Cluster. Default is \"Local\". \"Local\" means traffic will only go to pods on the node\nreceiving the traffic. \"Cluster\" means connections are loadbalanced to all pods in the cluster."
fn spec.provider.kubernetes.envoyService.withLabels
withLabels(labels)
"Labels that should be appended to the service.\nBy default, no labels are appended."
fn spec.provider.kubernetes.envoyService.withLabelsMixin
withLabelsMixin(labels)
"Labels that should be appended to the service.\nBy default, no labels are appended."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyService.withLoadBalancerClass
withLoadBalancerClass(loadBalancerClass)
"LoadBalancerClass, when specified, allows for choosing the LoadBalancer provider\nimplementation if more than one are available or is otherwise expected to be specified"
fn spec.provider.kubernetes.envoyService.withLoadBalancerIP
withLoadBalancerIP(loadBalancerIP)
"LoadBalancerIP defines the IP Address of the underlying load balancer service. This field\nmay be ignored if the load balancer provider does not support this feature.\nThis field has been deprecated in Kubernetes, but it is still used for setting the IP Address in some cloud\nproviders such as GCP."
fn spec.provider.kubernetes.envoyService.withLoadBalancerSourceRanges
withLoadBalancerSourceRanges(loadBalancerSourceRanges)
"LoadBalancerSourceRanges defines a list of allowed IP addresses which will be configured as\nfirewall rules on the platform providers load balancer. This is not guaranteed to be working as\nit happens outside of kubernetes and has to be supported and handled by the platform provider.\nThis field may only be set for services with type LoadBalancer and will be cleared if the type\nis changed to any other type."
fn spec.provider.kubernetes.envoyService.withLoadBalancerSourceRangesMixin
withLoadBalancerSourceRangesMixin(loadBalancerSourceRanges)
"LoadBalancerSourceRanges defines a list of allowed IP addresses which will be configured as\nfirewall rules on the platform providers load balancer. This is not guaranteed to be working as\nit happens outside of kubernetes and has to be supported and handled by the platform provider.\nThis field may only be set for services with type LoadBalancer and will be cleared if the type\nis changed to any other type."
Note: This function appends passed data to existing values
fn spec.provider.kubernetes.envoyService.withName
withName(name)
"Name of the service.\nWhen unset, this defaults to an autogenerated name."
fn spec.provider.kubernetes.envoyService.withType
withType(type)
"Type determines how the Service is exposed. Defaults to LoadBalancer.\nValid options are ClusterIP, LoadBalancer and NodePort.\n\"LoadBalancer\" means a service will be exposed via an external load balancer (if the cloud provider supports it).\n\"ClusterIP\" means a service will only be accessible inside the cluster, via the cluster IP.\n\"NodePort\" means a service will be exposed on a static Port on all Nodes of the cluster."
obj spec.provider.kubernetes.envoyService.patch
"Patch defines how to perform the patch operation to the service"
fn spec.provider.kubernetes.envoyService.patch.withType
withType(type)
"Type is the type of merge operation to perform\n\nBy default, StrategicMerge is used as the patch type."
fn spec.provider.kubernetes.envoyService.patch.withValue
withValue(value)
"Object contains the raw configuration for merged object"
obj spec.shutdown
"Shutdown defines configuration for graceful envoy shutdown process."
fn spec.shutdown.withDrainTimeout
withDrainTimeout(drainTimeout)
"DrainTimeout defines the graceful drain timeout. This should be less than the pod's terminationGracePeriodSeconds.\nIf unspecified, defaults to 60 seconds."
fn spec.shutdown.withMinDrainDuration
withMinDrainDuration(minDrainDuration)
"MinDrainDuration defines the minimum drain duration allowing time for endpoint deprogramming to complete.\nIf unspecified, defaults to 10 seconds."
obj spec.telemetry
"Telemetry defines telemetry parameters for managed proxies."
obj spec.telemetry.accessLog
"AccessLogs defines accesslog parameters for managed proxies.\nIf unspecified, will send default format to stdout."
fn spec.telemetry.accessLog.withDisable
withDisable(disable)
"Disable disables access logging for managed proxies if set to true."
fn spec.telemetry.accessLog.withSettings
withSettings(settings)
"Settings defines accesslog settings for managed proxies.\nIf unspecified, will send default format to stdout."
fn spec.telemetry.accessLog.withSettingsMixin
withSettingsMixin(settings)
"Settings defines accesslog settings for managed proxies.\nIf unspecified, will send default format to stdout."
Note: This function appends passed data to existing values
obj spec.telemetry.accessLog.settings
"Settings defines accesslog settings for managed proxies.\nIf unspecified, will send default format to stdout."
fn spec.telemetry.accessLog.settings.withMatches
withMatches(matches)
"Matches defines the match conditions for accesslog in CEL expression.\nAn accesslog will be emitted only when one or more match conditions are evaluated to true.\nInvalid CEL expressions will be ignored."
fn spec.telemetry.accessLog.settings.withMatchesMixin
withMatchesMixin(matches)
"Matches defines the match conditions for accesslog in CEL expression.\nAn accesslog will be emitted only when one or more match conditions are evaluated to true.\nInvalid CEL expressions will be ignored."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.withSinks
withSinks(sinks)
"Sinks defines the sinks of accesslog."
fn spec.telemetry.accessLog.settings.withSinksMixin
withSinksMixin(sinks)
"Sinks defines the sinks of accesslog."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.withType
withType(type)
"Type defines the component emitting the accesslog, such as Listener and Route.\nIf type not defined, the setting would apply to:\n(1) All Routes.\n(2) Listeners if and only if Envoy does not find a matching route for a request.\nIf type is defined, the accesslog settings would apply to the relevant component (as-is)."
obj spec.telemetry.accessLog.settings.format
"Format defines the format of accesslog.\nThis will be ignored if sink type is ALS."
fn spec.telemetry.accessLog.settings.format.withJson
withJson(json)
"JSON is additional attributes that describe the specific event occurrence.\nStructured format for the envoy access logs. Envoy command operators\ncan be used as values for fields within the Struct.\nIt's required when the format type is \"JSON\"."
fn spec.telemetry.accessLog.settings.format.withJsonMixin
withJsonMixin(json)
"JSON is additional attributes that describe the specific event occurrence.\nStructured format for the envoy access logs. Envoy command operators\ncan be used as values for fields within the Struct.\nIt's required when the format type is \"JSON\"."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.format.withText
withText(text)
"Text defines the text accesslog format, following Envoy accesslog formatting,\nIt's required when the format type is \"Text\".\nEnvoy command operators may be used in the format.\nThe format string documentation provides more information."
fn spec.telemetry.accessLog.settings.format.withType
withType(type)
"Type defines the type of accesslog format."
obj spec.telemetry.accessLog.settings.sinks
"Sinks defines the sinks of accesslog."
fn spec.telemetry.accessLog.settings.sinks.withType
withType(type)
"Type defines the type of accesslog sink."
obj spec.telemetry.accessLog.settings.sinks.als
"ALS defines the gRPC Access Log Service (ALS) sink."
fn spec.telemetry.accessLog.settings.sinks.als.withBackendRefs
withBackendRefs(backendRefs)
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
fn spec.telemetry.accessLog.settings.sinks.als.withBackendRefsMixin
withBackendRefsMixin(backendRefs)
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.als.withLogName
withLogName(logName)
"LogName defines the friendly name of the access log to be returned in\nStreamAccessLogsMessage.Identifier. This allows the access log server\nto differentiate between different access logs coming from the same Envoy."
fn spec.telemetry.accessLog.settings.sinks.als.withType
withType(type)
"Type defines the type of accesslog. Supported types are \"HTTP\" and \"TCP\"."
obj spec.telemetry.accessLog.settings.sinks.als.backendRef
"BackendRef references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent.\n\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.accessLog.settings.sinks.als.backendRef.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.telemetry.accessLog.settings.sinks.als.backendRef.withKind
withKind(kind)
"Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)"
fn spec.telemetry.accessLog.settings.sinks.als.backendRef.withName
withName(name)
"Name is the name of the referent."
fn spec.telemetry.accessLog.settings.sinks.als.backendRef.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
fn spec.telemetry.accessLog.settings.sinks.als.backendRef.withPort
withPort(port)
"Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field."
obj spec.telemetry.accessLog.settings.sinks.als.backendRefs
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
fn spec.telemetry.accessLog.settings.sinks.als.backendRefs.withFallback
withFallback(fallback)
"Fallback indicates whether the backend is designated as a fallback.\nMultiple fallback backends can be configured.\nIt is highly recommended to configure active or passive health checks to ensure that failover can be detected\nwhen the active backends become unhealthy and to automatically readjust once the primary backends are healthy again.\nThe overprovisioning factor is set to 1.4, meaning the fallback backends will only start receiving traffic when\nthe health of the active backends falls below 72%."
fn spec.telemetry.accessLog.settings.sinks.als.backendRefs.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.telemetry.accessLog.settings.sinks.als.backendRefs.withKind
withKind(kind)
"Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)"
fn spec.telemetry.accessLog.settings.sinks.als.backendRefs.withName
withName(name)
"Name is the name of the referent."
fn spec.telemetry.accessLog.settings.sinks.als.backendRefs.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
fn spec.telemetry.accessLog.settings.sinks.als.backendRefs.withPort
withPort(port)
"Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings
"BackendSettings holds configuration for managing the connection\nto the backend."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.circuitBreaker
"Circuit Breaker settings for the upstream connections and requests.\nIf not set, circuit breakers will be enabled with the default thresholds"
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.circuitBreaker.withMaxConnections
withMaxConnections(maxConnections)
"The maximum number of connections that Envoy will establish to the referenced backend defined within a xRoute rule."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.circuitBreaker.withMaxParallelRequests
withMaxParallelRequests(maxParallelRequests)
"The maximum number of parallel requests that Envoy will make to the referenced backend defined within a xRoute rule."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.circuitBreaker.withMaxParallelRetries
withMaxParallelRetries(maxParallelRetries)
"The maximum number of parallel retries that Envoy will make to the referenced backend defined within a xRoute rule."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.circuitBreaker.withMaxPendingRequests
withMaxPendingRequests(maxPendingRequests)
"The maximum number of pending requests that Envoy will queue to the referenced backend defined within a xRoute rule."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.circuitBreaker.withMaxRequestsPerConnection
withMaxRequestsPerConnection(maxRequestsPerConnection)
"The maximum number of requests that Envoy will make over a single connection to the referenced backend defined within a xRoute rule.\nDefault: unlimited."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.connection
"Connection includes backend connection settings."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.connection.withBufferLimit
withBufferLimit(bufferLimit)
"BufferLimit Soft limit on size of the cluster’s connections read and write buffers.\nBufferLimit applies to connection streaming (maybe non-streaming) channel between processes, it's in user space.\nIf unspecified, an implementation defined default is applied (32768 bytes).\nFor example, 20Mi, 1Gi, 256Ki etc.\nNote: that when the suffix is not provided, the value is interpreted as bytes."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.connection.withSocketBufferLimit
withSocketBufferLimit(socketBufferLimit)
"SocketBufferLimit provides configuration for the maximum buffer size in bytes for each socket\nto backend.\nSocketBufferLimit applies to socket streaming channel between TCP/IP stacks, it's in kernel space.\nFor example, 20Mi, 1Gi, 256Ki etc.\nNote that when the suffix is not provided, the value is interpreted as bytes."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.dns
"DNS includes dns resolution settings."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.dns.withDnsRefreshRate
withDnsRefreshRate(dnsRefreshRate)
"DNSRefreshRate specifies the rate at which DNS records should be refreshed.\nDefaults to 30 seconds."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.dns.withRespectDnsTtl
withRespectDnsTtl(respectDnsTtl)
"RespectDNSTTL indicates whether the DNS Time-To-Live (TTL) should be respected.\nIf the value is set to true, the DNS refresh rate will be set to the resource record’s TTL.\nDefaults to true."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck
"HealthCheck allows gateway to perform active health checking on backends."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active
"Active health check configuration"
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.withHealthyThreshold
withHealthyThreshold(healthyThreshold)
"HealthyThreshold defines the number of healthy health checks required before a backend host is marked healthy."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.withInterval
withInterval(interval)
"Interval defines the time between active health checks."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.withTimeout
withTimeout(timeout)
"Timeout defines the time to wait for a health check response."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.withType
withType(type)
"Type defines the type of health checker."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.withUnhealthyThreshold
withUnhealthyThreshold(unhealthyThreshold)
"UnhealthyThreshold defines the number of unhealthy health checks required before a backend host is marked unhealthy."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.grpc
"GRPC defines the configuration of the GRPC health checker.\nIt's optional, and can only be used if the specified type is GRPC."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.grpc.withService
withService(service)
"Service to send in the health check request.\nIf this is not specified, then the health check request applies to the entire\nserver and not to a specific service."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http
"HTTP defines the configuration of http health checker.\nIt's required while the health checker type is HTTP."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http.withExpectedStatuses
withExpectedStatuses(expectedStatuses)
"ExpectedStatuses defines a list of HTTP response statuses considered healthy.\nDefaults to 200 only"
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http.withExpectedStatusesMixin
withExpectedStatusesMixin(expectedStatuses)
"ExpectedStatuses defines a list of HTTP response statuses considered healthy.\nDefaults to 200 only"
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http.withMethod
withMethod(method)
"Method defines the HTTP method used for health checking.\nDefaults to GET"
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http.withPath
withPath(path)
"Path defines the HTTP path that will be requested during health checking."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http.expectedResponse
"ExpectedResponse defines a list of HTTP expected responses to match."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http.expectedResponse.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http.expectedResponse.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.http.expectedResponse.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp
"TCP defines the configuration of tcp health checker.\nIt's required while the health checker type is TCP."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp.receive
"Receive defines the expected response payload."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp.receive.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp.receive.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp.receive.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp.send
"Send defines the request payload."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp.send.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp.send.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.active.tcp.send.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive
"Passive passive check configuration"
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive.withBaseEjectionTime
withBaseEjectionTime(baseEjectionTime)
"BaseEjectionTime defines the base duration for which a host will be ejected on consecutive failures."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive.withConsecutive5XxErrors
withConsecutive5XxErrors(consecutive5XxErrors)
"Consecutive5xxErrors sets the number of consecutive 5xx errors triggering ejection."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive.withConsecutiveGatewayErrors
withConsecutiveGatewayErrors(consecutiveGatewayErrors)
"ConsecutiveGatewayErrors sets the number of consecutive gateway errors triggering ejection."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive.withConsecutiveLocalOriginFailures
withConsecutiveLocalOriginFailures(consecutiveLocalOriginFailures)
"ConsecutiveLocalOriginFailures sets the number of consecutive local origin failures triggering ejection.\nParameter takes effect only when split_external_local_origin_errors is set to true."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive.withInterval
withInterval(interval)
"Interval defines the time between passive health checks."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive.withMaxEjectionPercent
withMaxEjectionPercent(maxEjectionPercent)
"MaxEjectionPercent sets the maximum percentage of hosts in a cluster that can be ejected."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.healthCheck.passive.withSplitExternalLocalOriginErrors
withSplitExternalLocalOriginErrors(splitExternalLocalOriginErrors)
"SplitExternalLocalOriginErrors enables splitting of errors between external and local origin."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.http2
"HTTP2 provides HTTP/2 configuration for backend connections."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.http2.withInitialConnectionWindowSize
withInitialConnectionWindowSize(initialConnectionWindowSize)
"InitialConnectionWindowSize sets the initial window size for HTTP/2 connections.\nIf not set, the default value is 1 MiB."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.http2.withInitialStreamWindowSize
withInitialStreamWindowSize(initialStreamWindowSize)
"InitialStreamWindowSize sets the initial window size for HTTP/2 streams.\nIf not set, the default value is 64 KiB(64*1024)."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.http2.withMaxConcurrentStreams
withMaxConcurrentStreams(maxConcurrentStreams)
"MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection.\nIf not set, the default value is 100."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.http2.withOnInvalidMessage
withOnInvalidMessage(onInvalidMessage)
"OnInvalidMessage determines if Envoy will terminate the connection or just the offending stream in the event of HTTP messaging error\nIt's recommended for L2 Envoy deployments to set this value to TerminateStream.\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/best_practices/level_two\nDefault: TerminateConnection"
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer
"LoadBalancer policy to apply when routing traffic from the gateway to\nthe backend endpoints. Defaults to LeastRequest
."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.withType
withType(type)
"Type decides the type of Load Balancer policy.\nValid LoadBalancerType values are\n\"ConsistentHash\",\n\"LeastRequest\",\n\"Random\",\n\"RoundRobin\"."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash
"ConsistentHash defines the configuration when the load balancer type is\nset to ConsistentHash"
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.withTableSize
withTableSize(tableSize)
"The table size for consistent hashing, must be prime number limited to 5000011."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.withType
withType(type)
"ConsistentHashType defines the type of input to hash on. Valid Type values are\n\"SourceIP\",\n\"Header\",\n\"Cookie\"."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.cookie
"Cookie configures the cookie hash policy when the consistent hash type is set to Cookie."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.cookie.withAttributes
withAttributes(attributes)
"Additional Attributes to set for the generated cookie."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.cookie.withAttributesMixin
withAttributesMixin(attributes)
"Additional Attributes to set for the generated cookie."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.cookie.withName
withName(name)
"Name of the cookie to hash.\nIf this cookie does not exist in the request, Envoy will generate a cookie and set\nthe TTL on the response back to the client based on Layer 4\nattributes of the backend endpoint, to ensure that these future requests\ngo to the same backend endpoint. Make sure to set the TTL field for this case."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.cookie.withTtl
withTtl(ttl)
"TTL of the generated cookie if the cookie is not present. This value sets the\nMax-Age attribute value."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.header
"Header configures the header hash policy when the consistent hash type is set to Header."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.consistentHash.header.withName
withName(name)
"Name of the header to hash."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.slowStart
"SlowStart defines the configuration related to the slow start load balancer policy.\nIf set, during slow start window, traffic sent to the newly added hosts will gradually increase.\nCurrently this is only supported for RoundRobin and LeastRequest load balancers"
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.loadBalancer.slowStart.withWindow
withWindow(window)
"Window defines the duration of the warm up period for newly added host.\nDuring slow start window, traffic sent to the newly added hosts will gradually increase.\nCurrently only supports linear growth of traffic. For additional details,\nsee https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#config-cluster-v3-cluster-slowstartconfig"
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.proxyProtocol
"ProxyProtocol enables the Proxy Protocol when communicating with the backend."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.proxyProtocol.withVersion
withVersion(version)
"Version of ProxyProtol\nValid ProxyProtocolVersion values are\n\"V1\"\n\"V2\
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry
"Retry provides more advanced usage, allowing users to customize the number of retries, retry fallback strategy, and retry triggering conditions.\nIf not set, retry will be disabled."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.withNumRetries
withNumRetries(numRetries)
"NumRetries is the number of retries to be attempted. Defaults to 2."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.perRetry
"PerRetry is the retry policy to be applied per retry attempt."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.perRetry.withTimeout
withTimeout(timeout)
"Timeout is the timeout per retry attempt."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.perRetry.backOff
"Backoff is the backoff policy to be applied per retry attempt. gateway uses a fully jittered exponential\nback-off algorithm for retries. For additional details,\nsee https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#config-http-filters-router-x-envoy-max-retries"
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.perRetry.backOff.withBaseInterval
withBaseInterval(baseInterval)
"BaseInterval is the base interval between retries."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.perRetry.backOff.withMaxInterval
withMaxInterval(maxInterval)
"MaxInterval is the maximum interval between retries. This parameter is optional, but must be greater than or equal to the base_interval if set.\nThe default is 10 times the base_interval"
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.retryOn
"RetryOn specifies the retry trigger condition.\n\nIf not specified, the default is to retry on connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes(503)."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.retryOn.withHttpStatusCodes
withHttpStatusCodes(httpStatusCodes)
"HttpStatusCodes specifies the http status codes to be retried.\nThe retriable-status-codes trigger must also be configured for these status codes to trigger a retry."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.retryOn.withHttpStatusCodesMixin
withHttpStatusCodesMixin(httpStatusCodes)
"HttpStatusCodes specifies the http status codes to be retried.\nThe retriable-status-codes trigger must also be configured for these status codes to trigger a retry."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.retryOn.withTriggers
withTriggers(triggers)
"Triggers specifies the retry trigger condition(Http/Grpc)."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.retry.retryOn.withTriggersMixin
withTriggersMixin(triggers)
"Triggers specifies the retry trigger condition(Http/Grpc)."
Note: This function appends passed data to existing values
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.tcpKeepalive
"TcpKeepalive settings associated with the upstream client connection.\nDisabled by default."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.tcpKeepalive.withIdleTime
withIdleTime(idleTime)
"The duration a connection needs to be idle before keep-alive\nprobes start being sent.\nThe duration format is\nDefaults to 7200s
."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.tcpKeepalive.withInterval
withInterval(interval)
"The duration between keep-alive probes.\nDefaults to 75s
."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.tcpKeepalive.withProbes
withProbes(probes)
"The total number of unacknowledged probes to send before deciding\nthe connection is dead.\nDefaults to 9."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.timeout
"Timeout settings for the backend connections."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.timeout.http
"Timeout settings for HTTP."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.timeout.http.withConnectionIdleTimeout
withConnectionIdleTimeout(connectionIdleTimeout)
"The idle timeout for an HTTP connection. Idle time is defined as a period in which there are no active requests in the connection.\nDefault: 1 hour."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.timeout.http.withMaxConnectionDuration
withMaxConnectionDuration(maxConnectionDuration)
"The maximum duration of an HTTP connection.\nDefault: unlimited."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.timeout.http.withRequestTimeout
withRequestTimeout(requestTimeout)
"RequestTimeout is the time until which entire response is received from the upstream."
obj spec.telemetry.accessLog.settings.sinks.als.backendSettings.timeout.tcp
"Timeout settings for TCP."
fn spec.telemetry.accessLog.settings.sinks.als.backendSettings.timeout.tcp.withConnectTimeout
withConnectTimeout(connectTimeout)
"The timeout for network connection establishment, including TCP and TLS handshakes.\nDefault: 10 seconds."
obj spec.telemetry.accessLog.settings.sinks.als.http
"HTTP defines additional configuration specific to HTTP access logs."
fn spec.telemetry.accessLog.settings.sinks.als.http.withRequestHeaders
withRequestHeaders(requestHeaders)
"RequestHeaders defines request headers to include in log entries sent to the access log service."
fn spec.telemetry.accessLog.settings.sinks.als.http.withRequestHeadersMixin
withRequestHeadersMixin(requestHeaders)
"RequestHeaders defines request headers to include in log entries sent to the access log service."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.als.http.withResponseHeaders
withResponseHeaders(responseHeaders)
"ResponseHeaders defines response headers to include in log entries sent to the access log service."
fn spec.telemetry.accessLog.settings.sinks.als.http.withResponseHeadersMixin
withResponseHeadersMixin(responseHeaders)
"ResponseHeaders defines response headers to include in log entries sent to the access log service."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.als.http.withResponseTrailers
withResponseTrailers(responseTrailers)
"ResponseTrailers defines response trailers to include in log entries sent to the access log service."
fn spec.telemetry.accessLog.settings.sinks.als.http.withResponseTrailersMixin
withResponseTrailersMixin(responseTrailers)
"ResponseTrailers defines response trailers to include in log entries sent to the access log service."
Note: This function appends passed data to existing values
obj spec.telemetry.accessLog.settings.sinks.file
"File defines the file accesslog sink."
fn spec.telemetry.accessLog.settings.sinks.file.withPath
withPath(path)
"Path defines the file path used to expose envoy access log(e.g. /dev/stdout)."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry
"OpenTelemetry defines the OpenTelemetry accesslog sink."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.withBackendRefs
withBackendRefs(backendRefs)
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.withBackendRefsMixin
withBackendRefsMixin(backendRefs)
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.withHost
withHost(host)
"Host define the extension service hostname.\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.withPort
withPort(port)
"Port defines the port the extension service is exposed on.\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.withResources
withResources(resources)
"Resources is a set of labels that describe the source of a log entry, including envoy node info.\nIt's recommended to follow semantic conventions."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.withResourcesMixin
withResourcesMixin(resources)
"Resources is a set of labels that describe the source of a log entry, including envoy node info.\nIt's recommended to follow semantic conventions."
Note: This function appends passed data to existing values
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRef
"BackendRef references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent.\n\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRef.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRef.withKind
withKind(kind)
"Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRef.withName
withName(name)
"Name is the name of the referent."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRef.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRef.withPort
withPort(port)
"Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRefs
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRefs.withFallback
withFallback(fallback)
"Fallback indicates whether the backend is designated as a fallback.\nMultiple fallback backends can be configured.\nIt is highly recommended to configure active or passive health checks to ensure that failover can be detected\nwhen the active backends become unhealthy and to automatically readjust once the primary backends are healthy again.\nThe overprovisioning factor is set to 1.4, meaning the fallback backends will only start receiving traffic when\nthe health of the active backends falls below 72%."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRefs.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRefs.withKind
withKind(kind)
"Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRefs.withName
withName(name)
"Name is the name of the referent."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRefs.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendRefs.withPort
withPort(port)
"Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings
"BackendSettings holds configuration for managing the connection\nto the backend."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.circuitBreaker
"Circuit Breaker settings for the upstream connections and requests.\nIf not set, circuit breakers will be enabled with the default thresholds"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxConnections
withMaxConnections(maxConnections)
"The maximum number of connections that Envoy will establish to the referenced backend defined within a xRoute rule."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxParallelRequests
withMaxParallelRequests(maxParallelRequests)
"The maximum number of parallel requests that Envoy will make to the referenced backend defined within a xRoute rule."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxParallelRetries
withMaxParallelRetries(maxParallelRetries)
"The maximum number of parallel retries that Envoy will make to the referenced backend defined within a xRoute rule."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxPendingRequests
withMaxPendingRequests(maxPendingRequests)
"The maximum number of pending requests that Envoy will queue to the referenced backend defined within a xRoute rule."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxRequestsPerConnection
withMaxRequestsPerConnection(maxRequestsPerConnection)
"The maximum number of requests that Envoy will make over a single connection to the referenced backend defined within a xRoute rule.\nDefault: unlimited."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.connection
"Connection includes backend connection settings."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.connection.withBufferLimit
withBufferLimit(bufferLimit)
"BufferLimit Soft limit on size of the cluster’s connections read and write buffers.\nBufferLimit applies to connection streaming (maybe non-streaming) channel between processes, it's in user space.\nIf unspecified, an implementation defined default is applied (32768 bytes).\nFor example, 20Mi, 1Gi, 256Ki etc.\nNote: that when the suffix is not provided, the value is interpreted as bytes."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.connection.withSocketBufferLimit
withSocketBufferLimit(socketBufferLimit)
"SocketBufferLimit provides configuration for the maximum buffer size in bytes for each socket\nto backend.\nSocketBufferLimit applies to socket streaming channel between TCP/IP stacks, it's in kernel space.\nFor example, 20Mi, 1Gi, 256Ki etc.\nNote that when the suffix is not provided, the value is interpreted as bytes."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.dns
"DNS includes dns resolution settings."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.dns.withDnsRefreshRate
withDnsRefreshRate(dnsRefreshRate)
"DNSRefreshRate specifies the rate at which DNS records should be refreshed.\nDefaults to 30 seconds."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.dns.withRespectDnsTtl
withRespectDnsTtl(respectDnsTtl)
"RespectDNSTTL indicates whether the DNS Time-To-Live (TTL) should be respected.\nIf the value is set to true, the DNS refresh rate will be set to the resource record’s TTL.\nDefaults to true."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck
"HealthCheck allows gateway to perform active health checking on backends."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active
"Active health check configuration"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.withHealthyThreshold
withHealthyThreshold(healthyThreshold)
"HealthyThreshold defines the number of healthy health checks required before a backend host is marked healthy."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.withInterval
withInterval(interval)
"Interval defines the time between active health checks."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.withTimeout
withTimeout(timeout)
"Timeout defines the time to wait for a health check response."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.withType
withType(type)
"Type defines the type of health checker."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.withUnhealthyThreshold
withUnhealthyThreshold(unhealthyThreshold)
"UnhealthyThreshold defines the number of unhealthy health checks required before a backend host is marked unhealthy."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.grpc
"GRPC defines the configuration of the GRPC health checker.\nIt's optional, and can only be used if the specified type is GRPC."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.grpc.withService
withService(service)
"Service to send in the health check request.\nIf this is not specified, then the health check request applies to the entire\nserver and not to a specific service."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http
"HTTP defines the configuration of http health checker.\nIt's required while the health checker type is HTTP."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http.withExpectedStatuses
withExpectedStatuses(expectedStatuses)
"ExpectedStatuses defines a list of HTTP response statuses considered healthy.\nDefaults to 200 only"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http.withExpectedStatusesMixin
withExpectedStatusesMixin(expectedStatuses)
"ExpectedStatuses defines a list of HTTP response statuses considered healthy.\nDefaults to 200 only"
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http.withMethod
withMethod(method)
"Method defines the HTTP method used for health checking.\nDefaults to GET"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http.withPath
withPath(path)
"Path defines the HTTP path that will be requested during health checking."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http.expectedResponse
"ExpectedResponse defines a list of HTTP expected responses to match."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http.expectedResponse.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http.expectedResponse.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.http.expectedResponse.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp
"TCP defines the configuration of tcp health checker.\nIt's required while the health checker type is TCP."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.receive
"Receive defines the expected response payload."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.receive.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.receive.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.receive.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.send
"Send defines the request payload."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.send.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.send.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.send.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive
"Passive passive check configuration"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive.withBaseEjectionTime
withBaseEjectionTime(baseEjectionTime)
"BaseEjectionTime defines the base duration for which a host will be ejected on consecutive failures."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive.withConsecutive5XxErrors
withConsecutive5XxErrors(consecutive5XxErrors)
"Consecutive5xxErrors sets the number of consecutive 5xx errors triggering ejection."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive.withConsecutiveGatewayErrors
withConsecutiveGatewayErrors(consecutiveGatewayErrors)
"ConsecutiveGatewayErrors sets the number of consecutive gateway errors triggering ejection."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive.withConsecutiveLocalOriginFailures
withConsecutiveLocalOriginFailures(consecutiveLocalOriginFailures)
"ConsecutiveLocalOriginFailures sets the number of consecutive local origin failures triggering ejection.\nParameter takes effect only when split_external_local_origin_errors is set to true."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive.withInterval
withInterval(interval)
"Interval defines the time between passive health checks."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive.withMaxEjectionPercent
withMaxEjectionPercent(maxEjectionPercent)
"MaxEjectionPercent sets the maximum percentage of hosts in a cluster that can be ejected."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.healthCheck.passive.withSplitExternalLocalOriginErrors
withSplitExternalLocalOriginErrors(splitExternalLocalOriginErrors)
"SplitExternalLocalOriginErrors enables splitting of errors between external and local origin."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.http2
"HTTP2 provides HTTP/2 configuration for backend connections."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.http2.withInitialConnectionWindowSize
withInitialConnectionWindowSize(initialConnectionWindowSize)
"InitialConnectionWindowSize sets the initial window size for HTTP/2 connections.\nIf not set, the default value is 1 MiB."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.http2.withInitialStreamWindowSize
withInitialStreamWindowSize(initialStreamWindowSize)
"InitialStreamWindowSize sets the initial window size for HTTP/2 streams.\nIf not set, the default value is 64 KiB(64*1024)."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.http2.withMaxConcurrentStreams
withMaxConcurrentStreams(maxConcurrentStreams)
"MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection.\nIf not set, the default value is 100."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.http2.withOnInvalidMessage
withOnInvalidMessage(onInvalidMessage)
"OnInvalidMessage determines if Envoy will terminate the connection or just the offending stream in the event of HTTP messaging error\nIt's recommended for L2 Envoy deployments to set this value to TerminateStream.\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/best_practices/level_two\nDefault: TerminateConnection"
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer
"LoadBalancer policy to apply when routing traffic from the gateway to\nthe backend endpoints. Defaults to LeastRequest
."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.withType
withType(type)
"Type decides the type of Load Balancer policy.\nValid LoadBalancerType values are\n\"ConsistentHash\",\n\"LeastRequest\",\n\"Random\",\n\"RoundRobin\"."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash
"ConsistentHash defines the configuration when the load balancer type is\nset to ConsistentHash"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.withTableSize
withTableSize(tableSize)
"The table size for consistent hashing, must be prime number limited to 5000011."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.withType
withType(type)
"ConsistentHashType defines the type of input to hash on. Valid Type values are\n\"SourceIP\",\n\"Header\",\n\"Cookie\"."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie
"Cookie configures the cookie hash policy when the consistent hash type is set to Cookie."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie.withAttributes
withAttributes(attributes)
"Additional Attributes to set for the generated cookie."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie.withAttributesMixin
withAttributesMixin(attributes)
"Additional Attributes to set for the generated cookie."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie.withName
withName(name)
"Name of the cookie to hash.\nIf this cookie does not exist in the request, Envoy will generate a cookie and set\nthe TTL on the response back to the client based on Layer 4\nattributes of the backend endpoint, to ensure that these future requests\ngo to the same backend endpoint. Make sure to set the TTL field for this case."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie.withTtl
withTtl(ttl)
"TTL of the generated cookie if the cookie is not present. This value sets the\nMax-Age attribute value."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.header
"Header configures the header hash policy when the consistent hash type is set to Header."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.header.withName
withName(name)
"Name of the header to hash."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.slowStart
"SlowStart defines the configuration related to the slow start load balancer policy.\nIf set, during slow start window, traffic sent to the newly added hosts will gradually increase.\nCurrently this is only supported for RoundRobin and LeastRequest load balancers"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.loadBalancer.slowStart.withWindow
withWindow(window)
"Window defines the duration of the warm up period for newly added host.\nDuring slow start window, traffic sent to the newly added hosts will gradually increase.\nCurrently only supports linear growth of traffic. For additional details,\nsee https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#config-cluster-v3-cluster-slowstartconfig"
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.proxyProtocol
"ProxyProtocol enables the Proxy Protocol when communicating with the backend."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.proxyProtocol.withVersion
withVersion(version)
"Version of ProxyProtol\nValid ProxyProtocolVersion values are\n\"V1\"\n\"V2\
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry
"Retry provides more advanced usage, allowing users to customize the number of retries, retry fallback strategy, and retry triggering conditions.\nIf not set, retry will be disabled."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.withNumRetries
withNumRetries(numRetries)
"NumRetries is the number of retries to be attempted. Defaults to 2."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.perRetry
"PerRetry is the retry policy to be applied per retry attempt."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.perRetry.withTimeout
withTimeout(timeout)
"Timeout is the timeout per retry attempt."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.perRetry.backOff
"Backoff is the backoff policy to be applied per retry attempt. gateway uses a fully jittered exponential\nback-off algorithm for retries. For additional details,\nsee https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#config-http-filters-router-x-envoy-max-retries"
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.perRetry.backOff.withBaseInterval
withBaseInterval(baseInterval)
"BaseInterval is the base interval between retries."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.perRetry.backOff.withMaxInterval
withMaxInterval(maxInterval)
"MaxInterval is the maximum interval between retries. This parameter is optional, but must be greater than or equal to the base_interval if set.\nThe default is 10 times the base_interval"
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.retryOn
"RetryOn specifies the retry trigger condition.\n\nIf not specified, the default is to retry on connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes(503)."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.retryOn.withHttpStatusCodes
withHttpStatusCodes(httpStatusCodes)
"HttpStatusCodes specifies the http status codes to be retried.\nThe retriable-status-codes trigger must also be configured for these status codes to trigger a retry."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.retryOn.withHttpStatusCodesMixin
withHttpStatusCodesMixin(httpStatusCodes)
"HttpStatusCodes specifies the http status codes to be retried.\nThe retriable-status-codes trigger must also be configured for these status codes to trigger a retry."
Note: This function appends passed data to existing values
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.retryOn.withTriggers
withTriggers(triggers)
"Triggers specifies the retry trigger condition(Http/Grpc)."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.retry.retryOn.withTriggersMixin
withTriggersMixin(triggers)
"Triggers specifies the retry trigger condition(Http/Grpc)."
Note: This function appends passed data to existing values
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.tcpKeepalive
"TcpKeepalive settings associated with the upstream client connection.\nDisabled by default."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.tcpKeepalive.withIdleTime
withIdleTime(idleTime)
"The duration a connection needs to be idle before keep-alive\nprobes start being sent.\nThe duration format is\nDefaults to 7200s
."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.tcpKeepalive.withInterval
withInterval(interval)
"The duration between keep-alive probes.\nDefaults to 75s
."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.tcpKeepalive.withProbes
withProbes(probes)
"The total number of unacknowledged probes to send before deciding\nthe connection is dead.\nDefaults to 9."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.timeout
"Timeout settings for the backend connections."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.timeout.http
"Timeout settings for HTTP."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.timeout.http.withConnectionIdleTimeout
withConnectionIdleTimeout(connectionIdleTimeout)
"The idle timeout for an HTTP connection. Idle time is defined as a period in which there are no active requests in the connection.\nDefault: 1 hour."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.timeout.http.withMaxConnectionDuration
withMaxConnectionDuration(maxConnectionDuration)
"The maximum duration of an HTTP connection.\nDefault: unlimited."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.timeout.http.withRequestTimeout
withRequestTimeout(requestTimeout)
"RequestTimeout is the time until which entire response is received from the upstream."
obj spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.timeout.tcp
"Timeout settings for TCP."
fn spec.telemetry.accessLog.settings.sinks.openTelemetry.backendSettings.timeout.tcp.withConnectTimeout
withConnectTimeout(connectTimeout)
"The timeout for network connection establishment, including TCP and TLS handshakes.\nDefault: 10 seconds."
obj spec.telemetry.metrics
"Metrics defines metrics configuration for managed proxies."
fn spec.telemetry.metrics.withEnablePerEndpointStats
withEnablePerEndpointStats(enablePerEndpointStats)
"EnablePerEndpointStats enables per endpoint envoy stats metrics.\nPlease use with caution."
fn spec.telemetry.metrics.withEnableRequestResponseSizesStats
withEnableRequestResponseSizesStats(enableRequestResponseSizesStats)
"EnableRequestResponseSizesStats enables publishing of histograms tracking header and body sizes of requests and responses."
fn spec.telemetry.metrics.withEnableVirtualHostStats
withEnableVirtualHostStats(enableVirtualHostStats)
"EnableVirtualHostStats enables envoy stat metrics for virtual hosts."
fn spec.telemetry.metrics.withMatches
withMatches(matches)
"Matches defines configuration for selecting specific metrics instead of generating all metrics stats\nthat are enabled by default. This helps reduce CPU and memory overhead in Envoy, but eliminating some stats\nmay after critical functionality. Here are the stats that we strongly recommend not disabling:\ncluster_manager.warming_clusters
, cluster.<cluster_name>.membership_total
,cluster.<cluster_name>.membership_healthy
,\ncluster.<cluster_name>.membership_degraded
,reference https://github.com/envoyproxy/envoy/issues/9856,\nhttps://github.com/envoyproxy/envoy/issues/14610"
fn spec.telemetry.metrics.withMatchesMixin
withMatchesMixin(matches)
"Matches defines configuration for selecting specific metrics instead of generating all metrics stats\nthat are enabled by default. This helps reduce CPU and memory overhead in Envoy, but eliminating some stats\nmay after critical functionality. Here are the stats that we strongly recommend not disabling:\ncluster_manager.warming_clusters
, cluster.<cluster_name>.membership_total
,cluster.<cluster_name>.membership_healthy
,\ncluster.<cluster_name>.membership_degraded
,reference https://github.com/envoyproxy/envoy/issues/9856,\nhttps://github.com/envoyproxy/envoy/issues/14610"
Note: This function appends passed data to existing values
fn spec.telemetry.metrics.withSinks
withSinks(sinks)
"Sinks defines the metric sinks where metrics are sent to."
fn spec.telemetry.metrics.withSinksMixin
withSinksMixin(sinks)
"Sinks defines the metric sinks where metrics are sent to."
Note: This function appends passed data to existing values
obj spec.telemetry.metrics.matches
"Matches defines configuration for selecting specific metrics instead of generating all metrics stats\nthat are enabled by default. This helps reduce CPU and memory overhead in Envoy, but eliminating some stats\nmay after critical functionality. Here are the stats that we strongly recommend not disabling:\ncluster_manager.warming_clusters
, cluster.<cluster_name>.membership_total
,cluster.<cluster_name>.membership_healthy
,\ncluster.<cluster_name>.membership_degraded
,reference https://github.com/envoyproxy/envoy/issues/9856,\nhttps://github.com/envoyproxy/envoy/issues/14610"
fn spec.telemetry.metrics.matches.withType
withType(type)
"Type specifies how to match against a string."
fn spec.telemetry.metrics.matches.withValue
withValue(value)
"Value specifies the string value that the match must have."
obj spec.telemetry.metrics.prometheus
"Prometheus defines the configuration for Admin endpoint /stats/prometheus
."
fn spec.telemetry.metrics.prometheus.withDisable
withDisable(disable)
"Disable the Prometheus endpoint."
obj spec.telemetry.metrics.prometheus.compression
"Configure the compression on Prometheus endpoint. Compression is useful in situations when bandwidth is scarce and large payloads can be effectively compressed at the expense of higher CPU load."
fn spec.telemetry.metrics.prometheus.compression.withGzip
withGzip(gzip)
"The configuration for GZIP compressor."
fn spec.telemetry.metrics.prometheus.compression.withGzipMixin
withGzipMixin(gzip)
"The configuration for GZIP compressor."
Note: This function appends passed data to existing values
fn spec.telemetry.metrics.prometheus.compression.withType
withType(type)
"CompressorType defines the compressor type to use for compression."
obj spec.telemetry.metrics.sinks
"Sinks defines the metric sinks where metrics are sent to."
fn spec.telemetry.metrics.sinks.withType
withType(type)
"Type defines the metric sink type.\nEG currently only supports OpenTelemetry."
obj spec.telemetry.metrics.sinks.openTelemetry
"OpenTelemetry defines the configuration for OpenTelemetry sink.\nIt's required if the sink type is OpenTelemetry."
fn spec.telemetry.metrics.sinks.openTelemetry.withBackendRefs
withBackendRefs(backendRefs)
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
fn spec.telemetry.metrics.sinks.openTelemetry.withBackendRefsMixin
withBackendRefsMixin(backendRefs)
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
Note: This function appends passed data to existing values
fn spec.telemetry.metrics.sinks.openTelemetry.withHost
withHost(host)
"Host define the service hostname.\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.metrics.sinks.openTelemetry.withPort
withPort(port)
"Port defines the port the service is exposed on.\nDeprecated: Use BackendRefs instead."
obj spec.telemetry.metrics.sinks.openTelemetry.backendRef
"BackendRef references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent.\n\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.metrics.sinks.openTelemetry.backendRef.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.telemetry.metrics.sinks.openTelemetry.backendRef.withKind
withKind(kind)
"Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)"
fn spec.telemetry.metrics.sinks.openTelemetry.backendRef.withName
withName(name)
"Name is the name of the referent."
fn spec.telemetry.metrics.sinks.openTelemetry.backendRef.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
fn spec.telemetry.metrics.sinks.openTelemetry.backendRef.withPort
withPort(port)
"Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field."
obj spec.telemetry.metrics.sinks.openTelemetry.backendRefs
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
fn spec.telemetry.metrics.sinks.openTelemetry.backendRefs.withFallback
withFallback(fallback)
"Fallback indicates whether the backend is designated as a fallback.\nMultiple fallback backends can be configured.\nIt is highly recommended to configure active or passive health checks to ensure that failover can be detected\nwhen the active backends become unhealthy and to automatically readjust once the primary backends are healthy again.\nThe overprovisioning factor is set to 1.4, meaning the fallback backends will only start receiving traffic when\nthe health of the active backends falls below 72%."
fn spec.telemetry.metrics.sinks.openTelemetry.backendRefs.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.telemetry.metrics.sinks.openTelemetry.backendRefs.withKind
withKind(kind)
"Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)"
fn spec.telemetry.metrics.sinks.openTelemetry.backendRefs.withName
withName(name)
"Name is the name of the referent."
fn spec.telemetry.metrics.sinks.openTelemetry.backendRefs.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
fn spec.telemetry.metrics.sinks.openTelemetry.backendRefs.withPort
withPort(port)
"Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings
"BackendSettings holds configuration for managing the connection\nto the backend."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.circuitBreaker
"Circuit Breaker settings for the upstream connections and requests.\nIf not set, circuit breakers will be enabled with the default thresholds"
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxConnections
withMaxConnections(maxConnections)
"The maximum number of connections that Envoy will establish to the referenced backend defined within a xRoute rule."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxParallelRequests
withMaxParallelRequests(maxParallelRequests)
"The maximum number of parallel requests that Envoy will make to the referenced backend defined within a xRoute rule."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxParallelRetries
withMaxParallelRetries(maxParallelRetries)
"The maximum number of parallel retries that Envoy will make to the referenced backend defined within a xRoute rule."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxPendingRequests
withMaxPendingRequests(maxPendingRequests)
"The maximum number of pending requests that Envoy will queue to the referenced backend defined within a xRoute rule."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.circuitBreaker.withMaxRequestsPerConnection
withMaxRequestsPerConnection(maxRequestsPerConnection)
"The maximum number of requests that Envoy will make over a single connection to the referenced backend defined within a xRoute rule.\nDefault: unlimited."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.connection
"Connection includes backend connection settings."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.connection.withBufferLimit
withBufferLimit(bufferLimit)
"BufferLimit Soft limit on size of the cluster’s connections read and write buffers.\nBufferLimit applies to connection streaming (maybe non-streaming) channel between processes, it's in user space.\nIf unspecified, an implementation defined default is applied (32768 bytes).\nFor example, 20Mi, 1Gi, 256Ki etc.\nNote: that when the suffix is not provided, the value is interpreted as bytes."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.connection.withSocketBufferLimit
withSocketBufferLimit(socketBufferLimit)
"SocketBufferLimit provides configuration for the maximum buffer size in bytes for each socket\nto backend.\nSocketBufferLimit applies to socket streaming channel between TCP/IP stacks, it's in kernel space.\nFor example, 20Mi, 1Gi, 256Ki etc.\nNote that when the suffix is not provided, the value is interpreted as bytes."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.dns
"DNS includes dns resolution settings."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.dns.withDnsRefreshRate
withDnsRefreshRate(dnsRefreshRate)
"DNSRefreshRate specifies the rate at which DNS records should be refreshed.\nDefaults to 30 seconds."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.dns.withRespectDnsTtl
withRespectDnsTtl(respectDnsTtl)
"RespectDNSTTL indicates whether the DNS Time-To-Live (TTL) should be respected.\nIf the value is set to true, the DNS refresh rate will be set to the resource record’s TTL.\nDefaults to true."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck
"HealthCheck allows gateway to perform active health checking on backends."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active
"Active health check configuration"
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.withHealthyThreshold
withHealthyThreshold(healthyThreshold)
"HealthyThreshold defines the number of healthy health checks required before a backend host is marked healthy."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.withInterval
withInterval(interval)
"Interval defines the time between active health checks."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.withTimeout
withTimeout(timeout)
"Timeout defines the time to wait for a health check response."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.withType
withType(type)
"Type defines the type of health checker."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.withUnhealthyThreshold
withUnhealthyThreshold(unhealthyThreshold)
"UnhealthyThreshold defines the number of unhealthy health checks required before a backend host is marked unhealthy."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.grpc
"GRPC defines the configuration of the GRPC health checker.\nIt's optional, and can only be used if the specified type is GRPC."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.grpc.withService
withService(service)
"Service to send in the health check request.\nIf this is not specified, then the health check request applies to the entire\nserver and not to a specific service."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http
"HTTP defines the configuration of http health checker.\nIt's required while the health checker type is HTTP."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http.withExpectedStatuses
withExpectedStatuses(expectedStatuses)
"ExpectedStatuses defines a list of HTTP response statuses considered healthy.\nDefaults to 200 only"
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http.withExpectedStatusesMixin
withExpectedStatusesMixin(expectedStatuses)
"ExpectedStatuses defines a list of HTTP response statuses considered healthy.\nDefaults to 200 only"
Note: This function appends passed data to existing values
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http.withMethod
withMethod(method)
"Method defines the HTTP method used for health checking.\nDefaults to GET"
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http.withPath
withPath(path)
"Path defines the HTTP path that will be requested during health checking."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http.expectedResponse
"ExpectedResponse defines a list of HTTP expected responses to match."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http.expectedResponse.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http.expectedResponse.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.http.expectedResponse.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp
"TCP defines the configuration of tcp health checker.\nIt's required while the health checker type is TCP."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.receive
"Receive defines the expected response payload."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.receive.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.receive.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.receive.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.send
"Send defines the request payload."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.send.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.send.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.active.tcp.send.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive
"Passive passive check configuration"
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive.withBaseEjectionTime
withBaseEjectionTime(baseEjectionTime)
"BaseEjectionTime defines the base duration for which a host will be ejected on consecutive failures."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive.withConsecutive5XxErrors
withConsecutive5XxErrors(consecutive5XxErrors)
"Consecutive5xxErrors sets the number of consecutive 5xx errors triggering ejection."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive.withConsecutiveGatewayErrors
withConsecutiveGatewayErrors(consecutiveGatewayErrors)
"ConsecutiveGatewayErrors sets the number of consecutive gateway errors triggering ejection."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive.withConsecutiveLocalOriginFailures
withConsecutiveLocalOriginFailures(consecutiveLocalOriginFailures)
"ConsecutiveLocalOriginFailures sets the number of consecutive local origin failures triggering ejection.\nParameter takes effect only when split_external_local_origin_errors is set to true."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive.withInterval
withInterval(interval)
"Interval defines the time between passive health checks."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive.withMaxEjectionPercent
withMaxEjectionPercent(maxEjectionPercent)
"MaxEjectionPercent sets the maximum percentage of hosts in a cluster that can be ejected."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.healthCheck.passive.withSplitExternalLocalOriginErrors
withSplitExternalLocalOriginErrors(splitExternalLocalOriginErrors)
"SplitExternalLocalOriginErrors enables splitting of errors between external and local origin."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.http2
"HTTP2 provides HTTP/2 configuration for backend connections."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.http2.withInitialConnectionWindowSize
withInitialConnectionWindowSize(initialConnectionWindowSize)
"InitialConnectionWindowSize sets the initial window size for HTTP/2 connections.\nIf not set, the default value is 1 MiB."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.http2.withInitialStreamWindowSize
withInitialStreamWindowSize(initialStreamWindowSize)
"InitialStreamWindowSize sets the initial window size for HTTP/2 streams.\nIf not set, the default value is 64 KiB(64*1024)."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.http2.withMaxConcurrentStreams
withMaxConcurrentStreams(maxConcurrentStreams)
"MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection.\nIf not set, the default value is 100."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.http2.withOnInvalidMessage
withOnInvalidMessage(onInvalidMessage)
"OnInvalidMessage determines if Envoy will terminate the connection or just the offending stream in the event of HTTP messaging error\nIt's recommended for L2 Envoy deployments to set this value to TerminateStream.\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/best_practices/level_two\nDefault: TerminateConnection"
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer
"LoadBalancer policy to apply when routing traffic from the gateway to\nthe backend endpoints. Defaults to LeastRequest
."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.withType
withType(type)
"Type decides the type of Load Balancer policy.\nValid LoadBalancerType values are\n\"ConsistentHash\",\n\"LeastRequest\",\n\"Random\",\n\"RoundRobin\"."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash
"ConsistentHash defines the configuration when the load balancer type is\nset to ConsistentHash"
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.withTableSize
withTableSize(tableSize)
"The table size for consistent hashing, must be prime number limited to 5000011."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.withType
withType(type)
"ConsistentHashType defines the type of input to hash on. Valid Type values are\n\"SourceIP\",\n\"Header\",\n\"Cookie\"."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie
"Cookie configures the cookie hash policy when the consistent hash type is set to Cookie."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie.withAttributes
withAttributes(attributes)
"Additional Attributes to set for the generated cookie."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie.withAttributesMixin
withAttributesMixin(attributes)
"Additional Attributes to set for the generated cookie."
Note: This function appends passed data to existing values
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie.withName
withName(name)
"Name of the cookie to hash.\nIf this cookie does not exist in the request, Envoy will generate a cookie and set\nthe TTL on the response back to the client based on Layer 4\nattributes of the backend endpoint, to ensure that these future requests\ngo to the same backend endpoint. Make sure to set the TTL field for this case."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.cookie.withTtl
withTtl(ttl)
"TTL of the generated cookie if the cookie is not present. This value sets the\nMax-Age attribute value."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.header
"Header configures the header hash policy when the consistent hash type is set to Header."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.consistentHash.header.withName
withName(name)
"Name of the header to hash."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.slowStart
"SlowStart defines the configuration related to the slow start load balancer policy.\nIf set, during slow start window, traffic sent to the newly added hosts will gradually increase.\nCurrently this is only supported for RoundRobin and LeastRequest load balancers"
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.loadBalancer.slowStart.withWindow
withWindow(window)
"Window defines the duration of the warm up period for newly added host.\nDuring slow start window, traffic sent to the newly added hosts will gradually increase.\nCurrently only supports linear growth of traffic. For additional details,\nsee https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#config-cluster-v3-cluster-slowstartconfig"
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.proxyProtocol
"ProxyProtocol enables the Proxy Protocol when communicating with the backend."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.proxyProtocol.withVersion
withVersion(version)
"Version of ProxyProtol\nValid ProxyProtocolVersion values are\n\"V1\"\n\"V2\
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry
"Retry provides more advanced usage, allowing users to customize the number of retries, retry fallback strategy, and retry triggering conditions.\nIf not set, retry will be disabled."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.withNumRetries
withNumRetries(numRetries)
"NumRetries is the number of retries to be attempted. Defaults to 2."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.perRetry
"PerRetry is the retry policy to be applied per retry attempt."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.perRetry.withTimeout
withTimeout(timeout)
"Timeout is the timeout per retry attempt."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.perRetry.backOff
"Backoff is the backoff policy to be applied per retry attempt. gateway uses a fully jittered exponential\nback-off algorithm for retries. For additional details,\nsee https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#config-http-filters-router-x-envoy-max-retries"
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.perRetry.backOff.withBaseInterval
withBaseInterval(baseInterval)
"BaseInterval is the base interval between retries."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.perRetry.backOff.withMaxInterval
withMaxInterval(maxInterval)
"MaxInterval is the maximum interval between retries. This parameter is optional, but must be greater than or equal to the base_interval if set.\nThe default is 10 times the base_interval"
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.retryOn
"RetryOn specifies the retry trigger condition.\n\nIf not specified, the default is to retry on connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes(503)."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.retryOn.withHttpStatusCodes
withHttpStatusCodes(httpStatusCodes)
"HttpStatusCodes specifies the http status codes to be retried.\nThe retriable-status-codes trigger must also be configured for these status codes to trigger a retry."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.retryOn.withHttpStatusCodesMixin
withHttpStatusCodesMixin(httpStatusCodes)
"HttpStatusCodes specifies the http status codes to be retried.\nThe retriable-status-codes trigger must also be configured for these status codes to trigger a retry."
Note: This function appends passed data to existing values
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.retryOn.withTriggers
withTriggers(triggers)
"Triggers specifies the retry trigger condition(Http/Grpc)."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.retry.retryOn.withTriggersMixin
withTriggersMixin(triggers)
"Triggers specifies the retry trigger condition(Http/Grpc)."
Note: This function appends passed data to existing values
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.tcpKeepalive
"TcpKeepalive settings associated with the upstream client connection.\nDisabled by default."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.tcpKeepalive.withIdleTime
withIdleTime(idleTime)
"The duration a connection needs to be idle before keep-alive\nprobes start being sent.\nThe duration format is\nDefaults to 7200s
."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.tcpKeepalive.withInterval
withInterval(interval)
"The duration between keep-alive probes.\nDefaults to 75s
."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.tcpKeepalive.withProbes
withProbes(probes)
"The total number of unacknowledged probes to send before deciding\nthe connection is dead.\nDefaults to 9."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.timeout
"Timeout settings for the backend connections."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.timeout.http
"Timeout settings for HTTP."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.timeout.http.withConnectionIdleTimeout
withConnectionIdleTimeout(connectionIdleTimeout)
"The idle timeout for an HTTP connection. Idle time is defined as a period in which there are no active requests in the connection.\nDefault: 1 hour."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.timeout.http.withMaxConnectionDuration
withMaxConnectionDuration(maxConnectionDuration)
"The maximum duration of an HTTP connection.\nDefault: unlimited."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.timeout.http.withRequestTimeout
withRequestTimeout(requestTimeout)
"RequestTimeout is the time until which entire response is received from the upstream."
obj spec.telemetry.metrics.sinks.openTelemetry.backendSettings.timeout.tcp
"Timeout settings for TCP."
fn spec.telemetry.metrics.sinks.openTelemetry.backendSettings.timeout.tcp.withConnectTimeout
withConnectTimeout(connectTimeout)
"The timeout for network connection establishment, including TCP and TLS handshakes.\nDefault: 10 seconds."
obj spec.telemetry.tracing
"Tracing defines tracing configuration for managed proxies.\nIf unspecified, will not send tracing data."
fn spec.telemetry.tracing.withCustomTags
withCustomTags(customTags)
"CustomTags defines the custom tags to add to each span.\nIf provider is kubernetes, pod name and namespace are added by default."
fn spec.telemetry.tracing.withCustomTagsMixin
withCustomTagsMixin(customTags)
"CustomTags defines the custom tags to add to each span.\nIf provider is kubernetes, pod name and namespace are added by default."
Note: This function appends passed data to existing values
fn spec.telemetry.tracing.withSamplingRate
withSamplingRate(samplingRate)
"SamplingRate controls the rate at which traffic will be\nselected for tracing if no prior sampling decision has been made.\nDefaults to 100, valid values [0-100]. 100 indicates 100% sampling."
obj spec.telemetry.tracing.provider
"Provider defines the tracing provider."
fn spec.telemetry.tracing.provider.withBackendRefs
withBackendRefs(backendRefs)
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
fn spec.telemetry.tracing.provider.withBackendRefsMixin
withBackendRefsMixin(backendRefs)
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
Note: This function appends passed data to existing values
fn spec.telemetry.tracing.provider.withHost
withHost(host)
"Host define the provider service hostname.\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.tracing.provider.withPort
withPort(port)
"Port defines the port the provider service is exposed on.\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.tracing.provider.withType
withType(type)
"Type defines the tracing provider type."
obj spec.telemetry.tracing.provider.backendRef
"BackendRef references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent.\n\nDeprecated: Use BackendRefs instead."
fn spec.telemetry.tracing.provider.backendRef.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.telemetry.tracing.provider.backendRef.withKind
withKind(kind)
"Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)"
fn spec.telemetry.tracing.provider.backendRef.withName
withName(name)
"Name is the name of the referent."
fn spec.telemetry.tracing.provider.backendRef.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
fn spec.telemetry.tracing.provider.backendRef.withPort
withPort(port)
"Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field."
obj spec.telemetry.tracing.provider.backendRefs
"BackendRefs references a Kubernetes object that represents the\nbackend server to which the authorization request will be sent."
fn spec.telemetry.tracing.provider.backendRefs.withFallback
withFallback(fallback)
"Fallback indicates whether the backend is designated as a fallback.\nMultiple fallback backends can be configured.\nIt is highly recommended to configure active or passive health checks to ensure that failover can be detected\nwhen the active backends become unhealthy and to automatically readjust once the primary backends are healthy again.\nThe overprovisioning factor is set to 1.4, meaning the fallback backends will only start receiving traffic when\nthe health of the active backends falls below 72%."
fn spec.telemetry.tracing.provider.backendRefs.withGroup
withGroup(group)
"Group is the group of the referent. For example, \"gateway.networking.k8s.io\".\nWhen unspecified or empty string, core API group is inferred."
fn spec.telemetry.tracing.provider.backendRefs.withKind
withKind(kind)
"Kind is the Kubernetes resource kind of the referent. For example\n\"Service\".\n\nDefaults to \"Service\" when not specified.\n\nExternalName services can refer to CNAME DNS records that may live\noutside of the cluster and as such are difficult to reason about in\nterms of conformance. They also may not be safe to forward to (see\nCVE-2021-25740 for more information). Implementations SHOULD NOT\nsupport ExternalName Services.\n\nSupport: Core (Services with a type other than ExternalName)\n\nSupport: Implementation-specific (Services with type ExternalName)"
fn spec.telemetry.tracing.provider.backendRefs.withName
withName(name)
"Name is the name of the referent."
fn spec.telemetry.tracing.provider.backendRefs.withNamespace
withNamespace(namespace)
"Namespace is the namespace of the backend. When unspecified, the local\nnamespace is inferred.\n\nNote that when a namespace different than the local namespace is specified,\na ReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\nSupport: Core"
fn spec.telemetry.tracing.provider.backendRefs.withPort
withPort(port)
"Port specifies the destination port number to use for this resource.\nPort is required when the referent is a Kubernetes Service. In this\ncase, the port number is the service port number, not the target port.\nFor other resources, destination port might be derived from the referent\nresource or this field."
obj spec.telemetry.tracing.provider.backendSettings
"BackendSettings holds configuration for managing the connection\nto the backend."
obj spec.telemetry.tracing.provider.backendSettings.circuitBreaker
"Circuit Breaker settings for the upstream connections and requests.\nIf not set, circuit breakers will be enabled with the default thresholds"
fn spec.telemetry.tracing.provider.backendSettings.circuitBreaker.withMaxConnections
withMaxConnections(maxConnections)
"The maximum number of connections that Envoy will establish to the referenced backend defined within a xRoute rule."
fn spec.telemetry.tracing.provider.backendSettings.circuitBreaker.withMaxParallelRequests
withMaxParallelRequests(maxParallelRequests)
"The maximum number of parallel requests that Envoy will make to the referenced backend defined within a xRoute rule."
fn spec.telemetry.tracing.provider.backendSettings.circuitBreaker.withMaxParallelRetries
withMaxParallelRetries(maxParallelRetries)
"The maximum number of parallel retries that Envoy will make to the referenced backend defined within a xRoute rule."
fn spec.telemetry.tracing.provider.backendSettings.circuitBreaker.withMaxPendingRequests
withMaxPendingRequests(maxPendingRequests)
"The maximum number of pending requests that Envoy will queue to the referenced backend defined within a xRoute rule."
fn spec.telemetry.tracing.provider.backendSettings.circuitBreaker.withMaxRequestsPerConnection
withMaxRequestsPerConnection(maxRequestsPerConnection)
"The maximum number of requests that Envoy will make over a single connection to the referenced backend defined within a xRoute rule.\nDefault: unlimited."
obj spec.telemetry.tracing.provider.backendSettings.connection
"Connection includes backend connection settings."
fn spec.telemetry.tracing.provider.backendSettings.connection.withBufferLimit
withBufferLimit(bufferLimit)
"BufferLimit Soft limit on size of the cluster’s connections read and write buffers.\nBufferLimit applies to connection streaming (maybe non-streaming) channel between processes, it's in user space.\nIf unspecified, an implementation defined default is applied (32768 bytes).\nFor example, 20Mi, 1Gi, 256Ki etc.\nNote: that when the suffix is not provided, the value is interpreted as bytes."
fn spec.telemetry.tracing.provider.backendSettings.connection.withSocketBufferLimit
withSocketBufferLimit(socketBufferLimit)
"SocketBufferLimit provides configuration for the maximum buffer size in bytes for each socket\nto backend.\nSocketBufferLimit applies to socket streaming channel between TCP/IP stacks, it's in kernel space.\nFor example, 20Mi, 1Gi, 256Ki etc.\nNote that when the suffix is not provided, the value is interpreted as bytes."
obj spec.telemetry.tracing.provider.backendSettings.dns
"DNS includes dns resolution settings."
fn spec.telemetry.tracing.provider.backendSettings.dns.withDnsRefreshRate
withDnsRefreshRate(dnsRefreshRate)
"DNSRefreshRate specifies the rate at which DNS records should be refreshed.\nDefaults to 30 seconds."
fn spec.telemetry.tracing.provider.backendSettings.dns.withRespectDnsTtl
withRespectDnsTtl(respectDnsTtl)
"RespectDNSTTL indicates whether the DNS Time-To-Live (TTL) should be respected.\nIf the value is set to true, the DNS refresh rate will be set to the resource record’s TTL.\nDefaults to true."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck
"HealthCheck allows gateway to perform active health checking on backends."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active
"Active health check configuration"
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.withHealthyThreshold
withHealthyThreshold(healthyThreshold)
"HealthyThreshold defines the number of healthy health checks required before a backend host is marked healthy."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.withInterval
withInterval(interval)
"Interval defines the time between active health checks."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.withTimeout
withTimeout(timeout)
"Timeout defines the time to wait for a health check response."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.withType
withType(type)
"Type defines the type of health checker."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.withUnhealthyThreshold
withUnhealthyThreshold(unhealthyThreshold)
"UnhealthyThreshold defines the number of unhealthy health checks required before a backend host is marked unhealthy."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.grpc
"GRPC defines the configuration of the GRPC health checker.\nIt's optional, and can only be used if the specified type is GRPC."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.grpc.withService
withService(service)
"Service to send in the health check request.\nIf this is not specified, then the health check request applies to the entire\nserver and not to a specific service."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http
"HTTP defines the configuration of http health checker.\nIt's required while the health checker type is HTTP."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http.withExpectedStatuses
withExpectedStatuses(expectedStatuses)
"ExpectedStatuses defines a list of HTTP response statuses considered healthy.\nDefaults to 200 only"
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http.withExpectedStatusesMixin
withExpectedStatusesMixin(expectedStatuses)
"ExpectedStatuses defines a list of HTTP response statuses considered healthy.\nDefaults to 200 only"
Note: This function appends passed data to existing values
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http.withMethod
withMethod(method)
"Method defines the HTTP method used for health checking.\nDefaults to GET"
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http.withPath
withPath(path)
"Path defines the HTTP path that will be requested during health checking."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http.expectedResponse
"ExpectedResponse defines a list of HTTP expected responses to match."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http.expectedResponse.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http.expectedResponse.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.http.expectedResponse.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp
"TCP defines the configuration of tcp health checker.\nIt's required while the health checker type is TCP."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp.receive
"Receive defines the expected response payload."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp.receive.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp.receive.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp.receive.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp.send
"Send defines the request payload."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp.send.withBinary
withBinary(binary)
"Binary payload base64 encoded."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp.send.withText
withText(text)
"Text payload in plain text."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.active.tcp.send.withType
withType(type)
"Type defines the type of the payload."
obj spec.telemetry.tracing.provider.backendSettings.healthCheck.passive
"Passive passive check configuration"
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.passive.withBaseEjectionTime
withBaseEjectionTime(baseEjectionTime)
"BaseEjectionTime defines the base duration for which a host will be ejected on consecutive failures."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.passive.withConsecutive5XxErrors
withConsecutive5XxErrors(consecutive5XxErrors)
"Consecutive5xxErrors sets the number of consecutive 5xx errors triggering ejection."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.passive.withConsecutiveGatewayErrors
withConsecutiveGatewayErrors(consecutiveGatewayErrors)
"ConsecutiveGatewayErrors sets the number of consecutive gateway errors triggering ejection."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.passive.withConsecutiveLocalOriginFailures
withConsecutiveLocalOriginFailures(consecutiveLocalOriginFailures)
"ConsecutiveLocalOriginFailures sets the number of consecutive local origin failures triggering ejection.\nParameter takes effect only when split_external_local_origin_errors is set to true."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.passive.withInterval
withInterval(interval)
"Interval defines the time between passive health checks."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.passive.withMaxEjectionPercent
withMaxEjectionPercent(maxEjectionPercent)
"MaxEjectionPercent sets the maximum percentage of hosts in a cluster that can be ejected."
fn spec.telemetry.tracing.provider.backendSettings.healthCheck.passive.withSplitExternalLocalOriginErrors
withSplitExternalLocalOriginErrors(splitExternalLocalOriginErrors)
"SplitExternalLocalOriginErrors enables splitting of errors between external and local origin."
obj spec.telemetry.tracing.provider.backendSettings.http2
"HTTP2 provides HTTP/2 configuration for backend connections."
fn spec.telemetry.tracing.provider.backendSettings.http2.withInitialConnectionWindowSize
withInitialConnectionWindowSize(initialConnectionWindowSize)
"InitialConnectionWindowSize sets the initial window size for HTTP/2 connections.\nIf not set, the default value is 1 MiB."
fn spec.telemetry.tracing.provider.backendSettings.http2.withInitialStreamWindowSize
withInitialStreamWindowSize(initialStreamWindowSize)
"InitialStreamWindowSize sets the initial window size for HTTP/2 streams.\nIf not set, the default value is 64 KiB(64*1024)."
fn spec.telemetry.tracing.provider.backendSettings.http2.withMaxConcurrentStreams
withMaxConcurrentStreams(maxConcurrentStreams)
"MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection.\nIf not set, the default value is 100."
fn spec.telemetry.tracing.provider.backendSettings.http2.withOnInvalidMessage
withOnInvalidMessage(onInvalidMessage)
"OnInvalidMessage determines if Envoy will terminate the connection or just the offending stream in the event of HTTP messaging error\nIt's recommended for L2 Envoy deployments to set this value to TerminateStream.\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/best_practices/level_two\nDefault: TerminateConnection"
obj spec.telemetry.tracing.provider.backendSettings.loadBalancer
"LoadBalancer policy to apply when routing traffic from the gateway to\nthe backend endpoints. Defaults to LeastRequest
."
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.withType
withType(type)
"Type decides the type of Load Balancer policy.\nValid LoadBalancerType values are\n\"ConsistentHash\",\n\"LeastRequest\",\n\"Random\",\n\"RoundRobin\"."
obj spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash
"ConsistentHash defines the configuration when the load balancer type is\nset to ConsistentHash"
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.withTableSize
withTableSize(tableSize)
"The table size for consistent hashing, must be prime number limited to 5000011."
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.withType
withType(type)
"ConsistentHashType defines the type of input to hash on. Valid Type values are\n\"SourceIP\",\n\"Header\",\n\"Cookie\"."
obj spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.cookie
"Cookie configures the cookie hash policy when the consistent hash type is set to Cookie."
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.cookie.withAttributes
withAttributes(attributes)
"Additional Attributes to set for the generated cookie."
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.cookie.withAttributesMixin
withAttributesMixin(attributes)
"Additional Attributes to set for the generated cookie."
Note: This function appends passed data to existing values
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.cookie.withName
withName(name)
"Name of the cookie to hash.\nIf this cookie does not exist in the request, Envoy will generate a cookie and set\nthe TTL on the response back to the client based on Layer 4\nattributes of the backend endpoint, to ensure that these future requests\ngo to the same backend endpoint. Make sure to set the TTL field for this case."
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.cookie.withTtl
withTtl(ttl)
"TTL of the generated cookie if the cookie is not present. This value sets the\nMax-Age attribute value."
obj spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.header
"Header configures the header hash policy when the consistent hash type is set to Header."
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.consistentHash.header.withName
withName(name)
"Name of the header to hash."
obj spec.telemetry.tracing.provider.backendSettings.loadBalancer.slowStart
"SlowStart defines the configuration related to the slow start load balancer policy.\nIf set, during slow start window, traffic sent to the newly added hosts will gradually increase.\nCurrently this is only supported for RoundRobin and LeastRequest load balancers"
fn spec.telemetry.tracing.provider.backendSettings.loadBalancer.slowStart.withWindow
withWindow(window)
"Window defines the duration of the warm up period for newly added host.\nDuring slow start window, traffic sent to the newly added hosts will gradually increase.\nCurrently only supports linear growth of traffic. For additional details,\nsee https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#config-cluster-v3-cluster-slowstartconfig"
obj spec.telemetry.tracing.provider.backendSettings.proxyProtocol
"ProxyProtocol enables the Proxy Protocol when communicating with the backend."
fn spec.telemetry.tracing.provider.backendSettings.proxyProtocol.withVersion
withVersion(version)
"Version of ProxyProtol\nValid ProxyProtocolVersion values are\n\"V1\"\n\"V2\
obj spec.telemetry.tracing.provider.backendSettings.retry
"Retry provides more advanced usage, allowing users to customize the number of retries, retry fallback strategy, and retry triggering conditions.\nIf not set, retry will be disabled."
fn spec.telemetry.tracing.provider.backendSettings.retry.withNumRetries
withNumRetries(numRetries)
"NumRetries is the number of retries to be attempted. Defaults to 2."
obj spec.telemetry.tracing.provider.backendSettings.retry.perRetry
"PerRetry is the retry policy to be applied per retry attempt."
fn spec.telemetry.tracing.provider.backendSettings.retry.perRetry.withTimeout
withTimeout(timeout)
"Timeout is the timeout per retry attempt."
obj spec.telemetry.tracing.provider.backendSettings.retry.perRetry.backOff
"Backoff is the backoff policy to be applied per retry attempt. gateway uses a fully jittered exponential\nback-off algorithm for retries. For additional details,\nsee https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#config-http-filters-router-x-envoy-max-retries"
fn spec.telemetry.tracing.provider.backendSettings.retry.perRetry.backOff.withBaseInterval
withBaseInterval(baseInterval)
"BaseInterval is the base interval between retries."
fn spec.telemetry.tracing.provider.backendSettings.retry.perRetry.backOff.withMaxInterval
withMaxInterval(maxInterval)
"MaxInterval is the maximum interval between retries. This parameter is optional, but must be greater than or equal to the base_interval if set.\nThe default is 10 times the base_interval"
obj spec.telemetry.tracing.provider.backendSettings.retry.retryOn
"RetryOn specifies the retry trigger condition.\n\nIf not specified, the default is to retry on connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes(503)."
fn spec.telemetry.tracing.provider.backendSettings.retry.retryOn.withHttpStatusCodes
withHttpStatusCodes(httpStatusCodes)
"HttpStatusCodes specifies the http status codes to be retried.\nThe retriable-status-codes trigger must also be configured for these status codes to trigger a retry."
fn spec.telemetry.tracing.provider.backendSettings.retry.retryOn.withHttpStatusCodesMixin
withHttpStatusCodesMixin(httpStatusCodes)
"HttpStatusCodes specifies the http status codes to be retried.\nThe retriable-status-codes trigger must also be configured for these status codes to trigger a retry."
Note: This function appends passed data to existing values
fn spec.telemetry.tracing.provider.backendSettings.retry.retryOn.withTriggers
withTriggers(triggers)
"Triggers specifies the retry trigger condition(Http/Grpc)."
fn spec.telemetry.tracing.provider.backendSettings.retry.retryOn.withTriggersMixin
withTriggersMixin(triggers)
"Triggers specifies the retry trigger condition(Http/Grpc)."
Note: This function appends passed data to existing values
obj spec.telemetry.tracing.provider.backendSettings.tcpKeepalive
"TcpKeepalive settings associated with the upstream client connection.\nDisabled by default."
fn spec.telemetry.tracing.provider.backendSettings.tcpKeepalive.withIdleTime
withIdleTime(idleTime)
"The duration a connection needs to be idle before keep-alive\nprobes start being sent.\nThe duration format is\nDefaults to 7200s
."
fn spec.telemetry.tracing.provider.backendSettings.tcpKeepalive.withInterval
withInterval(interval)
"The duration between keep-alive probes.\nDefaults to 75s
."
fn spec.telemetry.tracing.provider.backendSettings.tcpKeepalive.withProbes
withProbes(probes)
"The total number of unacknowledged probes to send before deciding\nthe connection is dead.\nDefaults to 9."
obj spec.telemetry.tracing.provider.backendSettings.timeout
"Timeout settings for the backend connections."
obj spec.telemetry.tracing.provider.backendSettings.timeout.http
"Timeout settings for HTTP."
fn spec.telemetry.tracing.provider.backendSettings.timeout.http.withConnectionIdleTimeout
withConnectionIdleTimeout(connectionIdleTimeout)
"The idle timeout for an HTTP connection. Idle time is defined as a period in which there are no active requests in the connection.\nDefault: 1 hour."
fn spec.telemetry.tracing.provider.backendSettings.timeout.http.withMaxConnectionDuration
withMaxConnectionDuration(maxConnectionDuration)
"The maximum duration of an HTTP connection.\nDefault: unlimited."
fn spec.telemetry.tracing.provider.backendSettings.timeout.http.withRequestTimeout
withRequestTimeout(requestTimeout)
"RequestTimeout is the time until which entire response is received from the upstream."
obj spec.telemetry.tracing.provider.backendSettings.timeout.tcp
"Timeout settings for TCP."
fn spec.telemetry.tracing.provider.backendSettings.timeout.tcp.withConnectTimeout
withConnectTimeout(connectTimeout)
"The timeout for network connection establishment, including TCP and TLS handshakes.\nDefault: 10 seconds."
obj spec.telemetry.tracing.provider.zipkin
"Zipkin defines the Zipkin tracing provider configuration"
fn spec.telemetry.tracing.provider.zipkin.withDisableSharedSpanContext
withDisableSharedSpanContext(disableSharedSpanContext)
"DisableSharedSpanContext determines whether the default Envoy behaviour of\nclient and server spans sharing the same span context should be disabled."
fn spec.telemetry.tracing.provider.zipkin.withEnable128BitTraceId
withEnable128BitTraceId(enable128BitTraceId)
"Enable128BitTraceID determines whether a 128bit trace id will be used\nwhen creating a new trace instance. If set to false, a 64bit trace\nid will be used."