diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES index 05fe413e085..64d68b7737c 100644 --- a/OWNERS_ALIASES +++ b/OWNERS_ALIASES @@ -167,7 +167,6 @@ aliases: - edsoncelio - femrtnz - jcjesus - - rikatz - stormqueen1990 - yagonobre sig-docs-pt-reviews: # PR reviews for Portugese content @@ -176,7 +175,6 @@ aliases: - femrtnz - jcjesus - mrerlison - - rikatz - stormqueen1990 - yagonobre sig-docs-vi-owners: # Admins for Vietnamese content diff --git a/README-zh.md b/README-zh.md index ee45a6aa285..9ddf8a646be 100644 --- a/README-zh.md +++ b/README-zh.md @@ -22,11 +22,11 @@ This repository contains the assets required to build the [Kubernetes website an ## 使用这个仓库 -可以使用 Hugo(扩展版)在本地运行网站,也可以在容器中运行它。强烈建议使用容器,因为这样可以和在线网站的部署保持一致。 +可以使用 [Hugo(扩展版)](https://gohugo.io/)在本地运行网站,也可以在容器中运行它。强烈建议使用容器,因为这样可以和在线网站的部署保持一致。 -位于 `content/en/docs/reference/kubernetes-api` 的 API 参考页面是根据 Swagger 规范构建的,使用 。 +位于 `content/en/docs/reference/kubernetes-api` 的 API 参考页面是使用 根据 Swagger 规范(也称为 OpenAPI 规范)构建的。 要更新 Kubernetes 新版本的参考页面,请执行以下步骤: diff --git a/api-ref-assets/api/swagger.json b/api-ref-assets/api/swagger.json index 410add77696..12903fd69f2 100644 --- a/api-ref-assets/api/swagger.json +++ b/api-ref-assets/api/swagger.json @@ -1,5 +1,23 @@ { "definitions": { + "io.k8s.api.admissionregistration.v1.MatchCondition": { + "description": "MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook.", + "properties": { + "expression": { + "description": "Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. CEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest). 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\nDocumentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired.", + "type": "string" + }, + "name": { + "description": "Name is an identifier for this match condition, used for strategic merging of MatchConditions, as well as providing an identifier for logging purposes. A good name should be descriptive of the associated expression. Name must be a qualified name consisting of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyName', or 'my.name', or '123-abc', regex used for validation is '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]') with an optional DNS subdomain prefix and '/' (e.g. 'example.com/MyName')\n\nRequired.", + "type": "string" + } + }, + "required": [ + "name", + "expression" + ], + "type": "object" + }, "io.k8s.api.admissionregistration.v1.MutatingWebhook": { "description": "MutatingWebhook describes an admission webhook and the resources and operations it applies to.", "properties": { @@ -18,6 +36,19 @@ "description": "FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail.", "type": "string" }, + "matchConditions": { + "description": "MatchConditions is a list of conditions that must be met for a request to be sent to this webhook. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed.\n\nThe exact matching logic is (in order):\n 1. If ANY matchCondition evaluates to FALSE, the webhook is skipped.\n 2. If ALL matchConditions evaluate to TRUE, the webhook is called.\n 3. If any matchCondition evaluates to an error (but none are FALSE):\n - If failurePolicy=Fail, reject the request\n - If failurePolicy=Ignore, the error is ignored and the webhook is skipped\n\nThis is an alpha feature and managed by the AdmissionWebhookMatchConditions feature gate.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1.MatchCondition" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, "matchPolicy": { "description": "matchPolicy defines how the \"rules\" list is used to match incoming requests. Allowed values are \"Exact\" or \"Equivalent\".\n\n- Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but \"rules\" only included `apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources: [\"deployments\"]`, a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.\n\n- Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and \"rules\" only included `apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources: [\"deployments\"]`, a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.\n\nDefaults to \"Equivalent\"", "type": "string" @@ -219,6 +250,19 @@ "description": "FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail.", "type": "string" }, + "matchConditions": { + "description": "MatchConditions is a list of conditions that must be met for a request to be sent to this webhook. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed.\n\nThe exact matching logic is (in order):\n 1. If ANY matchCondition evaluates to FALSE, the webhook is skipped.\n 2. If ALL matchConditions evaluate to TRUE, the webhook is called.\n 3. If any matchCondition evaluates to an error (but none are FALSE):\n - If failurePolicy=Fail, reject the request\n - If failurePolicy=Ignore, the error is ignored and the webhook is skipped\n\nThis is an alpha feature and managed by the AdmissionWebhookMatchConditions feature gate.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1.MatchCondition" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, "matchPolicy": { "description": "matchPolicy defines how the \"rules\" list is used to match incoming requests. Allowed values are \"Exact\" or \"Equivalent\".\n\n- Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but \"rules\" only included `apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources: [\"deployments\"]`, a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.\n\n- Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and \"rules\" only included `apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources: [\"deployments\"]`, a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.\n\nDefaults to \"Equivalent\"", "type": "string" @@ -348,6 +392,59 @@ }, "type": "object" }, + "io.k8s.api.admissionregistration.v1alpha1.AuditAnnotation": { + "description": "AuditAnnotation describes how to produce an audit annotation for an API request.", + "properties": { + "key": { + "description": "key specifies the audit annotation key. The audit annotation keys of a ValidatingAdmissionPolicy must be unique. The key must be a qualified name ([A-Za-z0-9][-A-Za-z0-9_.]*) no more than 63 bytes in length.\n\nThe key is combined with the resource name of the ValidatingAdmissionPolicy to construct an audit annotation key: \"{ValidatingAdmissionPolicy name}/{key}\".\n\nIf an admission webhook uses the same resource name as this ValidatingAdmissionPolicy and the same audit annotation key, the annotation key will be identical. In this case, the first annotation written with the key will be included in the audit event and all subsequent annotations with the same key will be discarded.\n\nRequired.", + "type": "string" + }, + "valueExpression": { + "description": "valueExpression represents the expression which is evaluated by CEL to produce an audit annotation value. The expression must evaluate to either a string or null value. If the expression evaluates to a string, the audit annotation is included with the string value. If the expression evaluates to null or empty string the audit annotation will be omitted. The valueExpression may be no longer than 5kb in length. If the result of the valueExpression is more than 10kb in length, it will be truncated to 10kb.\n\nIf multiple ValidatingAdmissionPolicyBinding resources match an API request, then the valueExpression will be evaluated for each binding. All unique values produced by the valueExpressions will be joined together in a comma-separated list.\n\nRequired.", + "type": "string" + } + }, + "required": [ + "key", + "valueExpression" + ], + "type": "object" + }, + "io.k8s.api.admissionregistration.v1alpha1.ExpressionWarning": { + "description": "ExpressionWarning is a warning information that targets a specific expression.", + "properties": { + "fieldRef": { + "description": "The path to the field that refers the expression. For example, the reference to the expression of the first item of validations is \"spec.validations[0].expression\"", + "type": "string" + }, + "warning": { + "description": "The content of type checking information in a human-readable form. Each line of the warning contains the type that the expression is checked against, followed by the type check error from the compiler.", + "type": "string" + } + }, + "required": [ + "fieldRef", + "warning" + ], + "type": "object" + }, + "io.k8s.api.admissionregistration.v1alpha1.MatchCondition": { + "properties": { + "expression": { + "description": "Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. CEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest). 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\nDocumentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired.", + "type": "string" + }, + "name": { + "description": "Name is an identifier for this match condition, used for strategic merging of MatchConditions, as well as providing an identifier for logging purposes. A good name should be descriptive of the associated expression. Name must be a qualified name consisting of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyName', or 'my.name', or '123-abc', regex used for validation is '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]') with an optional DNS subdomain prefix and '/' (e.g. 'example.com/MyName')\n\nRequired.", + "type": "string" + } + }, + "required": [ + "name", + "expression" + ], + "type": "object" + }, "io.k8s.api.admissionregistration.v1alpha1.MatchResources": { "description": "MatchResources decides whether to run the admission control policy on an object based on whether it meets the match criteria. The exclude rules take precedence over include rules (if a resource matches both, it is excluded)", "properties": { @@ -464,6 +561,20 @@ "type": "object", "x-kubernetes-map-type": "atomic" }, + "io.k8s.api.admissionregistration.v1alpha1.TypeChecking": { + "description": "TypeChecking contains results of type checking the expressions in the ValidatingAdmissionPolicy", + "properties": { + "expressionWarnings": { + "description": "The type checking warnings for each expression.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ExpressionWarning" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object" + }, "io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicy": { "description": "ValidatingAdmissionPolicy describes the definition of an admission validation policy that accepts or rejects an object without changing it.", "properties": { @@ -482,6 +593,10 @@ "spec": { "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicySpec", "description": "Specification of the desired behavior of the ValidatingAdmissionPolicy." + }, + "status": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicyStatus", + "description": "The status of the ValidatingAdmissionPolicy, including warnings that are useful to determine if the policy behaves in the expected way. Populated by the system. Read-only." } }, "type": "object", @@ -568,6 +683,14 @@ "policyName": { "description": "PolicyName references a ValidatingAdmissionPolicy name which the ValidatingAdmissionPolicyBinding binds to. If the referenced resource does not exist, this binding is considered invalid and will be ignored Required.", "type": "string" + }, + "validationActions": { + "description": "validationActions declares how Validations of the referenced ValidatingAdmissionPolicy are enforced. If a validation evaluates to false it is always enforced according to these actions.\n\nFailures defined by the ValidatingAdmissionPolicy's FailurePolicy are enforced according to these actions only if the FailurePolicy is set to Fail, otherwise the failures are ignored. This includes compilation errors, runtime errors and misconfigurations of the policy.\n\nvalidationActions is declared as a set of action values. Order does not matter. validationActions may not contain duplicates of the same action.\n\nThe supported actions values are:\n\n\"Deny\" specifies that a validation failure results in a denied request.\n\n\"Warn\" specifies that a validation failure is reported to the request client in HTTP Warning headers, with a warning code of 299. Warnings can be sent both for allowed or denied admission responses.\n\n\"Audit\" specifies that a validation failure is included in the published audit event for the request. The audit event will contain a `validation.policy.admission.k8s.io/validation_failure` audit annotation with a value containing the details of the validation failures, formatted as a JSON list of objects, each with the following fields: - message: The validation failure message string - policy: The resource name of the ValidatingAdmissionPolicy - binding: The resource name of the ValidatingAdmissionPolicyBinding - expressionIndex: The index of the failed validations in the ValidatingAdmissionPolicy - validationActions: The enforcement actions enacted for the validation failure Example audit annotation: `\"validation.policy.admission.k8s.io/validation_failure\": \"[{\"message\": \"Invalid value\", {\"policy\": \"policy.example.com\", {\"binding\": \"policybinding.example.com\", {\"expressionIndex\": \"1\", {\"validationActions\": [\"Audit\"]}]\"`\n\nClients should expect to handle additional values by ignoring any values not recognized.\n\n\"Deny\" and \"Warn\" may not be used together since this combination needlessly duplicates the validation failure both in the API response body and the HTTP warning headers.\n\nRequired.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "set" } }, "type": "object" @@ -607,10 +730,31 @@ "io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicySpec": { "description": "ValidatingAdmissionPolicySpec is the specification of the desired behavior of the AdmissionPolicy.", "properties": { + "auditAnnotations": { + "description": "auditAnnotations contains CEL expressions which are used to produce audit annotations for the audit event of the API request. validations and auditAnnotations may not both be empty; a least one of validations or auditAnnotations is required.", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.AuditAnnotation" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, "failurePolicy": { - "description": "FailurePolicy defines how to handle failures for the admission policy. Failures can occur from invalid or mis-configured policy definitions or bindings. A policy is invalid if spec.paramKind refers to a non-existent Kind. A binding is invalid if spec.paramRef.name refers to a non-existent resource. Allowed values are Ignore or Fail. Defaults to Fail.", + "description": "failurePolicy defines how to handle failures for the admission policy. Failures can occur from CEL expression parse errors, type check errors, runtime errors and invalid or mis-configured policy definitions or bindings.\n\nA policy is invalid if spec.paramKind refers to a non-existent Kind. A binding is invalid if spec.paramRef.name refers to a non-existent resource.\n\nfailurePolicy does not define how validations that evaluate to false are handled.\n\nWhen failurePolicy is set to Fail, ValidatingAdmissionPolicyBinding validationActions define how failures are enforced.\n\nAllowed values are Ignore or Fail. Defaults to Fail.", "type": "string" }, + "matchConditions": { + "description": "MatchConditions is a list of conditions that must be met for a request to be validated. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed.\n\nIf a parameter object is provided, it can be accessed via the `params` handle in the same manner as validation expressions.\n\nThe exact matching logic is (in order):\n 1. If ANY matchCondition evaluates to FALSE, the policy is skipped.\n 2. If ALL matchConditions evaluate to TRUE, the policy is evaluated.\n 3. If any matchCondition evaluates to an error (but none are FALSE):\n - If failurePolicy=Fail, reject the request\n - If failurePolicy=Ignore, the policy is skipped", + "items": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.MatchCondition" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, "matchConstraints": { "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.MatchResources", "description": "MatchConstraints specifies what resources this policy is designed to validate. The AdmissionPolicy cares about a request if it matches _all_ Constraints. However, in order to prevent clusters from being put into an unstable state that cannot be recovered from via the API ValidatingAdmissionPolicy cannot match ValidatingAdmissionPolicy and ValidatingAdmissionPolicyBinding. Required." @@ -620,7 +764,7 @@ "description": "ParamKind specifies the kind of resources used to parameterize this policy. If absent, there are no parameters for this policy and the param CEL variable will not be provided to validation expressions. If ParamKind refers to a non-existent kind, this policy definition is mis-configured and the FailurePolicy is applied. If paramKind is specified but paramRef is unset in ValidatingAdmissionPolicyBinding, the params variable will be null." }, "validations": { - "description": "Validations contain CEL expressions which is used to apply the validation. A minimum of one validation is required for a policy definition. Required.", + "description": "Validations contain CEL expressions which is used to apply the validation. Validations and AuditAnnotations may not both be empty; a minimum of one Validations or AuditAnnotations is required.", "items": { "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.Validation" }, @@ -628,22 +772,49 @@ "x-kubernetes-list-type": "atomic" } }, - "required": [ - "validations" - ], + "type": "object" + }, + "io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicyStatus": { + "description": "ValidatingAdmissionPolicyStatus represents the status of a ValidatingAdmissionPolicy.", + "properties": { + "conditions": { + "description": "The conditions represent the latest available observations of a policy's current state.", + "items": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Condition" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "observedGeneration": { + "description": "The generation observed by the controller.", + "format": "int64", + "type": "integer" + }, + "typeChecking": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.TypeChecking", + "description": "The results of type checking for each expression. Presence of this field indicates the completion of the type checking." + } + }, "type": "object" }, "io.k8s.api.admissionregistration.v1alpha1.Validation": { "description": "Validation specifies the CEL expression which is used to apply the validation.", "properties": { "expression": { - "description": "Expression represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec CEL expressions have access to the contents of the Admission request/response, organized into CEL variables as well as some other useful variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request([ref](/pkg/apis/admission/types.go#AdmissionRequest)). 'params' - Parameter resource referred to by the policy binding being evaluated. Only populated if the policy has a ParamKind.\n\nThe `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object. No other metadata properties are accessible.\n\nOnly property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - '__' escapes to '__underscores__' - '.' escapes to '__dot__' - '-' escapes to '__dash__' - '/' escapes to '__slash__' - Property names that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are:\n\t \"true\", \"false\", \"null\", \"in\", \"as\", \"break\", \"const\", \"continue\", \"else\", \"for\", \"function\", \"if\",\n\t \"import\", \"let\", \"loop\", \"package\", \"namespace\", \"return\".\nExamples:\n - Expression accessing a property named \"namespace\": {\"Expression\": \"object.__namespace__ > 0\"}\n - Expression accessing a property named \"x-prop\": {\"Expression\": \"object.x__dash__prop > 0\"}\n - Expression accessing a property named \"redact__d\": {\"Expression\": \"object.redact__underscores__d > 0\"}\n\nEquality on arrays with list type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type:\n - 'set': `X + Y` performs a union where the array positions of all elements in `X` are preserved and\n non-intersecting elements in `Y` are appended, retaining their partial order.\n - 'map': `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values\n are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with\n non-intersecting keys are appended, retaining their partial order.\nRequired.", + "description": "Expression represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec CEL expressions have access to the contents of the API request/response, organized into CEL variables as well as some other useful variables:\n\n- 'object' - The object from the incoming request. The value is null for DELETE requests. - 'oldObject' - The existing object. The value is null for CREATE requests. - 'request' - Attributes of the API request([ref](/pkg/apis/admission/types.go#AdmissionRequest)). - 'params' - Parameter resource referred to by the policy binding being evaluated. Only populated if the policy has a ParamKind. - 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n- 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\n\nThe `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object. No other metadata properties are accessible.\n\nOnly property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - '__' escapes to '__underscores__' - '.' escapes to '__dot__' - '-' escapes to '__dash__' - '/' escapes to '__slash__' - Property names that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are:\n\t \"true\", \"false\", \"null\", \"in\", \"as\", \"break\", \"const\", \"continue\", \"else\", \"for\", \"function\", \"if\",\n\t \"import\", \"let\", \"loop\", \"package\", \"namespace\", \"return\".\nExamples:\n - Expression accessing a property named \"namespace\": {\"Expression\": \"object.__namespace__ > 0\"}\n - Expression accessing a property named \"x-prop\": {\"Expression\": \"object.x__dash__prop > 0\"}\n - Expression accessing a property named \"redact__d\": {\"Expression\": \"object.redact__underscores__d > 0\"}\n\nEquality on arrays with list type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type:\n - 'set': `X + Y` performs a union where the array positions of all elements in `X` are preserved and\n non-intersecting elements in `Y` are appended, retaining their partial order.\n - 'map': `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values\n are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with\n non-intersecting keys are appended, retaining their partial order.\nRequired.", "type": "string" }, "message": { "description": "Message represents the message displayed when validation fails. The message is required if the Expression contains line breaks. The message must not contain line breaks. If unset, the message is \"failed rule: {Rule}\". e.g. \"must be a URL with the host matching spec.host\" If the Expression contains line breaks. Message is required. The message must not contain line breaks. If unset, the message is \"failed Expression: {Expression}\".", "type": "string" }, + "messageExpression": { + "description": "messageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. Since messageExpression is used as a failure message, it must evaluate to a string. If both message and messageExpression are present on a validation, then messageExpression will be used if validation fails. If messageExpression results in a runtime error, the runtime error is logged, and the validation failure message is produced as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset, and the fact that messageExpression produced an empty string/string with only spaces/string with line breaks will be logged. messageExpression has access to all the same variables as the `expression` except for 'authorizer' and 'authorizer.requestResource'. Example: \"object.x must be less than max (\"+string(params.max)+\")\"", + "type": "string" + }, "reason": { "description": "Reason represents a machine-readable description of why this validation failed. If this is the first validation in the list to fail, this reason, as well as the corresponding HTTP response code, are used in the HTTP response to the client. The currently supported reasons are: \"Unauthorized\", \"Forbidden\", \"Invalid\", \"RequestEntityTooLarge\". If not set, StatusReasonInvalid is used in the response to the client.", "type": "string" @@ -1009,7 +1180,7 @@ }, "template": { "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", - "description": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + "description": "An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). The only allowed template.spec.restartPolicy value is \"Always\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" }, "updateStrategy": { "$ref": "#/definitions/io.k8s.api.apps.v1.DaemonSetUpdateStrategy", @@ -1096,7 +1267,7 @@ "description": "Rolling update config params. Present only if type = \"RollingUpdate\"." }, "type": { - "description": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is RollingUpdate.\n\n", + "description": "Type of daemon set update. Can be \"RollingUpdate\" or \"OnDelete\". Default is RollingUpdate.", "type": "string" } }, @@ -1242,7 +1413,7 @@ }, "template": { "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", - "description": "Template describes the pods that will be created." + "description": "Template describes the pods that will be created. The only allowed template.spec.restartPolicy value is \"Always\"." } }, "required": [ @@ -1309,7 +1480,7 @@ "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate." }, "type": { - "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.\n\n", + "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", "type": "string" } }, @@ -1659,14 +1830,14 @@ }, "ordinals": { "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetOrdinals", - "description": "ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a \"0\" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is alpha." + "description": "ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a \"0\" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is beta." }, "persistentVolumeClaimRetentionPolicy": { "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetPersistentVolumeClaimRetentionPolicy", "description": "persistentVolumeClaimRetentionPolicy describes the lifecycle of persistent volume claims created from volumeClaimTemplates. By default, all persistent volume claims are created as needed and retained until manually deleted. This policy allows the lifecycle to be altered, for example by deleting persistent volume claims when their stateful set is deleted, or when their pod is scaled down. This requires the StatefulSetAutoDeletePVC feature gate to be enabled, which is alpha. +optional" }, "podManagementPolicy": { - "description": "podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.\n\n", + "description": "podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.", "type": "string" }, "replicas": { @@ -1689,7 +1860,7 @@ }, "template": { "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", - "description": "template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format -. For example, a pod in a StatefulSet named \"web\" with index number \"3\" would be named \"web-3\"." + "description": "template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format -. For example, a pod in a StatefulSet named \"web\" with index number \"3\" would be named \"web-3\". The only allowed template.spec.restartPolicy value is \"Always\"." }, "updateStrategy": { "$ref": "#/definitions/io.k8s.api.apps.v1.StatefulSetUpdateStrategy", @@ -1779,7 +1950,7 @@ "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." }, "type": { - "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.\n\n", + "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", "type": "string" } }, @@ -1996,7 +2167,7 @@ "type": "object" }, "io.k8s.api.authentication.v1alpha1.SelfSubjectReview": { - "description": "SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. When using impersonation, users will receive the user info of the user being impersonated.", + "description": "SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. When using impersonation, users will receive the user info of the user being impersonated. If impersonation or request header authentication is used, any extra keys will have their case ignored and returned as lowercase.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -2034,6 +2205,45 @@ }, "type": "object" }, + "io.k8s.api.authentication.v1beta1.SelfSubjectReview": { + "description": "SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. When using impersonation, users will receive the user info of the user being impersonated. If impersonation or request header authentication is used, any extra keys will have their case ignored and returned as lowercase.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "status": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.SelfSubjectReviewStatus", + "description": "Status is filled in by the server with the user attributes." + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "authentication.k8s.io", + "kind": "SelfSubjectReview", + "version": "v1beta1" + } + ] + }, + "io.k8s.api.authentication.v1beta1.SelfSubjectReviewStatus": { + "description": "SelfSubjectReviewStatus is filled by the kube-apiserver and sent back to a user.", + "properties": { + "userInfo": { + "$ref": "#/definitions/io.k8s.api.authentication.v1.UserInfo", + "description": "User attributes of the user making this request." + } + }, + "type": "object" + }, "io.k8s.api.authorization.v1.LocalSubjectAccessReview": { "description": "LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.", "properties": { @@ -2411,15 +2621,15 @@ "description": "CrossVersionObjectReference contains enough information to let you identify the referred resource.", "properties": { "apiVersion": { - "description": "API version of the referent", + "description": "apiVersion is the API version of the referent", "type": "string" }, "kind": { - "description": "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "description": "kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "name": { - "description": "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "description": "name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" } }, @@ -2447,11 +2657,11 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerSpec", - "description": "behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + "description": "spec defines the behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." }, "status": { "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerStatus", - "description": "current information about the autoscaler." + "description": "status is the current information about the autoscaler." } }, "type": "object", @@ -2471,7 +2681,7 @@ "type": "string" }, "items": { - "description": "list of horizontal pod autoscaler objects.", + "description": "items is the list of horizontal pod autoscaler objects.", "items": { "$ref": "#/definitions/io.k8s.api.autoscaling.v1.HorizontalPodAutoscaler" }, @@ -2502,7 +2712,7 @@ "description": "specification of a horizontal pod autoscaler.", "properties": { "maxReplicas": { - "description": "upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.", + "description": "maxReplicas is the upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.", "format": "int32", "type": "integer" }, @@ -2516,7 +2726,7 @@ "description": "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource." }, "targetCPUUtilizationPercentage": { - "description": "target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used.", + "description": "targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used.", "format": "int32", "type": "integer" } @@ -2531,26 +2741,26 @@ "description": "current status of a horizontal pod autoscaler", "properties": { "currentCPUUtilizationPercentage": { - "description": "current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU.", + "description": "currentCPUUtilizationPercentage is the current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU.", "format": "int32", "type": "integer" }, "currentReplicas": { - "description": "current number of replicas of pods managed by this autoscaler.", + "description": "currentReplicas is the current number of replicas of pods managed by this autoscaler.", "format": "int32", "type": "integer" }, "desiredReplicas": { - "description": "desired number of replicas of pods managed by this autoscaler.", + "description": "desiredReplicas is the desired number of replicas of pods managed by this autoscaler.", "format": "int32", "type": "integer" }, "lastScaleTime": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", - "description": "last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed." + "description": "lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed." }, "observedGeneration": { - "description": "most recent generation observed by this autoscaler.", + "description": "observedGeneration is the most recent generation observed by this autoscaler.", "format": "int64", "type": "integer" } @@ -2578,11 +2788,11 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleSpec", - "description": "defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + "description": "spec defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." }, "status": { "$ref": "#/definitions/io.k8s.api.autoscaling.v1.ScaleStatus", - "description": "current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only." + "description": "status is the current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only." } }, "type": "object", @@ -2598,7 +2808,7 @@ "description": "ScaleSpec describes the attributes of a scale subresource.", "properties": { "replicas": { - "description": "desired number of instances for the scaled object.", + "description": "replicas is the desired number of instances for the scaled object.", "format": "int32", "type": "integer" } @@ -2609,12 +2819,12 @@ "description": "ScaleStatus represents the current status of a scale subresource.", "properties": { "replicas": { - "description": "actual number of observed instances of the scaled object.", + "description": "replicas is the actual number of observed instances of the scaled object.", "format": "int32", "type": "integer" }, "selector": { - "description": "label query over pods that should match the replicas count. This is same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors", + "description": "selector is the label query over pods that should match the replicas count. This is same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/", "type": "string" } }, @@ -2650,7 +2860,7 @@ "description": "ContainerResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing a single container in each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", "properties": { "container": { - "description": "Container is the name of the container in the pods of the scaling target", + "description": "container is the name of the container in the pods of the scaling target", "type": "string" }, "current": { @@ -2658,7 +2868,7 @@ "description": "current contains the current value for the given metric" }, "name": { - "description": "Name is the name of the resource in question.", + "description": "name is the name of the resource in question.", "type": "string" } }, @@ -2673,15 +2883,15 @@ "description": "CrossVersionObjectReference contains enough information to let you identify the referred resource.", "properties": { "apiVersion": { - "description": "API version of the referent", + "description": "apiVersion is the API version of the referent", "type": "string" }, "kind": { - "description": "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "description": "kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "name": { - "description": "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "description": "name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" } }, @@ -2731,16 +2941,16 @@ "description": "HPAScalingPolicy is a single policy which must hold true for a specified past interval.", "properties": { "periodSeconds": { - "description": "PeriodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min).", + "description": "periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min).", "format": "int32", "type": "integer" }, "type": { - "description": "Type is used to specify the scaling policy.", + "description": "type is used to specify the scaling policy.", "type": "string" }, "value": { - "description": "Value contains the amount of change which is permitted by the policy. It must be greater than zero", + "description": "value contains the amount of change which is permitted by the policy. It must be greater than zero", "format": "int32", "type": "integer" } @@ -2768,7 +2978,7 @@ "type": "string" }, "stabilizationWindowSeconds": { - "description": "StabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).", + "description": "stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).", "format": "int32", "type": "integer" } @@ -3208,7 +3418,7 @@ "description": "current contains the current value for the given metric" }, "name": { - "description": "Name is the name of the resource in question.", + "description": "name is the name of the resource in question.", "type": "string" } }, @@ -3290,7 +3500,7 @@ "description": "CronJobSpec describes how the job execution will look like and when it will actually run.", "properties": { "concurrencyPolicy": { - "description": "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\" (default): allows CronJobs to run concurrently; - \"Forbid\": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one\n\n", + "description": "Specifies how to treat concurrent executions of a Job. Valid values are:\n\n- \"Allow\" (default): allows CronJobs to run concurrently; - \"Forbid\": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one", "type": "string" }, "failedJobsHistoryLimit": { @@ -3321,7 +3531,7 @@ "type": "boolean" }, "timeZone": { - "description": "The time zone name for the given schedule, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones. If not specified, this will default to the time zone of the kube-controller-manager process. The set of valid time zone names and the time zone offset is loaded from the system-wide time zone database by the API server during CronJob validation and the controller manager during execution. If no system-wide time zone database can be found a bundled version of the database is used instead. If the time zone name becomes invalid during the lifetime of a CronJob or due to a change in host configuration, the controller will stop creating new new Jobs and will create a system event with the reason UnknownTimeZone. More information can be found in https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones This is beta field and must be enabled via the `CronJobTimeZone` feature gate.", + "description": "The time zone name for the given schedule, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones. If not specified, this will default to the time zone of the kube-controller-manager process. The set of valid time zone names and the time zone offset is loaded from the system-wide time zone database by the API server during CronJob validation and the controller manager during execution. If no system-wide time zone database can be found a bundled version of the database is used instead. If the time zone name becomes invalid during the lifetime of a CronJob or due to a change in host configuration, the controller will stop creating new new Jobs and will create a system event with the reason UnknownTimeZone. More information can be found in https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones", "type": "string" } }, @@ -3469,11 +3679,11 @@ "type": "integer" }, "completionMode": { - "description": "CompletionMode specifies how Pod completions are tracked. It can be `NonIndexed` (default) or `Indexed`.\n\n`NonIndexed` means that the Job is considered complete when there have been .spec.completions successfully completed Pods. Each Pod completion is homologous to each other.\n\n`Indexed` means that the Pods of a Job get an associated completion index from 0 to (.spec.completions - 1), available in the annotation batch.kubernetes.io/job-completion-index. The Job is considered complete when there is one successfully completed Pod for each index. When value is `Indexed`, .spec.completions must be specified and `.spec.parallelism` must be less than or equal to 10^5. In addition, The Pod name takes the form `$(job-name)-$(index)-$(random-string)`, the Pod hostname takes the form `$(job-name)-$(index)`.\n\nMore completion modes can be added in the future. If the Job controller observes a mode that it doesn't recognize, which is possible during upgrades due to version skew, the controller skips updates for the Job.", + "description": "completionMode specifies how Pod completions are tracked. It can be `NonIndexed` (default) or `Indexed`.\n\n`NonIndexed` means that the Job is considered complete when there have been .spec.completions successfully completed Pods. Each Pod completion is homologous to each other.\n\n`Indexed` means that the Pods of a Job get an associated completion index from 0 to (.spec.completions - 1), available in the annotation batch.kubernetes.io/job-completion-index. The Job is considered complete when there is one successfully completed Pod for each index. When value is `Indexed`, .spec.completions must be specified and `.spec.parallelism` must be less than or equal to 10^5. In addition, The Pod name takes the form `$(job-name)-$(index)-$(random-string)`, the Pod hostname takes the form `$(job-name)-$(index)`.\n\nMore completion modes can be added in the future. If the Job controller observes a mode that it doesn't recognize, which is possible during upgrades due to version skew, the controller skips updates for the Job.", "type": "string" }, "completions": { - "description": "Specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", + "description": "Specifies the desired number of successfully finished pods the job should be run with. Setting to null means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/", "format": "int32", "type": "integer" }, @@ -3495,12 +3705,12 @@ "description": "A label query over pods that should match the pod count. Normally, the system sets this field for you. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" }, "suspend": { - "description": "Suspend specifies whether the Job controller should create Pods or not. If a Job is created with suspend set to true, no Pods are created by the Job controller. If a Job is suspended after creation (i.e. the flag goes from false to true), the Job controller will delete all active Pods associated with this Job. Users must design their workload to gracefully handle this. Suspending a Job will reset the StartTime field of the Job, effectively resetting the ActiveDeadlineSeconds timer too. Defaults to false.", + "description": "suspend specifies whether the Job controller should create Pods or not. If a Job is created with suspend set to true, no Pods are created by the Job controller. If a Job is suspended after creation (i.e. the flag goes from false to true), the Job controller will delete all active Pods associated with this Job. Users must design their workload to gracefully handle this. Suspending a Job will reset the StartTime field of the Job, effectively resetting the ActiveDeadlineSeconds timer too. Defaults to false.", "type": "boolean" }, "template": { "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", - "description": "Describes the pod that will be created when executing a job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + "description": "Describes the pod that will be created when executing a job. The only allowed template.spec.restartPolicy values are \"Never\" or \"OnFailure\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" }, "ttlSecondsAfterFinished": { "description": "ttlSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Job won't be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes.", @@ -3522,7 +3732,7 @@ "type": "integer" }, "completedIndexes": { - "description": "CompletedIndexes holds the completed indexes when .spec.completionMode = \"Indexed\" in a text format. The indexes are represented as decimal integers separated by commas. The numbers are listed in increasing order. Three or more consecutive numbers are compressed and represented by the first and last element of the series, separated by a hyphen. For example, if the completed indexes are 1, 3, 4, 5 and 7, they are represented as \"1,3-5,7\".", + "description": "completedIndexes holds the completed indexes when .spec.completionMode = \"Indexed\" in a text format. The indexes are represented as decimal integers separated by commas. The numbers are listed in increasing order. Three or more consecutive numbers are compressed and represented by the first and last element of the series, separated by a hyphen. For example, if the completed indexes are 1, 3, 4, 5 and 7, they are represented as \"1,3-5,7\".", "type": "string" }, "completionTime": { @@ -3560,7 +3770,7 @@ }, "uncountedTerminatedPods": { "$ref": "#/definitions/io.k8s.api.batch.v1.UncountedTerminatedPods", - "description": "UncountedTerminatedPods holds the UIDs of Pods that have terminated but the job controller hasn't yet accounted for in the status counters.\n\nThe job controller creates pods with a finalizer. When a pod terminates (succeeded or failed), the controller does three steps to account for it in the job status: (1) Add the pod UID to the arrays in this field. (2) Remove the pod finalizer. (3) Remove the pod UID from the arrays while increasing the corresponding\n counter.\n\nOld jobs might not be tracked using this field, in which case the field remains null." + "description": "uncountedTerminatedPods holds the UIDs of Pods that have terminated but the job controller hasn't yet accounted for in the status counters.\n\nThe job controller creates pods with a finalizer. When a pod terminates (succeeded or failed), the controller does three steps to account for it in the job status:\n\n1. Add the pod UID to the arrays in this field. 2. Remove the pod finalizer. 3. Remove the pod UID from the arrays while increasing the corresponding\n counter.\n\nOld jobs might not be tracked using this field, in which case the field remains null." } }, "type": "object" @@ -3604,7 +3814,7 @@ "type": "string" }, "operator": { - "description": "Represents the relationship between the container exit code(s) and the specified values. Containers completed with success (exit code 0) are excluded from the requirement check. Possible values are: - In: the requirement is satisfied if at least one container exit code\n (might be multiple if there are multiple containers not restricted\n by the 'containerName' field) is in the set of specified values.\n- NotIn: the requirement is satisfied if at least one container exit code\n (might be multiple if there are multiple containers not restricted\n by the 'containerName' field) is not in the set of specified values.\nAdditional values are considered to be added in the future. Clients should react to an unknown operator by assuming the requirement is not satisfied.\n\n", + "description": "Represents the relationship between the container exit code(s) and the specified values. Containers completed with success (exit code 0) are excluded from the requirement check. Possible values are:\n\n- In: the requirement is satisfied if at least one container exit code\n (might be multiple if there are multiple containers not restricted\n by the 'containerName' field) is in the set of specified values.\n- NotIn: the requirement is satisfied if at least one container exit code\n (might be multiple if there are multiple containers not restricted\n by the 'containerName' field) is not in the set of specified values.\nAdditional values are considered to be added in the future. Clients should react to an unknown operator by assuming the requirement is not satisfied.", "type": "string" }, "values": { @@ -3642,10 +3852,10 @@ "type": "object" }, "io.k8s.api.batch.v1.PodFailurePolicyRule": { - "description": "PodFailurePolicyRule describes how a pod failure is handled when the requirements are met. One of OnExitCodes and onPodConditions, but not both, can be used in each rule.", + "description": "PodFailurePolicyRule describes how a pod failure is handled when the requirements are met. One of onExitCodes and onPodConditions, but not both, can be used in each rule.", "properties": { "action": { - "description": "Specifies the action taken on a pod failure when the requirements are satisfied. Possible values are: - FailJob: indicates that the pod's job is marked as Failed and all\n running pods are terminated.\n- Ignore: indicates that the counter towards the .backoffLimit is not\n incremented and a replacement pod is created.\n- Count: indicates that the pod is handled in the default way - the\n counter towards the .backoffLimit is incremented.\nAdditional values are considered to be added in the future. Clients should react to an unknown action by skipping the rule.\n\n", + "description": "Specifies the action taken on a pod failure when the requirements are satisfied. Possible values are:\n\n- FailJob: indicates that the pod's job is marked as Failed and all\n running pods are terminated.\n- Ignore: indicates that the counter towards the .backoffLimit is not\n incremented and a replacement pod is created.\n- Count: indicates that the pod is handled in the default way - the\n counter towards the .backoffLimit is incremented.\nAdditional values are considered to be added in the future. Clients should react to an unknown action by skipping the rule.", "type": "string" }, "onExitCodes": { @@ -3671,7 +3881,7 @@ "description": "UncountedTerminatedPods holds UIDs of Pods that have terminated but haven't been accounted in Job status counters.", "properties": { "failed": { - "description": "Failed holds UIDs of failed Pods.", + "description": "failed holds UIDs of failed Pods.", "items": { "type": "string" }, @@ -3679,7 +3889,7 @@ "x-kubernetes-list-type": "set" }, "succeeded": { - "description": "Succeeded holds UIDs of succeeded Pods.", + "description": "succeeded holds UIDs of succeeded Pods.", "items": { "type": "string" }, @@ -3874,6 +4084,90 @@ }, "type": "object" }, + "io.k8s.api.certificates.v1alpha1.ClusterTrustBundle": { + "description": "ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).\n\nClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.\n\nIt can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "metadata contains the object metadata." + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundleSpec", + "description": "spec contains the signer (if any) and trust anchors." + } + }, + "required": [ + "spec" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.certificates.v1alpha1.ClusterTrustBundleList": { + "description": "ClusterTrustBundleList is a collection of ClusterTrustBundle objects", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is a collection of ClusterTrustBundle objects", + "items": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "metadata contains the list metadata." + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundleList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.certificates.v1alpha1.ClusterTrustBundleSpec": { + "description": "ClusterTrustBundleSpec contains the signer and trust anchors.", + "properties": { + "signerName": { + "description": "signerName indicates the associated signer, if any.\n\nIn order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName= verb=attest.\n\nIf signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.\n\nIf signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.\n\nList/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.", + "type": "string" + }, + "trustBundle": { + "description": "trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.\n\nThe data must consist only of PEM certificate blocks that parse as valid X.509 certificates. Each certificate must include a basic constraints extension with the CA bit set. The API server will reject objects that contain duplicate certificates, or that use PEM block headers.\n\nUsers of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.", + "type": "string" + } + }, + "required": [ + "trustBundle" + ], + "type": "object" + }, "io.k8s.api.coordination.v1.Lease": { "description": "Lease defines a lease concept.", "properties": { @@ -3891,7 +4185,7 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.coordination.v1.LeaseSpec", - "description": "Specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "description": "spec contains the specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "type": "object", @@ -3911,7 +4205,7 @@ "type": "string" }, "items": { - "description": "Items is a list of schema objects.", + "description": "items is a list of schema objects.", "items": { "$ref": "#/definitions/io.k8s.api.coordination.v1.Lease" }, @@ -3950,7 +4244,7 @@ "type": "string" }, "leaseDurationSeconds": { - "description": "leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime.", + "description": "leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed renewTime.", "format": "int32", "type": "integer" }, @@ -4147,7 +4441,7 @@ "properties": { "controllerExpandSecretRef": { "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", - "description": "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This is an beta field and requires enabling ExpandCSIVolumes feature gate. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed." + "description": "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed." }, "controllerPublishSecretRef": { "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", @@ -4163,7 +4457,7 @@ }, "nodeExpandSecretRef": { "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", - "description": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is an alpha field and requires enabling CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed." + "description": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed." }, "nodePublishSecretRef": { "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", @@ -4720,7 +5014,7 @@ "type": "string" }, "imagePullPolicy": { - "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images\n\n", + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", "type": "string" }, "lifecycle": { @@ -4753,6 +5047,14 @@ "$ref": "#/definitions/io.k8s.api.core.v1.Probe", "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerResizePolicy" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, "resources": { "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements", "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" @@ -4778,7 +5080,7 @@ "type": "string" }, "terminationMessagePolicy": { - "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.\n\n", + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", "type": "string" }, "tty": { @@ -4853,7 +5155,7 @@ "type": "string" }, "protocol": { - "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".\n\n", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", "type": "string" } }, @@ -4862,6 +5164,24 @@ ], "type": "object" }, + "io.k8s.api.core.v1.ContainerResizePolicy": { + "description": "ContainerResizePolicy represents resource resize policy for the container.", + "properties": { + "resourceName": { + "description": "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + "type": "string" + }, + "restartPolicy": { + "description": "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, "io.k8s.api.core.v1.ContainerState": { "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", "properties": { @@ -4946,42 +5266,53 @@ "io.k8s.api.core.v1.ContainerStatus": { "description": "ContainerStatus contains details for the current status of this container.", "properties": { + "allocatedResources": { + "additionalProperties": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" + }, + "description": "AllocatedResources represents the compute resources allocated for this container by the node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission and after successfully admitting desired pod resize.", + "type": "object" + }, "containerID": { - "description": "Container's ID in the format '://'.", + "description": "ContainerID is the ID of the container in the format '://'. Where type is a container runtime identifier, returned from Version call of CRI API (for example \"containerd\").", "type": "string" }, "image": { - "description": "The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images.", + "description": "Image is the name of container image that the container is running. The container image may not match the image used in the PodSpec, as it may have been resolved by the runtime. More info: https://kubernetes.io/docs/concepts/containers/images.", "type": "string" }, "imageID": { - "description": "ImageID of the container's image.", + "description": "ImageID is the image ID of the container's image. The image ID may not match the image ID of the image used in the PodSpec, as it may have been resolved by the runtime.", "type": "string" }, "lastState": { "$ref": "#/definitions/io.k8s.api.core.v1.ContainerState", - "description": "Details about the container's last termination condition." + "description": "LastTerminationState holds the last termination state of the container to help debug container crashes and restarts. This field is not populated if the container is still running and RestartCount is 0." }, "name": { - "description": "This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated.", + "description": "Name is a DNS_LABEL representing the unique name of the container. Each container in a pod must have a unique name across all container types. Cannot be updated.", "type": "string" }, "ready": { - "description": "Specifies whether the container has passed its readiness probe.", + "description": "Ready specifies whether the container is currently passing its readiness check. The value will change as readiness probes keep executing. If no readiness probes are specified, this field defaults to true once the container is fully started (see Started field).\n\nThe value is typically used to determine whether a container is ready to accept traffic.", "type": "boolean" }, + "resources": { + "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements", + "description": "Resources represents the compute resource requests and limits that have been successfully enacted on the running container after it has been started or has been successfully resized." + }, "restartCount": { - "description": "The number of times the container has been restarted.", + "description": "RestartCount holds the number of times the container has been restarted. Kubelet makes an effort to always increment the value, but there are cases when the state may be lost due to node restarts and then the value may be reset to 0. The value is never negative.", "format": "int32", "type": "integer" }, "started": { - "description": "Specifies whether the container has passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. Is always true when no startupProbe is defined.", + "description": "Started indicates whether the container has finished its postStart lifecycle hook and passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. In both cases, startup probes will run again. Is always true when no startupProbe is defined and container is running and has passed the postStart lifecycle hook. The null value must be treated the same as false.", "type": "boolean" }, "state": { "$ref": "#/definitions/io.k8s.api.core.v1.ContainerState", - "description": "Details about the container's current condition." + "description": "State holds details about the container's current condition." } }, "required": [ @@ -5073,7 +5404,7 @@ }, "sizeLimit": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", - "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir" + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" } }, "type": "object" @@ -5086,7 +5417,7 @@ "type": "string" }, "ip": { - "description": "The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready.", + "description": "The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16).", "type": "string" }, "nodeName": { @@ -5108,7 +5439,7 @@ "description": "EndpointPort is a tuple that describes a single port.", "properties": { "appProtocol": { - "description": "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.", + "description": "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", "type": "string" }, "name": { @@ -5121,7 +5452,7 @@ "type": "integer" }, "protocol": { - "description": "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.\n\n", + "description": "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.", "type": "string" } }, @@ -5324,7 +5655,7 @@ "type": "string" }, "imagePullPolicy": { - "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images\n\n", + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", "type": "string" }, "lifecycle": { @@ -5357,6 +5688,14 @@ "$ref": "#/definitions/io.k8s.api.core.v1.Probe", "description": "Probes are not allowed for ephemeral containers." }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "$ref": "#/definitions/io.k8s.api.core.v1.ContainerResizePolicy" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, "resources": { "$ref": "#/definitions/io.k8s.api.core.v1.ResourceRequirements", "description": "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod." @@ -5386,7 +5725,7 @@ "type": "string" }, "terminationMessagePolicy": { - "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.\n\n", + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", "type": "string" }, "tty": { @@ -5840,7 +6179,7 @@ "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." }, "scheme": { - "description": "Scheme to use for connecting to the host. Defaults to HTTP.\n\n", + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", "type": "string" } }, @@ -6408,7 +6747,7 @@ "x-kubernetes-patch-strategy": "merge" }, "phase": { - "description": "Phase is the current lifecycle phase of the namespace. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/\n\n", + "description": "Phase is the current lifecycle phase of the namespace. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/", "type": "string" } }, @@ -6618,7 +6957,7 @@ "type": "string" }, "operator": { - "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.\n\n", + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { @@ -6701,7 +7040,7 @@ "description": "NodeStatus is information about the current status of a node.", "properties": { "addresses": { - "description": "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example.", + "description": "List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.NodeAddress" }, @@ -6752,7 +7091,7 @@ "description": "Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info" }, "phase": { - "description": "NodePhase is the recently observed lifecycle phase of the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#phase The field is never populated, and now is deprecated.\n\n", + "description": "NodePhase is the recently observed lifecycle phase of the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#phase The field is never populated, and now is deprecated.", "type": "string" }, "volumesAttached": { @@ -6950,7 +7289,7 @@ ] }, "io.k8s.api.core.v1.PersistentVolumeClaimCondition": { - "description": "PersistentVolumeClaimCondition contails details about state of pvc", + "description": "PersistentVolumeClaimCondition contains details about state of pvc", "properties": { "lastProbeTime": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", @@ -7091,7 +7430,7 @@ "x-kubernetes-patch-strategy": "merge" }, "phase": { - "description": "phase represents the current phase of PersistentVolumeClaim.\n\n", + "description": "phase represents the current phase of PersistentVolumeClaim.", "type": "string" }, "resizeStatus": { @@ -7264,7 +7603,7 @@ "description": "nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume." }, "persistentVolumeReclaimPolicy": { - "description": "persistentVolumeReclaimPolicy defines what happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming\n\n", + "description": "persistentVolumeReclaimPolicy defines what happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming", "type": "string" }, "photonPersistentDisk": { @@ -7314,7 +7653,7 @@ "type": "string" }, "phase": { - "description": "phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase\n\n", + "description": "phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase", "type": "string" }, "reason": { @@ -7703,7 +8042,7 @@ "description": "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy." }, "dnsPolicy": { - "description": "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.\n\n", + "description": "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.", "type": "string" }, "enableServiceLinks": { @@ -7823,7 +8162,7 @@ "x-kubernetes-patch-strategy": "merge,retainKeys" }, "restartPolicy": { - "description": "Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy\n\n", + "description": "Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy", "type": "string" }, "runtimeClassName": { @@ -7835,7 +8174,7 @@ "type": "string" }, "schedulingGates": { - "description": "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness.\n\nThis is an alpha-level feature enabled by PodSchedulingReadiness feature gate.", + "description": "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate.", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.PodSchedulingGate" }, @@ -7958,7 +8297,7 @@ "type": "string" }, "phase": { - "description": "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase\n\n", + "description": "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase", "type": "string" }, "podIP": { @@ -7975,13 +8314,17 @@ "x-kubernetes-patch-strategy": "merge" }, "qosClass": { - "description": "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md\n\n", + "description": "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes", "type": "string" }, "reason": { "description": "A brief CamelCase message indicating details about why the pod is in this state. e.g. 'Evicted'", "type": "string" }, + "resize": { + "description": "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\"", + "type": "string" + }, "startTime": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", "description": "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod." @@ -8079,7 +8422,7 @@ "type": "integer" }, "protocol": { - "description": "Protocol is the protocol of the service port of which status is recorded here The supported values are: \"TCP\", \"UDP\", \"SCTP\"\n\n", + "description": "Protocol is the protocol of the service port of which status is recorded here The supported values are: \"TCP\", \"UDP\", \"SCTP\"", "type": "string" } }, @@ -8143,7 +8486,7 @@ }, "grpc": { "$ref": "#/definitions/io.k8s.api.core.v1.GRPCAction", - "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate." + "description": "GRPC specifies an action involving a GRPC port." }, "httpGet": { "$ref": "#/definitions/io.k8s.api.core.v1.HTTPGetAction", @@ -8444,7 +8787,7 @@ }, "template": { "$ref": "#/definitions/io.k8s.api.core.v1.PodTemplateSpec", - "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + "description": "Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is \"Always\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" } }, "type": "object" @@ -8643,12 +8986,15 @@ "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { - "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.", + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.ResourceClaim" }, "type": "array", - "x-kubernetes-list-type": "set" + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" }, "limits": { "additionalProperties": { @@ -8661,7 +9007,7 @@ "additionalProperties": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" }, - "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, @@ -8809,11 +9155,11 @@ "description": "A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator that relates the scope name and values.", "properties": { "operator": { - "description": "Represents a scope's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist.\n\n", + "description": "Represents a scope's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist.", "type": "string" }, "scopeName": { - "description": "The name of the scope that the selector applies to.\n\n", + "description": "The name of the scope that the selector applies to.", "type": "string" }, "values": { @@ -8838,7 +9184,7 @@ "type": "string" }, "type": { - "description": "type indicates which kind of seccomp profile will be applied. Valid options are:\n\nLocalhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.\n\n", + "description": "type indicates which kind of seccomp profile will be applied. Valid options are:\n\nLocalhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", "type": "string" } }, @@ -9280,7 +9626,7 @@ "type": "integer" }, "protocol": { - "description": "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP.\n\n", + "description": "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP.", "type": "string" }, "targetPort": { @@ -9324,7 +9670,7 @@ "type": "string" }, "externalTrafficPolicy": { - "description": "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.\n\n", + "description": "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.", "type": "string" }, "healthCheckNodePort": { @@ -9390,7 +9736,7 @@ "x-kubernetes-map-type": "atomic" }, "sessionAffinity": { - "description": "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies\n\n", + "description": "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", "type": "string" }, "sessionAffinityConfig": { @@ -9398,7 +9744,7 @@ "description": "sessionAffinityConfig contains the configurations of session affinity." }, "type": { - "description": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types\n\n", + "description": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types", "type": "string" } }, @@ -9528,7 +9874,7 @@ "description": "The node this Taint is attached to has the \"effect\" on any pod that does not tolerate the Taint.", "properties": { "effect": { - "description": "Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute.\n\n", + "description": "Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute.", "type": "string" }, "key": { @@ -9554,7 +9900,7 @@ "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", "properties": { "effect": { - "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.\n\n", + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", "type": "string" }, "key": { @@ -9562,7 +9908,7 @@ "type": "string" }, "operator": { - "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.\n\n", + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", "type": "string" }, "tolerationSeconds": { @@ -9620,7 +9966,7 @@ "description": "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." }, "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.", + "description": "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).", "items": { "type": "string" }, @@ -9650,7 +9996,7 @@ "type": "string" }, "whenUnsatisfiable": { - "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.\n\n", + "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.", "type": "string" } }, @@ -10040,7 +10386,7 @@ "description": "EndpointConditions represents the current condition of an endpoint.", "properties": { "ready": { - "description": "ready indicates that this endpoint is prepared to receive traffic, according to whatever system is managing the endpoint. A nil value indicates an unknown state. In most cases consumers should interpret this unknown state as ready. For compatibility reasons, ready should never be \"true\" for terminating endpoints.", + "description": "ready indicates that this endpoint is prepared to receive traffic, according to whatever system is managing the endpoint. A nil value indicates an unknown state. In most cases consumers should interpret this unknown state as ready. For compatibility reasons, ready should never be \"true\" for terminating endpoints, except when the normal readiness behavior is being explicitly overridden, for example when the associated Service has set the publishNotReadyAddresses flag.", "type": "boolean" }, "serving": { @@ -10072,20 +10418,20 @@ "description": "EndpointPort represents a Port used by an EndpointSlice", "properties": { "appProtocol": { - "description": "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.", + "description": "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", "type": "string" }, "name": { - "description": "The name of this port. All ports in an EndpointSlice must have a unique name. If the EndpointSlice is dervied from a Kubernetes service, this corresponds to the Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation: * must be no more than 63 characters long. * must consist of lower case alphanumeric characters or '-'. * must start and end with an alphanumeric character. Default is empty string.", + "description": "name represents the name of this port. All ports in an EndpointSlice must have a unique name. If the EndpointSlice is dervied from a Kubernetes service, this corresponds to the Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation: * must be no more than 63 characters long. * must consist of lower case alphanumeric characters or '-'. * must start and end with an alphanumeric character. Default is empty string.", "type": "string" }, "port": { - "description": "The port number of the endpoint. If this is not specified, ports are not restricted and must be interpreted in the context of the specific consumer.", + "description": "port represents the port number of the endpoint. If this is not specified, ports are not restricted and must be interpreted in the context of the specific consumer.", "format": "int32", "type": "integer" }, "protocol": { - "description": "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.", + "description": "protocol represents the IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.", "type": "string" } }, @@ -10096,7 +10442,7 @@ "description": "EndpointSlice represents a subset of the endpoints that implement a service. For a given service there may be multiple EndpointSlice objects, selected by labels, which must be joined to produce the full set of endpoints.", "properties": { "addressType": { - "description": "addressType specifies the type of address carried by this EndpointSlice. All addresses in this slice must be the same type. This field is immutable after creation. The following address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.\n\n", + "description": "addressType specifies the type of address carried by this EndpointSlice. All addresses in this slice must be the same type. This field is immutable after creation. The following address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.", "type": "string" }, "apiVersion": { @@ -10149,7 +10495,7 @@ "type": "string" }, "items": { - "description": "List of endpoint slices", + "description": "items is the list of endpoint slices", "items": { "$ref": "#/definitions/io.k8s.api.discovery.v1.EndpointSlice" }, @@ -11455,14 +11801,14 @@ "properties": { "backend": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressBackend", - "description": "Backend defines the referenced service endpoint to which the traffic will be forwarded to." + "description": "backend defines the referenced service endpoint to which the traffic will be forwarded to." }, "path": { - "description": "Path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value \"Exact\" or \"Prefix\".", + "description": "path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value \"Exact\" or \"Prefix\".", "type": "string" }, "pathType": { - "description": "PathType determines the interpretation of the Path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is\n done on a path element by element basis. A path element refers is the\n list of labels in the path split by the '/' separator. A request is a\n match for path p if every p is an element-wise prefix of p of the\n request path. Note that if the last element of the path is a substring\n of the last element in request path, it is not a match (e.g. /foo/bar\n matches /foo/bar/baz, but does not match /foo/barbaz).\n* ImplementationSpecific: Interpretation of the Path matching is up to\n the IngressClass. Implementations can treat this as a separate PathType\n or treat it identically to Prefix or Exact path types.\nImplementations are required to support all path types.", + "description": "pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is\n done on a path element by element basis. A path element refers is the\n list of labels in the path split by the '/' separator. A request is a\n match for path p if every p is an element-wise prefix of p of the\n request path. Note that if the last element of the path is a substring\n of the last element in request path, it is not a match (e.g. /foo/bar\n matches /foo/bar/baz, but does not match /foo/barbaz).\n* ImplementationSpecific: Interpretation of the Path matching is up to\n the IngressClass. Implementations can treat this as a separate PathType\n or treat it identically to Prefix or Exact path types.\nImplementations are required to support all path types.", "type": "string" } }, @@ -11476,7 +11822,7 @@ "description": "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.", "properties": { "paths": { - "description": "A collection of paths that map requests to backends.", + "description": "paths is a collection of paths that map requests to backends.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.HTTPIngressPath" }, @@ -11493,11 +11839,11 @@ "description": "IPBlock describes a particular CIDR (Ex. \"192.168.1.0/24\",\"2001:db8::/64\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.", "properties": { "cidr": { - "description": "CIDR is a string representing the IP Block Valid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"", + "description": "cidr is a string representing the IPBlock Valid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"", "type": "string" }, "except": { - "description": "Except is a slice of CIDRs that should not be included within an IP Block Valid examples are \"192.168.1.0/24\" or \"2001:db8::/64\" Except values will be rejected if they are outside the CIDR range", + "description": "except is a slice of CIDRs that should not be included within an IPBlock Valid examples are \"192.168.1.0/24\" or \"2001:db8::/64\" Except values will be rejected if they are outside the cidr range", "items": { "type": "string" }, @@ -11526,11 +11872,11 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressSpec", - "description": "Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "description": "spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" }, "status": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressStatus", - "description": "Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "description": "status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "type": "object", @@ -11547,11 +11893,11 @@ "properties": { "resource": { "$ref": "#/definitions/io.k8s.api.core.v1.TypedLocalObjectReference", - "description": "Resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\"." + "description": "resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\"." }, "service": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressServiceBackend", - "description": "Service references a Service as a Backend. This is a mutually exclusive setting with \"Resource\"." + "description": "service references a service as a backend. This is a mutually exclusive setting with \"Resource\"." } }, "type": "object" @@ -11573,7 +11919,7 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressClassSpec", - "description": "Spec is the desired state of the IngressClass. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "description": "spec is the desired state of the IngressClass. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "type": "object", @@ -11593,7 +11939,7 @@ "type": "string" }, "items": { - "description": "Items is the list of IngressClasses.", + "description": "items is the list of IngressClasses.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressClass" }, @@ -11624,23 +11970,23 @@ "description": "IngressClassParametersReference identifies an API object. This can be used to specify a cluster or namespace-scoped resource.", "properties": { "apiGroup": { - "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "description": "apiGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", "type": "string" }, "kind": { - "description": "Kind is the type of resource being referenced.", + "description": "kind is the type of resource being referenced.", "type": "string" }, "name": { - "description": "Name is the name of resource being referenced.", + "description": "name is the name of resource being referenced.", "type": "string" }, "namespace": { - "description": "Namespace is the namespace of the resource being referenced. This field is required when scope is set to \"Namespace\" and must be unset when scope is set to \"Cluster\".", + "description": "namespace is the namespace of the resource being referenced. This field is required when scope is set to \"Namespace\" and must be unset when scope is set to \"Cluster\".", "type": "string" }, "scope": { - "description": "Scope represents if this refers to a cluster or namespace scoped resource. This may be set to \"Cluster\" (default) or \"Namespace\".", + "description": "scope represents if this refers to a cluster or namespace scoped resource. This may be set to \"Cluster\" (default) or \"Namespace\".", "type": "string" } }, @@ -11654,12 +12000,12 @@ "description": "IngressClassSpec provides information about the class of an Ingress.", "properties": { "controller": { - "description": "Controller refers to the name of the controller that should handle this class. This allows for different \"flavors\" that are controlled by the same controller. For example, you may have different Parameters for the same implementing controller. This should be specified as a domain-prefixed path no more than 250 characters in length, e.g. \"acme.io/ingress-controller\". This field is immutable.", + "description": "controller refers to the name of the controller that should handle this class. This allows for different \"flavors\" that are controlled by the same controller. For example, you may have different parameters for the same implementing controller. This should be specified as a domain-prefixed path no more than 250 characters in length, e.g. \"acme.io/ingress-controller\". This field is immutable.", "type": "string" }, "parameters": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressClassParametersReference", - "description": "Parameters is a link to a custom resource containing additional configuration for the controller. This is optional if the controller does not require extra parameters." + "description": "parameters is a link to a custom resource containing additional configuration for the controller. This is optional if the controller does not require extra parameters." } }, "type": "object" @@ -11672,7 +12018,7 @@ "type": "string" }, "items": { - "description": "Items is the list of Ingress.", + "description": "items is the list of Ingress.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.Ingress" }, @@ -11703,15 +12049,15 @@ "description": "IngressLoadBalancerIngress represents the status of a load-balancer ingress point.", "properties": { "hostname": { - "description": "Hostname is set for load-balancer ingress points that are DNS based.", + "description": "hostname is set for load-balancer ingress points that are DNS based.", "type": "string" }, "ip": { - "description": "IP is set for load-balancer ingress points that are IP based.", + "description": "ip is set for load-balancer ingress points that are IP based.", "type": "string" }, "ports": { - "description": "Ports provides information about the ports exposed by this LoadBalancer.", + "description": "ports provides information about the ports exposed by this LoadBalancer.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressPortStatus" }, @@ -11725,7 +12071,7 @@ "description": "IngressLoadBalancerStatus represents the status of a load-balancer.", "properties": { "ingress": { - "description": "Ingress is a list containing ingress points for the load-balancer.", + "description": "ingress is a list containing ingress points for the load-balancer.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressLoadBalancerIngress" }, @@ -11738,16 +12084,16 @@ "description": "IngressPortStatus represents the error condition of a service port", "properties": { "error": { - "description": "Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase.", + "description": "error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase.", "type": "string" }, "port": { - "description": "Port is the port number of the ingress port.", + "description": "port is the port number of the ingress port.", "format": "int32", "type": "integer" }, "protocol": { - "description": "Protocol is the protocol of the ingress port. The supported values are: \"TCP\", \"UDP\", \"SCTP\"\n\n", + "description": "protocol is the protocol of the ingress port. The supported values are: \"TCP\", \"UDP\", \"SCTP\"", "type": "string" } }, @@ -11761,7 +12107,7 @@ "description": "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.", "properties": { "host": { - "description": "Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to\n the IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.\n\nHost can be \"precise\" which is a domain name without the terminating dot of a network host (e.g. \"foo.bar.com\") or \"wildcard\", which is a domain name prefixed with a single wildcard label (e.g. \"*.foo.com\"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\"). Requests will be matched against the Host field in the following way: 1. If Host is precise, the request matches this rule if the http host header is equal to Host. 2. If Host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule.", + "description": "host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to\n the IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.\n\nhost can be \"precise\" which is a domain name without the terminating dot of a network host (e.g. \"foo.bar.com\") or \"wildcard\", which is a domain name prefixed with a single wildcard label (e.g. \"*.foo.com\"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\"). Requests will be matched against the Host field in the following way: 1. If host is precise, the request matches this rule if the http host header is equal to Host. 2. If host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule.", "type": "string" }, "http": { @@ -11774,12 +12120,12 @@ "description": "IngressServiceBackend references a Kubernetes Service as a Backend.", "properties": { "name": { - "description": "Name is the referenced service. The service must exist in the same namespace as the Ingress object.", + "description": "name is the referenced service. The service must exist in the same namespace as the Ingress object.", "type": "string" }, "port": { "$ref": "#/definitions/io.k8s.api.networking.v1.ServiceBackendPort", - "description": "Port of the referenced service. A port name or port number is required for a IngressServiceBackend." + "description": "port of the referenced service. A port name or port number is required for a IngressServiceBackend." } }, "required": [ @@ -11792,14 +12138,14 @@ "properties": { "defaultBackend": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressBackend", - "description": "DefaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller." + "description": "defaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller." }, "ingressClassName": { - "description": "IngressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present.", + "description": "ingressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present.", "type": "string" }, "rules": { - "description": "A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.", + "description": "rules is a list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressRule" }, @@ -11807,7 +12153,7 @@ "x-kubernetes-list-type": "atomic" }, "tls": { - "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "description": "tls represents the TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressTLS" }, @@ -11822,16 +12168,16 @@ "properties": { "loadBalancer": { "$ref": "#/definitions/io.k8s.api.networking.v1.IngressLoadBalancerStatus", - "description": "LoadBalancer contains the current status of the load-balancer." + "description": "loadBalancer contains the current status of the load-balancer." } }, "type": "object" }, "io.k8s.api.networking.v1.IngressTLS": { - "description": "IngressTLS describes the transport layer security associated with an Ingress.", + "description": "IngressTLS describes the transport layer security associated with an ingress.", "properties": { "hosts": { - "description": "Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", "items": { "type": "string" }, @@ -11839,7 +12185,7 @@ "x-kubernetes-list-type": "atomic" }, "secretName": { - "description": "SecretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.", + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", "type": "string" } }, @@ -11862,11 +12208,11 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicySpec", - "description": "Specification of the desired behavior for this NetworkPolicy." + "description": "spec represents the specification of the desired behavior for this NetworkPolicy." }, "status": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyStatus", - "description": "Status is the current state of the NetworkPolicy. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "description": "status represents the current state of the NetworkPolicy. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "type": "object", @@ -11882,14 +12228,14 @@ "description": "NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8", "properties": { "ports": { - "description": "List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", + "description": "ports is a list of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPort" }, "type": "array" }, "to": { - "description": "List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.", + "description": "to is a list of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPeer" }, @@ -11902,14 +12248,14 @@ "description": "NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.", "properties": { "from": { - "description": "List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the from list.", + "description": "from is a list of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the from list.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPeer" }, "type": "array" }, "ports": { - "description": "List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", + "description": "ports is a list of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyPort" }, @@ -11926,7 +12272,7 @@ "type": "string" }, "items": { - "description": "Items is a list of schema objects.", + "description": "items is a list of schema objects.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy" }, @@ -11958,15 +12304,15 @@ "properties": { "ipBlock": { "$ref": "#/definitions/io.k8s.api.networking.v1.IPBlock", - "description": "IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be." + "description": "ipBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be." }, "namespaceSelector": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", - "description": "Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.\n\nIf PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector." + "description": "namespaceSelector selects namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.\n\nIf podSelector is also set, then the NetworkPolicyPeer as a whole selects the pods matching podSelector in the namespaces selected by namespaceSelector. Otherwise it selects all pods in the namespaces selected by namespaceSelector." }, "podSelector": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", - "description": "This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods.\n\nIf NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace." + "description": "podSelector is a label selector which selects pods. This field follows standard label selector semantics; if present but empty, it selects all pods.\n\nIf namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the pods matching podSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the pods matching podSelector in the policy's own namespace." } }, "type": "object" @@ -11975,16 +12321,16 @@ "description": "NetworkPolicyPort describes a port to allow traffic on", "properties": { "endPort": { - "description": "If set, indicates that the range of ports from port to endPort, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.", + "description": "endPort indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.", "format": "int32", "type": "integer" }, "port": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.util.intstr.IntOrString", - "description": "The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched." + "description": "port represents the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched." }, "protocol": { - "description": "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", + "description": "protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", "type": "string" } }, @@ -11994,14 +12340,14 @@ "description": "NetworkPolicySpec provides the specification of a NetworkPolicy", "properties": { "egress": { - "description": "List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8", + "description": "egress is a list of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyEgressRule" }, "type": "array" }, "ingress": { - "description": "List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)", + "description": "ingress is a list of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyIngressRule" }, @@ -12009,10 +12355,10 @@ }, "podSelector": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", - "description": "Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace." + "description": "podSelector selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace." }, "policyTypes": { - "description": "List of rule types that the NetworkPolicy relates to. Valid options are [\"Ingress\"], [\"Egress\"], or [\"Ingress\", \"Egress\"]. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an Egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", + "description": "policyTypes is a list of rule types that the NetworkPolicy relates to. Valid options are [\"Ingress\"], [\"Egress\"], or [\"Ingress\", \"Egress\"]. If this field is not specified, it will default based on the existence of ingress or egress rules; policies that contain an egress section are assumed to affect egress, and all policies (whether or not they contain an ingress section) are assumed to affect ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include \"Egress\" (since such a policy would not include an egress section and would otherwise default to just [ \"Ingress\" ]). This field is beta-level in 1.8", "items": { "type": "string" }, @@ -12025,10 +12371,10 @@ "type": "object" }, "io.k8s.api.networking.v1.NetworkPolicyStatus": { - "description": "NetworkPolicyStatus describe the current state of the NetworkPolicy.", + "description": "NetworkPolicyStatus describes the current state of the NetworkPolicy.", "properties": { "conditions": { - "description": "Conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. Current service state", + "description": "conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. Current service state", "items": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Condition" }, @@ -12047,11 +12393,11 @@ "description": "ServiceBackendPort is the service port being referenced.", "properties": { "name": { - "description": "Name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\".", + "description": "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\".", "type": "string" }, "number": { - "description": "Number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\".", + "description": "number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\".", "format": "int32", "type": "integer" } @@ -12075,7 +12421,7 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.ClusterCIDRSpec", - "description": "Spec is the desired state of the ClusterCIDR. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + "description": "spec is the desired state of the ClusterCIDR. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" } }, "type": "object", @@ -12095,7 +12441,7 @@ "type": "string" }, "items": { - "description": "Items is the list of ClusterCIDRs.", + "description": "items is the list of ClusterCIDRs.", "items": { "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.ClusterCIDR" }, @@ -12126,19 +12472,19 @@ "description": "ClusterCIDRSpec defines the desired state of ClusterCIDR.", "properties": { "ipv4": { - "description": "IPv4 defines an IPv4 IP block in CIDR notation(e.g. \"10.0.0.0/8\"). At least one of IPv4 and IPv6 must be specified. This field is immutable.", + "description": "ipv4 defines an IPv4 IP block in CIDR notation(e.g. \"10.0.0.0/8\"). At least one of ipv4 and ipv6 must be specified. This field is immutable.", "type": "string" }, "ipv6": { - "description": "IPv6 defines an IPv6 IP block in CIDR notation(e.g. \"2001:db8::/64\"). At least one of IPv4 and IPv6 must be specified. This field is immutable.", + "description": "ipv6 defines an IPv6 IP block in CIDR notation(e.g. \"2001:db8::/64\"). At least one of ipv4 and ipv6 must be specified. This field is immutable.", "type": "string" }, "nodeSelector": { "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelector", - "description": "NodeSelector defines which nodes the config is applicable to. An empty or nil NodeSelector selects all nodes. This field is immutable." + "description": "nodeSelector defines which nodes the config is applicable to. An empty or nil nodeSelector selects all nodes. This field is immutable." }, "perNodeHostBits": { - "description": "PerNodeHostBits defines the number of host bits to be configured per node. A subnet mask determines how much of the address is used for network bits and host bits. For example an IPv4 address of 192.168.0.0/24, splits the address into 24 bits for the network portion and 8 bits for the host portion. To allocate 256 IPs, set this field to 8 (a /24 mask for IPv4 or a /120 for IPv6). Minimum value is 4 (16 IPs). This field is immutable.", + "description": "perNodeHostBits defines the number of host bits to be configured per node. A subnet mask determines how much of the address is used for network bits and host bits. For example an IPv4 address of 192.168.0.0/24, splits the address into 24 bits for the network portion and 8 bits for the host portion. To allocate 256 IPs, set this field to 8 (a /24 mask for IPv4 or a /120 for IPv6). Minimum value is 4 (16 IPs). This field is immutable.", "format": "int32", "type": "integer" } @@ -12148,6 +12494,106 @@ ], "type": "object" }, + "io.k8s.api.networking.v1alpha1.IPAddress": { + "description": "IPAddress represents a single IP of a single IP Family. The object is designed to be used by APIs that operate on IP addresses. The object is used by the Service core API for allocation of IP addresses. An IP address can be represented in different formats, to guarantee the uniqueness of the IP, the name of the object is the IP address in canonical format, four decimal digits separated by dots suppressing leading zeros for IPv4 and the representation defined by RFC 5952 for IPv6. Valid: 192.168.1.5 or 2001:db8::1 or 2001:db8:aaaa:bbbb:cccc:dddd:eeee:1 Invalid: 10.01.2.3 or 2001:db8:0:0:0::1", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + }, + "spec": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddressSpec", + "description": "spec is the desired state of the IPAddress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + } + }, + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.networking.v1alpha1.IPAddressList": { + "description": "IPAddressList contains a list of IPAddress.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "items": { + "description": "items is the list of IPAddresses.", + "items": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + }, + "type": "array" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + } + }, + "required": [ + "items" + ], + "type": "object", + "x-kubernetes-group-version-kind": [ + { + "group": "networking.k8s.io", + "kind": "IPAddressList", + "version": "v1alpha1" + } + ] + }, + "io.k8s.api.networking.v1alpha1.IPAddressSpec": { + "description": "IPAddressSpec describe the attributes in an IP Address.", + "properties": { + "parentRef": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.ParentReference", + "description": "ParentRef references the resource that an IPAddress is attached to. An IPAddress must reference a parent object." + } + }, + "type": "object" + }, + "io.k8s.api.networking.v1alpha1.ParentReference": { + "description": "ParentReference describes a reference to a parent object.", + "properties": { + "group": { + "description": "Group is the group of the object being referenced.", + "type": "string" + }, + "name": { + "description": "Name is the name of the object being referenced.", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of the object being referenced.", + "type": "string" + }, + "resource": { + "description": "Resource is the resource of the object being referenced.", + "type": "string" + }, + "uid": { + "description": "UID is the uid of the object being referenced.", + "type": "string" + } + }, + "type": "object" + }, "io.k8s.api.node.v1.Overhead": { "description": "Overhead structure represents the resource overhead associated with running a pod.", "properties": { @@ -12155,7 +12601,7 @@ "additionalProperties": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity" }, - "description": "PodFixed represents the fixed resource overhead associated with running a pod.", + "description": "podFixed represents the fixed resource overhead associated with running a pod.", "type": "object" } }, @@ -12169,7 +12615,7 @@ "type": "string" }, "handler": { - "description": "Handler specifies the underlying runtime and configuration that the CRI implementation will use to handle pods of this class. The possible values are specific to the node & CRI configuration. It is assumed that all handlers are available on every node, and handlers of the same name are equivalent on every node. For example, a handler called \"runc\" might specify that the runc OCI runtime (using native Linux containers) will be used to run the containers in a pod. The Handler must be lowercase, conform to the DNS Label (RFC 1123) requirements, and is immutable.", + "description": "handler specifies the underlying runtime and configuration that the CRI implementation will use to handle pods of this class. The possible values are specific to the node & CRI configuration. It is assumed that all handlers are available on every node, and handlers of the same name are equivalent on every node. For example, a handler called \"runc\" might specify that the runc OCI runtime (using native Linux containers) will be used to run the containers in a pod. The Handler must be lowercase, conform to the DNS Label (RFC 1123) requirements, and is immutable.", "type": "string" }, "kind": { @@ -12182,11 +12628,11 @@ }, "overhead": { "$ref": "#/definitions/io.k8s.api.node.v1.Overhead", - "description": "Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. For more details, see\n https://kubernetes.io/docs/concepts/scheduling-eviction/pod-overhead/" + "description": "overhead represents the resource overhead associated with running a pod for a given RuntimeClass. For more details, see\n https://kubernetes.io/docs/concepts/scheduling-eviction/pod-overhead/" }, "scheduling": { "$ref": "#/definitions/io.k8s.api.node.v1.Scheduling", - "description": "Scheduling holds the scheduling constraints to ensure that pods running with this RuntimeClass are scheduled to nodes that support it. If scheduling is nil, this RuntimeClass is assumed to be supported by all nodes." + "description": "scheduling holds the scheduling constraints to ensure that pods running with this RuntimeClass are scheduled to nodes that support it. If scheduling is nil, this RuntimeClass is assumed to be supported by all nodes." } }, "required": [ @@ -12209,7 +12655,7 @@ "type": "string" }, "items": { - "description": "Items is a list of schema objects.", + "description": "items is a list of schema objects.", "items": { "$ref": "#/definitions/io.k8s.api.node.v1.RuntimeClass" }, @@ -12372,7 +12818,7 @@ "x-kubernetes-patch-strategy": "replace" }, "unhealthyPodEvictionPolicy": { - "description": "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field.\n\nThis field is alpha-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (disabled by default).", + "description": "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field.\n\nThis field is beta-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).", "type": "string" } }, @@ -12829,16 +13275,20 @@ "type": "object", "x-kubernetes-map-type": "atomic" }, - "io.k8s.api.resource.v1alpha1.AllocationResult": { - "description": "AllocationResult contains attributed of an allocated resource.", + "io.k8s.api.resource.v1alpha2.AllocationResult": { + "description": "AllocationResult contains attributes of an allocated resource.", "properties": { "availableOnNodes": { "$ref": "#/definitions/io.k8s.api.core.v1.NodeSelector", - "description": "This field will get set by the resource driver after it has allocated the resource driver to inform the scheduler where it can schedule Pods using the ResourceClaim.\n\nSetting this field is optional. If null, the resource is available everywhere." + "description": "This field will get set by the resource driver after it has allocated the resource to inform the scheduler where it can schedule Pods using the ResourceClaim.\n\nSetting this field is optional. If null, the resource is available everywhere." }, - "resourceHandle": { - "description": "ResourceHandle contains arbitrary data returned by the driver after a successful allocation. This is opaque for Kubernetes. Driver documentation may explain to users how to interpret this data if needed.\n\nThe maximum size of this field is 16KiB. This may get increased in the future, but not reduced.", - "type": "string" + "resourceHandles": { + "description": "ResourceHandles contain the state associated with an allocation that should be maintained throughout the lifetime of a claim. Each ResourceHandle contains data that should be passed to a specific kubelet plugin once it lands on a node. This data is returned by the driver after a successful allocation and is opaque to Kubernetes. Driver documentation may explain to users how to interpret this data if needed.\n\nSetting this field is optional. It has a maximum size of 32 entries. If null (or empty), it is assumed this allocation will be processed by a single kubelet plugin with no ResourceHandle data attached. The name of the kubelet plugin invoked will match the DriverName set in the ResourceClaimStatus this AllocationResult is embedded in.", + "items": { + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceHandle" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" }, "shareable": { "description": "Shareable determines whether the resource supports more than one consumer at a time.", @@ -12847,8 +13297,8 @@ }, "type": "object" }, - "io.k8s.api.resource.v1alpha1.PodScheduling": { - "description": "PodScheduling objects hold information that is needed to schedule a Pod with ResourceClaims that use \"WaitForFirstConsumer\" allocation mode.\n\nThis is an alpha type and requires enabling the DynamicResourceAllocation feature gate.", + "io.k8s.api.resource.v1alpha2.PodSchedulingContext": { + "description": "PodSchedulingContext objects hold information that is needed to schedule a Pod with ResourceClaims that use \"WaitForFirstConsumer\" allocation mode.\n\nThis is an alpha type and requires enabling the DynamicResourceAllocation feature gate.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", @@ -12863,11 +13313,11 @@ "description": "Standard object metadata" }, "spec": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodSchedulingSpec", + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContextSpec", "description": "Spec describes where resources for the Pod are needed." }, "status": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodSchedulingStatus", + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContextStatus", "description": "Status describes where resources for the Pod can be allocated." } }, @@ -12878,22 +13328,22 @@ "x-kubernetes-group-version-kind": [ { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } ] }, - "io.k8s.api.resource.v1alpha1.PodSchedulingList": { - "description": "PodSchedulingList is a collection of Pod scheduling objects.", + "io.k8s.api.resource.v1alpha2.PodSchedulingContextList": { + "description": "PodSchedulingContextList is a collection of Pod scheduling objects.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "items": { - "description": "Items is the list of PodScheduling objects.", + "description": "Items is the list of PodSchedulingContext objects.", "items": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" }, "type": "array" }, @@ -12913,13 +13363,13 @@ "x-kubernetes-group-version-kind": [ { "group": "resource.k8s.io", - "kind": "PodSchedulingList", - "version": "v1alpha1" + "kind": "PodSchedulingContextList", + "version": "v1alpha2" } ] }, - "io.k8s.api.resource.v1alpha1.PodSchedulingSpec": { - "description": "PodSchedulingSpec describes where resources for the Pod are needed.", + "io.k8s.api.resource.v1alpha2.PodSchedulingContextSpec": { + "description": "PodSchedulingContextSpec describes where resources for the Pod are needed.", "properties": { "potentialNodes": { "description": "PotentialNodes lists nodes where the Pod might be able to run.\n\nThe size of this field is limited to 128. This is large enough for many clusters. Larger clusters may need more attempts to find a node that suits all pending resources. This may get increased in the future, but not reduced.", @@ -12936,13 +13386,13 @@ }, "type": "object" }, - "io.k8s.api.resource.v1alpha1.PodSchedulingStatus": { - "description": "PodSchedulingStatus describes where resources for the Pod can be allocated.", + "io.k8s.api.resource.v1alpha2.PodSchedulingContextStatus": { + "description": "PodSchedulingContextStatus describes where resources for the Pod can be allocated.", "properties": { "resourceClaims": { "description": "ResourceClaims describes resource availability for each pod.spec.resourceClaim entry where the corresponding ResourceClaim uses \"WaitForFirstConsumer\" allocation mode.", "items": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimSchedulingStatus" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimSchedulingStatus" }, "type": "array", "x-kubernetes-list-map-keys": [ @@ -12953,7 +13403,7 @@ }, "type": "object" }, - "io.k8s.api.resource.v1alpha1.ResourceClaim": { + "io.k8s.api.resource.v1alpha2.ResourceClaim": { "description": "ResourceClaim describes which resources are needed by a resource consumer. Its status tracks whether the resource has been allocated and what the resulting attributes are.\n\nThis is an alpha type and requires enabling the DynamicResourceAllocation feature gate.", "properties": { "apiVersion": { @@ -12969,11 +13419,11 @@ "description": "Standard object metadata" }, "spec": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimSpec", + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimSpec", "description": "Spec describes the desired attributes of a resource that then needs to be allocated. It can only be set once when creating the ResourceClaim." }, "status": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimStatus", + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimStatus", "description": "Status describes whether the resource is available and with which attributes." } }, @@ -12985,11 +13435,11 @@ { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } ] }, - "io.k8s.api.resource.v1alpha1.ResourceClaimConsumerReference": { + "io.k8s.api.resource.v1alpha2.ResourceClaimConsumerReference": { "description": "ResourceClaimConsumerReference contains enough information to let you locate the consumer of a ResourceClaim. The user must be a resource in the same namespace as the ResourceClaim.", "properties": { "apiGroup": { @@ -13016,7 +13466,7 @@ ], "type": "object" }, - "io.k8s.api.resource.v1alpha1.ResourceClaimList": { + "io.k8s.api.resource.v1alpha2.ResourceClaimList": { "description": "ResourceClaimList is a collection of claims.", "properties": { "apiVersion": { @@ -13026,7 +13476,7 @@ "items": { "description": "Items is the list of resource claims.", "items": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" }, "type": "array" }, @@ -13047,11 +13497,11 @@ { "group": "resource.k8s.io", "kind": "ResourceClaimList", - "version": "v1alpha1" + "version": "v1alpha2" } ] }, - "io.k8s.api.resource.v1alpha1.ResourceClaimParametersReference": { + "io.k8s.api.resource.v1alpha2.ResourceClaimParametersReference": { "description": "ResourceClaimParametersReference contains enough information to let you locate the parameters for a ResourceClaim. The object must be in the same namespace as the ResourceClaim.", "properties": { "apiGroup": { @@ -13073,7 +13523,7 @@ ], "type": "object" }, - "io.k8s.api.resource.v1alpha1.ResourceClaimSchedulingStatus": { + "io.k8s.api.resource.v1alpha2.ResourceClaimSchedulingStatus": { "description": "ResourceClaimSchedulingStatus contains information about one particular ResourceClaim with \"WaitForFirstConsumer\" allocation mode.", "properties": { "name": { @@ -13091,7 +13541,7 @@ }, "type": "object" }, - "io.k8s.api.resource.v1alpha1.ResourceClaimSpec": { + "io.k8s.api.resource.v1alpha2.ResourceClaimSpec": { "description": "ResourceClaimSpec defines how a resource is to be allocated.", "properties": { "allocationMode": { @@ -13099,7 +13549,7 @@ "type": "string" }, "parametersRef": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimParametersReference", + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimParametersReference", "description": "ParametersRef references a separate object with arbitrary parameters that will be used by the driver when allocating a resource for the claim.\n\nThe object must be in the same namespace as the ResourceClaim." }, "resourceClassName": { @@ -13112,12 +13562,12 @@ ], "type": "object" }, - "io.k8s.api.resource.v1alpha1.ResourceClaimStatus": { + "io.k8s.api.resource.v1alpha2.ResourceClaimStatus": { "description": "ResourceClaimStatus tracks whether the resource has been allocated and what the resulting attributes are.", "properties": { "allocation": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.AllocationResult", - "description": "Allocation is set by the resource driver once a resource has been allocated successfully. If this is not specified, the resource is not yet allocated." + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.AllocationResult", + "description": "Allocation is set by the resource driver once a resource or set of resources has been allocated successfully. If this is not specified, the resources have not been allocated yet." }, "deallocationRequested": { "description": "DeallocationRequested indicates that a ResourceClaim is to be deallocated.\n\nThe driver then must deallocate this claim and reset the field together with clearing the Allocation field.\n\nWhile DeallocationRequested is set, no new consumers may be added to ReservedFor.", @@ -13130,15 +13580,18 @@ "reservedFor": { "description": "ReservedFor indicates which entities are currently allowed to use the claim. A Pod which references a ResourceClaim which is not reserved for that Pod will not be started.\n\nThere can be at most 32 such reservations. This may get increased in the future, but not reduced.", "items": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimConsumerReference" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimConsumerReference" }, "type": "array", - "x-kubernetes-list-type": "set" + "x-kubernetes-list-map-keys": [ + "uid" + ], + "x-kubernetes-list-type": "map" } }, "type": "object" }, - "io.k8s.api.resource.v1alpha1.ResourceClaimTemplate": { + "io.k8s.api.resource.v1alpha2.ResourceClaimTemplate": { "description": "ResourceClaimTemplate is used to produce ResourceClaim objects.", "properties": { "apiVersion": { @@ -13154,7 +13607,7 @@ "description": "Standard object metadata" }, "spec": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplateSpec", + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplateSpec", "description": "Describes the ResourceClaim that is to be generated.\n\nThis field is immutable. A ResourceClaim will get created by the control plane for a Pod when needed and then not get updated anymore." } }, @@ -13166,11 +13619,11 @@ { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } ] }, - "io.k8s.api.resource.v1alpha1.ResourceClaimTemplateList": { + "io.k8s.api.resource.v1alpha2.ResourceClaimTemplateList": { "description": "ResourceClaimTemplateList is a collection of claim templates.", "properties": { "apiVersion": { @@ -13180,7 +13633,7 @@ "items": { "description": "Items is the list of resource claim templates.", "items": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" }, "type": "array" }, @@ -13201,11 +13654,11 @@ { "group": "resource.k8s.io", "kind": "ResourceClaimTemplateList", - "version": "v1alpha1" + "version": "v1alpha2" } ] }, - "io.k8s.api.resource.v1alpha1.ResourceClaimTemplateSpec": { + "io.k8s.api.resource.v1alpha2.ResourceClaimTemplateSpec": { "description": "ResourceClaimTemplateSpec contains the metadata and fields for a ResourceClaim.", "properties": { "metadata": { @@ -13213,7 +13666,7 @@ "description": "ObjectMeta may contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." }, "spec": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimSpec", + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimSpec", "description": "Spec for the ResourceClaim. The entire content is copied unchanged into the ResourceClaim that gets created from this template. The same fields as in a ResourceClaim are also valid here." } }, @@ -13222,7 +13675,7 @@ ], "type": "object" }, - "io.k8s.api.resource.v1alpha1.ResourceClass": { + "io.k8s.api.resource.v1alpha2.ResourceClass": { "description": "ResourceClass is used by administrators to influence how resources are allocated.\n\nThis is an alpha type and requires enabling the DynamicResourceAllocation feature gate.", "properties": { "apiVersion": { @@ -13242,7 +13695,7 @@ "description": "Standard object metadata" }, "parametersRef": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClassParametersReference", + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClassParametersReference", "description": "ParametersRef references an arbitrary separate object that may hold parameters that will be used by the driver when allocating a resource that uses this class. A dynamic resource driver can distinguish between parameters stored here and and those stored in ResourceClaimSpec." }, "suitableNodes": { @@ -13258,11 +13711,11 @@ { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } ] }, - "io.k8s.api.resource.v1alpha1.ResourceClassList": { + "io.k8s.api.resource.v1alpha2.ResourceClassList": { "description": "ResourceClassList is a collection of classes.", "properties": { "apiVersion": { @@ -13272,7 +13725,7 @@ "items": { "description": "Items is the list of resource classes.", "items": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" }, "type": "array" }, @@ -13293,11 +13746,11 @@ { "group": "resource.k8s.io", "kind": "ResourceClassList", - "version": "v1alpha1" + "version": "v1alpha2" } ] }, - "io.k8s.api.resource.v1alpha1.ResourceClassParametersReference": { + "io.k8s.api.resource.v1alpha2.ResourceClassParametersReference": { "description": "ResourceClassParametersReference contains enough information to let you locate the parameters for a ResourceClass.", "properties": { "apiGroup": { @@ -13323,6 +13776,20 @@ ], "type": "object" }, + "io.k8s.api.resource.v1alpha2.ResourceHandle": { + "description": "ResourceHandle holds opaque resource data for processing by a specific kubelet plugin.", + "properties": { + "data": { + "description": "Data contains the opaque data associated with this ResourceHandle. It is set by the controller component of the resource driver whose name matches the DriverName set in the ResourceClaimStatus this ResourceHandle is embedded in. It is set at allocation time and is intended for processing by the kubelet plugin whose name matches the DriverName set in this ResourceHandle.\n\nThe maximum size of this field is 16KiB. This may get increased in the future, but not reduced.", + "type": "string" + }, + "driverName": { + "description": "DriverName specifies the name of the resource driver whose kubelet plugin should be invoked to process this ResourceHandle's data once it lands on a node. This may differ from the DriverName set in ResourceClaimStatus this ResourceHandle is embedded in.", + "type": "string" + } + }, + "type": "object" + }, "io.k8s.api.scheduling.v1.PriorityClass": { "description": "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.", "properties": { @@ -13347,11 +13814,11 @@ "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "preemptionPolicy": { - "description": "PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.", + "description": "preemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.", "type": "string" }, "value": { - "description": "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.", + "description": "value represents the integer value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.", "format": "int32", "type": "integer" } @@ -13420,7 +13887,7 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.storage.v1.CSIDriverSpec", - "description": "Specification of the CSI Driver." + "description": "spec represents the specification of the CSI Driver." } }, "required": [ @@ -13478,27 +13945,27 @@ "type": "boolean" }, "fsGroupPolicy": { - "description": "Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.", + "description": "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.", "type": "string" }, "podInfoOnMount": { - "description": "If set to true, podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations. If set to false, pod information will not be passed on mount. Default is false. The CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext. The following VolumeConext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.", + "description": "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeConext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.", "type": "boolean" }, "requiresRepublish": { - "description": "RequiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.\n\nNote: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.", + "description": "requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.\n\nNote: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.", "type": "boolean" }, "seLinuxMount": { - "description": "SELinuxMount specifies if the CSI driver supports \"-o context\" mount option.\n\nWhen \"true\", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with \"-o context=xyz\" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.\n\nWhen \"false\", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.\n\nDefault is \"false\".", + "description": "seLinuxMount specifies if the CSI driver supports \"-o context\" mount option.\n\nWhen \"true\", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with \"-o context=xyz\" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.\n\nWhen \"false\", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.\n\nDefault is \"false\".", "type": "boolean" }, "storageCapacity": { - "description": "If set to true, storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information.\n\nThe check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.\n\nAlternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and now is mutable.", + "description": "storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.\n\nThe check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.\n\nAlternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and now is mutable.", "type": "boolean" }, "tokenRequests": { - "description": "TokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: \"csi.storage.k8s.io/serviceAccount.tokens\": {\n \"\": {\n \"token\": ,\n \"expirationTimestamp\": ,\n },\n ...\n}\n\nNote: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.", + "description": "tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: \"csi.storage.k8s.io/serviceAccount.tokens\": {\n \"\": {\n \"token\": ,\n \"expirationTimestamp\": ,\n },\n ...\n}\n\nNote: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.", "items": { "$ref": "#/definitions/io.k8s.api.storage.v1.TokenRequest" }, @@ -13506,7 +13973,7 @@ "x-kubernetes-list-type": "atomic" }, "volumeLifecycleModes": { - "description": "volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is \"Persistent\", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism. The other mode is \"Ephemeral\". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume. For more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future. This field is beta.\n\nThis field is immutable.", + "description": "volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is \"Persistent\", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.\n\nThe other mode is \"Ephemeral\". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.\n\nFor more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.\n\nThis field is beta. This field is immutable.", "items": { "type": "string" }, @@ -13529,7 +13996,7 @@ }, "metadata": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", - "description": "metadata.name must be the Kubernetes node name." + "description": "Standard object's metadata. metadata.name must be the Kubernetes node name." }, "spec": { "$ref": "#/definitions/io.k8s.api.storage.v1.CSINodeSpec", @@ -13556,7 +14023,7 @@ "description": "allocatable represents the volume resources of a node that are available for scheduling. This field is beta." }, "name": { - "description": "This is the name of the CSI driver that this object refers to. This MUST be the same name returned by the CSI GetPluginName() call for that driver.", + "description": "name represents the name of the CSI driver that this object refers to. This MUST be the same name returned by the CSI GetPluginName() call for that driver.", "type": "string" }, "nodeID": { @@ -13639,7 +14106,7 @@ }, "capacity": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", - "description": "Capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThe semantic is currently (CSI spec 1.2) defined as: The available capacity, in bytes, of the storage that can be used to provision volumes. If not set, that information is currently unavailable." + "description": "capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThe semantic is currently (CSI spec 1.2) defined as: The available capacity, in bytes, of the storage that can be used to provision volumes. If not set, that information is currently unavailable." }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", @@ -13647,18 +14114,18 @@ }, "maximumVolumeSize": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", - "description": "MaximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThis is defined since CSI spec 1.4.0 as the largest size that may be used in a CreateVolumeRequest.capacity_range.required_bytes field to create a volume with the same parameters as those in GetCapacityRequest. The corresponding value in the Kubernetes API is ResourceRequirements.Requests in a volume claim." + "description": "maximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThis is defined since CSI spec 1.4.0 as the largest size that may be used in a CreateVolumeRequest.capacity_range.required_bytes field to create a volume with the same parameters as those in GetCapacityRequest. The corresponding value in the Kubernetes API is ResourceRequirements.Requests in a volume claim." }, "metadata": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", - "description": "Standard object's metadata. The name has no particular meaning. It must be be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-, a generated name, or a reverse-domain name which ends with the unique CSI driver name.\n\nObjects are namespaced.\n\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + "description": "Standard object's metadata. The name has no particular meaning. It must be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-, a generated name, or a reverse-domain name which ends with the unique CSI driver name.\n\nObjects are namespaced.\n\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "nodeTopology": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", - "description": "NodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable." + "description": "nodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable." }, "storageClassName": { - "description": "The name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable.", + "description": "storageClassName represents the name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable.", "type": "string" } }, @@ -13682,7 +14149,7 @@ "type": "string" }, "items": { - "description": "Items is the list of CSIStorageCapacity objects.", + "description": "items is the list of CSIStorageCapacity objects.", "items": { "$ref": "#/definitions/io.k8s.api.storage.v1.CSIStorageCapacity" }, @@ -13717,11 +14184,11 @@ "description": "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.", "properties": { "allowVolumeExpansion": { - "description": "AllowVolumeExpansion shows whether the storage class allow volume expand", + "description": "allowVolumeExpansion shows whether the storage class allow volume expand.", "type": "boolean" }, "allowedTopologies": { - "description": "Restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.", + "description": "allowedTopologies restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.TopologySelectorTerm" }, @@ -13741,7 +14208,7 @@ "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" }, "mountOptions": { - "description": "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.", + "description": "mountOptions controls the mountOptions for dynamically provisioned PersistentVolumes of this storage class. e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.", "items": { "type": "string" }, @@ -13751,19 +14218,19 @@ "additionalProperties": { "type": "string" }, - "description": "Parameters holds the parameters for the provisioner that should create volumes of this storage class.", + "description": "parameters holds the parameters for the provisioner that should create volumes of this storage class.", "type": "object" }, "provisioner": { - "description": "Provisioner indicates the type of the provisioner.", + "description": "provisioner indicates the type of the provisioner.", "type": "string" }, "reclaimPolicy": { - "description": "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.", + "description": "reclaimPolicy controls the reclaimPolicy for dynamically provisioned PersistentVolumes of this storage class. Defaults to Delete.", "type": "string" }, "volumeBindingMode": { - "description": "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.", + "description": "volumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.", "type": "string" } }, @@ -13787,7 +14254,7 @@ "type": "string" }, "items": { - "description": "Items is the list of StorageClasses", + "description": "items is the list of StorageClasses", "items": { "$ref": "#/definitions/io.k8s.api.storage.v1.StorageClass" }, @@ -13818,11 +14285,11 @@ "description": "TokenRequest contains parameters of a service account token.", "properties": { "audience": { - "description": "Audience is the intended audience of the token in \"TokenRequestSpec\". It will default to the audiences of kube apiserver.", + "description": "audience is the intended audience of the token in \"TokenRequestSpec\". It will default to the audiences of kube apiserver.", "type": "string" }, "expirationSeconds": { - "description": "ExpirationSeconds is the duration of validity of the token in \"TokenRequestSpec\". It has the same default value of \"ExpirationSeconds\" in \"TokenRequestSpec\".", + "description": "expirationSeconds is the duration of validity of the token in \"TokenRequestSpec\". It has the same default value of \"ExpirationSeconds\" in \"TokenRequestSpec\".", "format": "int64", "type": "integer" } @@ -13849,11 +14316,11 @@ }, "spec": { "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentSpec", - "description": "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system." + "description": "spec represents specification of the desired attach/detach volume behavior. Populated by the Kubernetes system." }, "status": { "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentStatus", - "description": "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher." + "description": "status represents status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher." } }, "required": [ @@ -13876,7 +14343,7 @@ "type": "string" }, "items": { - "description": "Items is the list of VolumeAttachments", + "description": "items is the list of VolumeAttachments", "items": { "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachment" }, @@ -13911,7 +14378,7 @@ "description": "inlineVolumeSpec contains all the information necessary to attach a persistent volume defined by a pod's inline VolumeSource. This field is populated only for the CSIMigration feature. It contains translated fields from a pod's inline VolumeSource to a PersistentVolumeSpec. This field is beta-level and is only honored by servers that enabled the CSIMigration feature." }, "persistentVolumeName": { - "description": "Name of the persistent volume to attach.", + "description": "persistentVolumeName represents the name of the persistent volume to attach.", "type": "string" } }, @@ -13921,16 +14388,16 @@ "description": "VolumeAttachmentSpec is the specification of a VolumeAttachment request.", "properties": { "attacher": { - "description": "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().", + "description": "attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().", "type": "string" }, "nodeName": { - "description": "The node that the volume should be attached to.", + "description": "nodeName represents the node that the volume should be attached to.", "type": "string" }, "source": { "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeAttachmentSource", - "description": "Source represents the volume that should be attached." + "description": "source represents the volume that should be attached." } }, "required": [ @@ -13945,22 +14412,22 @@ "properties": { "attachError": { "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeError", - "description": "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher." + "description": "attachError represents the last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher." }, "attached": { - "description": "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", + "description": "attached indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", "type": "boolean" }, "attachmentMetadata": { "additionalProperties": { "type": "string" }, - "description": "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", + "description": "attachmentMetadata is populated with any information returned by the attach operation, upon successful attach, that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.", "type": "object" }, "detachError": { "$ref": "#/definitions/io.k8s.api.storage.v1.VolumeError", - "description": "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher." + "description": "detachError represents the last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher." } }, "required": [ @@ -13972,12 +14439,12 @@ "description": "VolumeError captures an error encountered during a volume operation.", "properties": { "message": { - "description": "String detailing the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.", + "description": "message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.", "type": "string" }, "time": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time", - "description": "Time the error was encountered." + "description": "time represents the time the error was encountered." } }, "type": "object" @@ -13986,96 +14453,13 @@ "description": "VolumeNodeResources is a set of resource limits for scheduling of volumes.", "properties": { "count": { - "description": "Maximum number of unique volumes managed by the CSI driver that can be used on a node. A volume that is both attached and mounted on a node is considered to be used once, not twice. The same rule applies for a unique volume that is shared among multiple pods on the same node. If this field is not specified, then the supported number of volumes on this node is unbounded.", + "description": "count indicates the maximum number of unique volumes managed by the CSI driver that can be used on a node. A volume that is both attached and mounted on a node is considered to be used once, not twice. The same rule applies for a unique volume that is shared among multiple pods on the same node. If this field is not specified, then the supported number of volumes on this node is unbounded.", "format": "int32", "type": "integer" } }, "type": "object" }, - "io.k8s.api.storage.v1beta1.CSIStorageCapacity": { - "description": "CSIStorageCapacity stores the result of one CSI GetCapacity call. For a given StorageClass, this describes the available capacity in a particular topology segment. This can be used when considering where to instantiate new PersistentVolumes.\n\nFor example this can express things like: - StorageClass \"standard\" has \"1234 GiB\" available in \"topology.kubernetes.io/zone=us-east1\" - StorageClass \"localssd\" has \"10 GiB\" available in \"kubernetes.io/hostname=knode-abc123\"\n\nThe following three cases all imply that no capacity is available for a certain combination: - no object exists with suitable topology and storage class name - such an object exists, but the capacity is unset - such an object exists, but the capacity is zero\n\nThe producer of these objects can decide which approach is more suitable.\n\nThey are consumed by the kube-scheduler when a CSI driver opts into capacity-aware scheduling with CSIDriverSpec.StorageCapacity. The scheduler compares the MaximumVolumeSize against the requested size of pending volumes to filter out unsuitable nodes. If MaximumVolumeSize is unset, it falls back to a comparison against the less precise Capacity. If that is also unset, the scheduler assumes that capacity is insufficient and tries some other node.", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "capacity": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", - "description": "Capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThe semantic is currently (CSI spec 1.2) defined as: The available capacity, in bytes, of the storage that can be used to provision volumes. If not set, that information is currently unavailable." - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "maximumVolumeSize": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.api.resource.Quantity", - "description": "MaximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.\n\nThis is defined since CSI spec 1.4.0 as the largest size that may be used in a CreateVolumeRequest.capacity_range.required_bytes field to create a volume with the same parameters as those in GetCapacityRequest. The corresponding value in the Kubernetes API is ResourceRequirements.Requests in a volume claim." - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", - "description": "Standard object's metadata. The name has no particular meaning. It must be be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-, a generated name, or a reverse-domain name which ends with the unique CSI driver name.\n\nObjects are namespaced.\n\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - }, - "nodeTopology": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector", - "description": "NodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable." - }, - "storageClassName": { - "description": "The name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable.", - "type": "string" - } - }, - "required": [ - "storageClassName" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - ] - }, - "io.k8s.api.storage.v1beta1.CSIStorageCapacityList": { - "description": "CSIStorageCapacityList is a collection of CSIStorageCapacity objects.", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "description": "Items is the list of CSIStorageCapacity objects.", - "items": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - }, - "type": "array", - "x-kubernetes-list-map-keys": [ - "name" - ], - "x-kubernetes-list-type": "map" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta", - "description": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - } - }, - "required": [ - "items" - ], - "type": "object", - "x-kubernetes-group-version-kind": [ - { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacityList", - "version": "v1beta1" - } - ] - }, "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1.CustomResourceColumnDefinition": { "description": "CustomResourceColumnDefinition specifies a column for server side printing.", "properties": { @@ -14116,12 +14500,12 @@ "description": "CustomResourceConversion describes how to convert different versions of a CR.", "properties": { "strategy": { - "description": "strategy specifies how custom resources are converted between versions. Allowed values are: - `None`: The converter only change the apiVersion and would not touch any other field in the custom resource. - `Webhook`: API Server will call to an external webhook to do the conversion. Additional information\n is needed for this option. This requires spec.preserveUnknownFields to be false, and spec.conversion.webhook to be set.", + "description": "strategy specifies how custom resources are converted between versions. Allowed values are: - `\"None\"`: The converter only change the apiVersion and would not touch any other field in the custom resource. - `\"Webhook\"`: API Server will call to an external webhook to do the conversion. Additional information\n is needed for this option. This requires spec.preserveUnknownFields to be false, and spec.conversion.webhook to be set.", "type": "string" }, "webhook": { "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1.WebhookConversion", - "description": "webhook describes how to call the conversion webhook. Required when `strategy` is set to `Webhook`." + "description": "webhook describes how to call the conversion webhook. Required when `strategy` is set to `\"Webhook\"`." } }, "required": [ @@ -14686,6 +15070,10 @@ "description": "Message represents the message displayed when validation fails. The message is required if the Rule contains line breaks. The message must not contain line breaks. If unset, the message is \"failed rule: {Rule}\". e.g. \"must be a URL with the host matching spec.host\"", "type": "string" }, + "messageExpression": { + "description": "MessageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. Since messageExpression is used as a failure message, it must evaluate to a string. If both message and messageExpression are present on a rule, then messageExpression will be used if validation fails. If messageExpression results in a runtime error, the runtime error is logged, and the validation failure message is produced as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset, and the fact that messageExpression produced an empty string/string with only spaces/string with line breaks will be logged. messageExpression has access to all the same variables as the rule; the only difference is the return type. Example: \"x must be less than max (\"+string(self.max)+\")\"", + "type": "string" + }, "rule": { "description": "Rule represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec The Rule is scoped to the location of the x-kubernetes-validations extension in the schema. The `self` variable in the CEL expression is bound to the scoped value. Example: - Rule scoped to the root of a resource with a status subresource: {\"rule\": \"self.status.actual <= self.spec.maxDesired\"}\n\nIf the Rule is scoped to an object with properties, the accessible properties of the object are field selectable via `self.field` and field presence can be checked via `has(self.field)`. Null valued fields are treated as absent fields in CEL expressions. If the Rule is scoped to an object with additionalProperties (i.e. a map) the value of the map are accessible via `self[mapKey]`, map containment can be checked via `mapKey in self` and all entries of the map are accessible via CEL macros and functions such as `self.all(...)`. If the Rule is scoped to an array, the elements of the array are accessible via `self[i]` and also by macros and functions. If the Rule is scoped to a scalar, `self` is bound to the scalar value. Examples: - Rule scoped to a map of objects: {\"rule\": \"self.components['Widget'].priority < 10\"} - Rule scoped to a list of integers: {\"rule\": \"self.values.all(value, value >= 0 && value < 100)\"} - Rule scoped to a string value: {\"rule\": \"self.startsWith('kube')\"}\n\nThe `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object and from any x-kubernetes-embedded-resource annotated objects. No other metadata properties are accessible.\n\nUnknown data preserved in custom resources via x-kubernetes-preserve-unknown-fields is not accessible in CEL expressions. This includes: - Unknown field values that are preserved by object schemas with x-kubernetes-preserve-unknown-fields. - Object properties where the property schema is of an \"unknown type\". An \"unknown type\" is recursively defined as:\n - A schema with no type and x-kubernetes-preserve-unknown-fields set to true\n - An array where the items schema is of an \"unknown type\"\n - An object where the additionalProperties schema is of an \"unknown type\"\n\nOnly property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - '__' escapes to '__underscores__' - '.' escapes to '__dot__' - '-' escapes to '__dash__' - '/' escapes to '__slash__' - Property names that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are:\n\t \"true\", \"false\", \"null\", \"in\", \"as\", \"break\", \"const\", \"continue\", \"else\", \"for\", \"function\", \"if\",\n\t \"import\", \"let\", \"loop\", \"package\", \"namespace\", \"return\".\nExamples:\n - Rule accessing a property named \"namespace\": {\"rule\": \"self.__namespace__ > 0\"}\n - Rule accessing a property named \"x-prop\": {\"rule\": \"self.x__dash__prop > 0\"}\n - Rule accessing a property named \"redact__d\": {\"rule\": \"self.redact__underscores__d > 0\"}\n\nEquality on arrays with x-kubernetes-list-type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type:\n - 'set': `X + Y` performs a union where the array positions of all elements in `X` are preserved and\n non-intersecting elements in `Y` are appended, retaining their partial order.\n - 'map': `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values\n are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with\n non-intersecting keys are appended, retaining their partial order.", "type": "string" @@ -15155,6 +15543,11 @@ "kind": "DeleteOptions", "version": "v1" }, + { + "group": "certificates.k8s.io", + "kind": "DeleteOptions", + "version": "v1alpha1" + }, { "group": "certificates.k8s.io", "kind": "DeleteOptions", @@ -15283,7 +15676,7 @@ { "group": "resource.k8s.io", "kind": "DeleteOptions", - "version": "v1alpha1" + "version": "v1alpha2" }, { "group": "scheduling.k8s.io", @@ -15456,7 +15849,7 @@ "additionalProperties": { "type": "string" }, - "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", + "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations", "type": "object" }, "creationTimestamp": { @@ -15493,7 +15886,7 @@ "additionalProperties": { "type": "string" }, - "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels", + "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels", "type": "object" }, "managedFields": { @@ -15504,11 +15897,11 @@ "type": "array" }, "name": { - "description": "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "description": "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", "type": "string" }, "namespace": { - "description": "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces", + "description": "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces", "type": "string" }, "ownerReferences": { @@ -15529,7 +15922,7 @@ "type": "string" }, "uid": { - "description": "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + "description": "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", "type": "string" } }, @@ -15555,11 +15948,11 @@ "type": "string" }, "name": { - "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names", + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names", "type": "string" }, "uid": { - "description": "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", "type": "string" } }, @@ -15655,7 +16048,7 @@ { "group": "resource.k8s.io", "kind": "Status", - "version": "v1alpha1" + "version": "v1alpha2" } ] }, @@ -15705,7 +16098,7 @@ "type": "integer" }, "uid": { - "description": "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids", + "description": "UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids", "type": "string" } }, @@ -15858,6 +16251,11 @@ "kind": "WatchEvent", "version": "v1" }, + { + "group": "certificates.k8s.io", + "kind": "WatchEvent", + "version": "v1alpha1" + }, { "group": "certificates.k8s.io", "kind": "WatchEvent", @@ -15986,7 +16384,7 @@ { "group": "resource.k8s.io", "kind": "WatchEvent", - "version": "v1alpha1" + "version": "v1alpha2" }, { "group": "scheduling.k8s.io", @@ -16444,6 +16842,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -16609,6 +17014,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -16720,6 +17132,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -16831,6 +17250,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -16942,6 +17368,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -17015,6 +17448,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -17100,7 +17540,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -17166,7 +17606,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -17331,6 +17771,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -17424,6 +17871,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -17517,7 +17971,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -17738,7 +18192,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -17817,7 +18271,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -17945,6 +18399,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -18038,6 +18499,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -18131,7 +18599,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -18352,7 +18820,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -18431,7 +18899,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -18559,6 +19027,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -18652,6 +19127,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -18745,7 +19227,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -18966,7 +19448,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -19045,7 +19527,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -19173,6 +19655,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -19266,6 +19755,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -19359,7 +19855,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -19580,7 +20076,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -19659,7 +20155,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -19787,6 +20283,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -19880,6 +20383,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -19973,7 +20483,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -20194,7 +20704,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -20273,7 +20783,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -20410,7 +20920,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -20489,7 +20999,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -20617,6 +21127,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -20710,6 +21227,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -20803,7 +21327,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -21024,7 +21548,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -21103,7 +21627,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -21284,7 +21808,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -21466,7 +21990,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -21545,7 +22069,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -21605,7 +22129,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -22651,7 +23175,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -22730,7 +23254,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -22858,6 +23382,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -22951,6 +23482,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -23044,7 +23582,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -23265,7 +23803,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -23344,7 +23882,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -23472,6 +24010,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -23565,6 +24110,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -23658,7 +24210,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -23879,7 +24431,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -23958,7 +24510,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -24095,7 +24647,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -24174,7 +24726,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -24311,7 +24863,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -24390,7 +24942,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -24518,6 +25070,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -24611,6 +25170,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -24704,7 +25270,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -24925,7 +25491,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -25004,7 +25570,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -25141,7 +25707,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -25220,7 +25786,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -25348,6 +25914,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -25441,6 +26014,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -25534,7 +26114,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -25755,7 +26335,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -25834,7 +26414,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -25962,6 +26542,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -26055,6 +26642,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -26148,7 +26742,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -26369,7 +26963,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -26448,7 +27042,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -26508,7 +27102,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -26681,6 +27275,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -26774,6 +27375,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -26867,7 +27475,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -27088,7 +27696,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -27167,7 +27775,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -27828,7 +28436,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -27907,7 +28515,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -28114,7 +28722,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -28193,7 +28801,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -28253,7 +28861,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -28413,7 +29021,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -28492,7 +29100,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -28620,6 +29228,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -28713,6 +29328,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -28798,7 +29420,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -29011,7 +29633,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -29090,7 +29712,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -29727,7 +30349,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -29806,7 +30428,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -29944,6 +30566,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -30045,6 +30674,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -30138,6 +30774,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -30223,7 +30866,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -30436,7 +31079,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -30515,7 +31158,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -30644,7 +31287,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -30723,7 +31366,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -30861,6 +31504,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -30972,6 +31622,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31083,6 +31740,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31194,6 +31858,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31305,6 +31976,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31416,6 +32094,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31527,6 +32212,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31638,6 +32330,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31749,6 +32448,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31860,6 +32566,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -31971,6 +32684,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -32082,6 +32802,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -32201,6 +32928,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -32328,6 +33062,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -32447,6 +33188,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -32574,6 +33322,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -32693,6 +33448,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -32820,6 +33582,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -32939,6 +33708,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -33066,6 +33842,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -33185,6 +33968,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -33312,6 +34102,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -33431,6 +34228,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -33558,6 +34362,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -33677,6 +34488,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -33804,6 +34622,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -33923,6 +34748,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -34050,6 +34882,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -34169,6 +35008,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -34296,6 +35142,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -34415,6 +35268,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -34542,6 +35402,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -34661,6 +35528,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -34788,6 +35662,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -34907,6 +35788,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35034,6 +35922,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35153,6 +36048,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35264,6 +36166,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35383,6 +36292,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35494,6 +36410,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35605,6 +36528,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35724,6 +36654,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35835,6 +36772,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -35946,6 +36890,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -36057,6 +37008,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -36168,6 +37126,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -36279,6 +37244,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -36390,6 +37362,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -36501,6 +37480,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -36701,6 +37687,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -36794,6 +37787,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -36879,7 +37879,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -37092,7 +38092,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -37171,7 +38171,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -37299,6 +38299,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -37392,6 +38399,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -37477,7 +38491,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -37690,7 +38704,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -37769,7 +38783,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -37907,6 +38921,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -38026,6 +39047,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -38137,6 +39165,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -38256,6 +39291,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -38390,6 +39432,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -38483,6 +39532,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -38568,7 +39624,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -38781,7 +39837,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -38860,7 +39916,215 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingAdmissionPolicy", + "version": "v1alpha1" + } + } + }, + "/apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}/status": { + "get": { + "consumes": [ + "*/*" + ], + "description": "read status of the specified ValidatingAdmissionPolicy", + "operationId": "readAdmissionregistrationV1alpha1ValidatingAdmissionPolicyStatus", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingAdmissionPolicy", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the ValidatingAdmissionPolicy", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json", + "application/apply-patch+yaml" + ], + "description": "partially update status of the specified ValidatingAdmissionPolicy", + "operationId": "patchAdmissionregistrationV1alpha1ValidatingAdmissionPolicyStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicy" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "admissionregistration_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "admissionregistration.k8s.io", + "kind": "ValidatingAdmissionPolicy", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace status of the specified ValidatingAdmissionPolicy", + "operationId": "replaceAdmissionregistrationV1alpha1ValidatingAdmissionPolicyStatus", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.admissionregistration.v1alpha1.ValidatingAdmissionPolicy" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -38988,6 +40252,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -39081,6 +40352,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -39166,7 +40444,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -39379,7 +40657,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -39458,7 +40736,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -39596,6 +40874,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -39715,6 +41000,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -39826,6 +41118,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -39945,6 +41244,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -40112,6 +41418,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -40205,6 +41518,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -40290,7 +41610,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -40503,7 +41823,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -40582,7 +41902,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -40711,7 +42031,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -40790,7 +42110,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -40928,6 +42248,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -41047,6 +42374,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -41214,6 +42548,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -41307,6 +42648,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -41392,7 +42740,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -41605,7 +42953,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -41684,7 +43032,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -41813,7 +43161,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -41892,7 +43240,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -42030,6 +43378,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -42149,6 +43504,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -42326,6 +43688,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -42437,6 +43806,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -42548,6 +43924,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -42649,6 +44032,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -42742,6 +44132,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -42835,7 +44232,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -43056,7 +44453,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -43135,7 +44532,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -43263,6 +44660,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -43356,6 +44760,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -43449,7 +44860,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -43670,7 +45081,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -43749,7 +45160,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -43886,7 +45297,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -43965,7 +45376,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -44093,6 +45504,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -44186,6 +45604,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -44279,7 +45704,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -44500,7 +45925,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -44579,7 +46004,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -44716,7 +46141,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -44795,7 +46220,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -44932,7 +46357,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -45011,7 +46436,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -45139,6 +46564,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -45232,6 +46664,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -45325,7 +46764,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -45546,7 +46985,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -45625,7 +47064,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -45762,7 +47201,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -45841,7 +47280,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -45978,7 +47417,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -46057,7 +47496,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -46185,6 +47624,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -46278,6 +47724,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -46371,7 +47824,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -46592,7 +48045,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -46671,7 +48124,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -46808,7 +48261,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -46887,7 +48340,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -47024,7 +48477,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -47103,7 +48556,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -47241,6 +48694,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -47352,6 +48812,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -47463,6 +48930,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -47574,6 +49048,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -47685,6 +49166,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -47804,6 +49292,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -47931,6 +49426,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -48050,6 +49552,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -48177,6 +49686,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -48296,6 +49812,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -48423,6 +49946,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -48542,6 +50072,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -48669,6 +50206,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -48788,6 +50332,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -48915,6 +50466,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -49026,6 +50584,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -49137,6 +50702,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -49236,7 +50808,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -49358,7 +50930,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -49430,6 +51002,128 @@ } } }, + "/apis/authentication.k8s.io/v1beta1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getAuthenticationV1beta1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authentication_v1beta1" + ] + } + }, + "/apis/authentication.k8s.io/v1beta1/selfsubjectreviews": { + "parameters": [ + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a SelfSubjectReview", + "operationId": "createAuthenticationV1beta1SelfSubjectReview", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.SelfSubjectReview" + } + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.SelfSubjectReview" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.SelfSubjectReview" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.authentication.v1beta1.SelfSubjectReview" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "authentication_v1beta1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "authentication.k8s.io", + "kind": "SelfSubjectReview", + "version": "v1beta1" + } + } + }, "/apis/authorization.k8s.io/": { "get": { "consumes": [ @@ -49513,7 +51207,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -49610,7 +51304,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -49699,7 +51393,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -49788,7 +51482,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -50021,6 +51715,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -50122,6 +51823,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -50215,6 +51923,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -50308,7 +52023,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -50529,7 +52244,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -50608,7 +52323,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -50745,7 +52460,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -50824,7 +52539,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -50962,6 +52677,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -51081,6 +52803,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -51208,6 +52937,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -51352,6 +53088,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -51453,6 +53196,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -51546,6 +53296,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -51639,7 +53396,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -51860,7 +53617,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -51939,7 +53696,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -52076,7 +53833,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -52155,7 +53912,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -52293,6 +54050,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -52412,6 +54176,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -52539,6 +54310,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -52716,6 +54494,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -52827,6 +54612,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -52928,6 +54720,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -53021,6 +54820,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -53114,7 +54920,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -53335,7 +55141,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -53414,7 +55220,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -53551,7 +55357,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -53630,7 +55436,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -53758,6 +55564,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -53851,6 +55664,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -53944,7 +55764,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -54165,7 +55985,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -54244,7 +56064,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -54381,7 +56201,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -54460,7 +56280,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -54598,6 +56418,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -54709,6 +56536,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -54828,6 +56662,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -54955,6 +56796,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -55074,6 +56922,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -55201,6 +57056,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -55368,6 +57230,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -55461,6 +57330,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -55546,7 +57422,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -55759,7 +57635,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -55838,7 +57714,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -55967,7 +57843,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -56046,7 +57922,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -56175,7 +58051,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -56254,7 +58130,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -56392,6 +58268,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -56511,6 +58394,902 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/certificates.k8s.io/v1alpha1/": { + "get": { + "consumes": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "description": "get available resources", + "operationId": "getCertificatesV1alpha1APIResources", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ] + } + }, + "/apis/certificates.k8s.io/v1alpha1/clustertrustbundles": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of ClusterTrustBundle", + "operationId": "deleteCertificatesV1alpha1CollectionClusterTrustBundle", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersionMatch", + "type": "string", + "uniqueItems": true + }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind ClusterTrustBundle", + "operationId": "listCertificatesV1alpha1ClusterTrustBundle", + "parameters": [ + { + "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", + "in": "query", + "name": "allowWatchBookmarks", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersionMatch", + "type": "string", + "uniqueItems": true + }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundleList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create a ClusterTrustBundle", + "operationId": "createCertificatesV1alpha1ClusterTrustBundle", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + } + }, + "/apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete a ClusterTrustBundle", + "operationId": "deleteCertificatesV1alpha1ClusterTrustBundle", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified ClusterTrustBundle", + "operationId": "readCertificatesV1alpha1ClusterTrustBundle", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the ClusterTrustBundle", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json", + "application/apply-patch+yaml" + ], + "description": "partially update the specified ClusterTrustBundle", + "operationId": "patchCertificatesV1alpha1ClusterTrustBundle", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified ClusterTrustBundle", + "operationId": "replaceCertificatesV1alpha1ClusterTrustBundle", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.certificates.v1alpha1.ClusterTrustBundle" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + } + }, + "/apis/certificates.k8s.io/v1alpha1/watch/clustertrustbundles": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of ClusterTrustBundle. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchCertificatesV1alpha1ClusterTrustBundleList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", + "in": "query", + "name": "allowWatchBookmarks", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersionMatch", + "type": "string", + "uniqueItems": true + }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/certificates.k8s.io/v1alpha1/watch/clustertrustbundles/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind ClusterTrustBundle. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchCertificatesV1alpha1ClusterTrustBundle", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "certificates_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "certificates.k8s.io", + "kind": "ClusterTrustBundle", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", + "in": "query", + "name": "allowWatchBookmarks", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the ClusterTrustBundle", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersionMatch", + "type": "string", + "uniqueItems": true + }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -56688,6 +59467,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -56789,6 +59575,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -56882,6 +59675,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -56975,7 +59775,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -57196,7 +59996,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -57275,7 +60075,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -57413,6 +60213,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -57532,6 +60339,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -57659,6 +60473,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -57836,6 +60657,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -57937,6 +60765,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -58030,6 +60865,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -58123,7 +60965,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -58344,7 +61186,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -58423,7 +61265,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -58561,6 +61403,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -58680,6 +61529,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -58807,6 +61663,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -58984,6 +61847,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -59085,6 +61955,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -59178,6 +62055,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -59271,7 +62155,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -59492,7 +62376,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -59571,7 +62455,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -59709,6 +62593,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -59828,6 +62719,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -59955,6 +62853,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -60122,6 +63027,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -60215,6 +63127,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -60300,7 +63219,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -60513,7 +63432,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -60592,7 +63511,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -60721,7 +63640,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -60800,7 +63719,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -60928,6 +63847,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -61021,6 +63947,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -61106,7 +64039,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -61319,7 +64252,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -61398,7 +64331,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -61527,7 +64460,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -61606,7 +64539,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -61744,6 +64677,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -61863,6 +64803,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -61974,6 +64921,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -62093,6 +65047,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -62227,6 +65188,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -62320,6 +65288,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -62405,7 +65380,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -62618,7 +65593,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -62697,7 +65672,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -62826,7 +65801,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -62905,7 +65880,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -63033,6 +66008,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -63126,6 +66108,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -63211,7 +66200,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -63424,7 +66413,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -63503,7 +66492,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -63632,7 +66621,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -63711,7 +66700,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -63849,6 +66838,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -63968,6 +66964,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -64079,6 +67082,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -64198,6 +67208,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -64365,6 +67382,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -64458,6 +67482,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -64543,7 +67574,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -64756,7 +67787,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -64835,7 +67866,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -64964,7 +67995,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -65043,7 +68074,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -65181,6 +68212,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -65300,6 +68338,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -65467,6 +68512,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -65560,6 +68612,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -65645,7 +68704,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -65858,7 +68917,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -65937,7 +68996,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -66075,6 +69134,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -66176,6 +69242,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -66269,6 +69342,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -66362,7 +69442,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -66583,7 +69663,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -66662,7 +69742,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -66799,7 +69879,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -66878,7 +69958,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -67006,6 +70086,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -67099,6 +70186,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -67192,7 +70286,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -67413,7 +70507,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -67492,7 +70586,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -67629,7 +70723,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -67708,7 +70802,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -67846,6 +70940,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -67957,6 +71058,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -68076,6 +71184,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -68187,6 +71302,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -68306,6 +71428,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -68433,6 +71562,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -68552,6 +71688,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -68679,6 +71822,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -68790,6 +71940,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -68924,6 +72081,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -69017,6 +72181,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -69102,7 +72273,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -69315,7 +72486,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -69394,7 +72565,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -69437,6 +72608,618 @@ } } }, + "/apis/networking.k8s.io/v1alpha1/ipaddresses": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete collection of IPAddress", + "operationId": "deleteNetworkingV1alpha1CollectionIPAddress", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersionMatch", + "type": "string", + "uniqueItems": true + }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "deletecollection", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "list or watch objects of kind IPAddress", + "operationId": "listNetworkingV1alpha1IPAddress", + "parameters": [ + { + "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", + "in": "query", + "name": "allowWatchBookmarks", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersionMatch", + "type": "string", + "uniqueItems": true + }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddressList" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "list", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "post": { + "consumes": [ + "*/*" + ], + "description": "create an IPAddress", + "operationId": "createNetworkingV1alpha1IPAddress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "post", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + } + }, + "/apis/networking.k8s.io/v1alpha1/ipaddresses/{name}": { + "delete": { + "consumes": [ + "*/*" + ], + "description": "delete an IPAddress", + "operationId": "deleteNetworkingV1alpha1IPAddress", + "parameters": [ + { + "in": "body", + "name": "body", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", + "in": "query", + "name": "gracePeriodSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", + "in": "query", + "name": "orphanDependents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", + "in": "query", + "name": "propagationPolicy", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "delete", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + }, + "get": { + "consumes": [ + "*/*" + ], + "description": "read the specified IPAddress", + "operationId": "readNetworkingV1alpha1IPAddress", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "get", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "name of the IPAddress", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + } + ], + "patch": { + "consumes": [ + "application/json-patch+json", + "application/merge-patch+json", + "application/strategic-merge-patch+json", + "application/apply-patch+yaml" + ], + "description": "partially update the specified IPAddress", + "operationId": "patchNetworkingV1alpha1IPAddress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + }, + { + "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", + "in": "query", + "name": "force", + "type": "boolean", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "patch", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + }, + "put": { + "consumes": [ + "*/*" + ], + "description": "replace the specified IPAddress", + "operationId": "replaceNetworkingV1alpha1IPAddress", + "parameters": [ + { + "in": "body", + "name": "body", + "required": true, + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + { + "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", + "in": "query", + "name": "dryRun", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", + "in": "query", + "name": "fieldManager", + "type": "string", + "uniqueItems": true + }, + { + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "in": "query", + "name": "fieldValidation", + "type": "string", + "uniqueItems": true + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/io.k8s.api.networking.v1alpha1.IPAddress" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "put", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + } + }, "/apis/networking.k8s.io/v1alpha1/watch/clustercidrs": { "get": { "consumes": [ @@ -69532,6 +73315,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -69651,6 +73441,257 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1alpha1/watch/ipaddresses": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch individual changes to a list of IPAddress. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchNetworkingV1alpha1IPAddressList", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "watchlist", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", + "in": "query", + "name": "allowWatchBookmarks", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersionMatch", + "type": "string", + "uniqueItems": true + }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "in": "query", + "name": "timeoutSeconds", + "type": "integer", + "uniqueItems": true + }, + { + "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", + "in": "query", + "name": "watch", + "type": "boolean", + "uniqueItems": true + } + ] + }, + "/apis/networking.k8s.io/v1alpha1/watch/ipaddresses/{name}": { + "get": { + "consumes": [ + "*/*" + ], + "description": "watch changes to an object of kind IPAddress. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchNetworkingV1alpha1IPAddress", + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf", + "application/json;stream=watch", + "application/vnd.kubernetes.protobuf;stream=watch" + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" + } + }, + "401": { + "description": "Unauthorized" + } + }, + "schemes": [ + "https" + ], + "tags": [ + "networking_v1alpha1" + ], + "x-kubernetes-action": "watch", + "x-kubernetes-group-version-kind": { + "group": "networking.k8s.io", + "kind": "IPAddress", + "version": "v1alpha1" + } + }, + "parameters": [ + { + "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", + "in": "query", + "name": "allowWatchBookmarks", + "type": "boolean", + "uniqueItems": true + }, + { + "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", + "in": "query", + "name": "continue", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", + "in": "query", + "name": "fieldSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", + "in": "query", + "name": "labelSelector", + "type": "string", + "uniqueItems": true + }, + { + "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", + "in": "query", + "name": "limit", + "type": "integer", + "uniqueItems": true + }, + { + "description": "name of the IPAddress", + "in": "path", + "name": "name", + "required": true, + "type": "string", + "uniqueItems": true + }, + { + "description": "If 'true', then the output is pretty printed.", + "in": "query", + "name": "pretty", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersion", + "type": "string", + "uniqueItems": true + }, + { + "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", + "in": "query", + "name": "resourceVersionMatch", + "type": "string", + "uniqueItems": true + }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -69818,6 +73859,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -69911,6 +73959,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -69996,7 +74051,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -70209,7 +74264,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -70288,7 +74343,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -70426,6 +74481,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -70545,6 +74607,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -70712,6 +74781,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -70805,6 +74881,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -70898,7 +74981,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -71119,7 +75202,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -71198,7 +75281,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -71335,7 +75418,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -71414,7 +75497,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -71552,6 +75635,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -71671,6 +75761,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -71798,6 +75895,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -71909,6 +76013,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -72076,6 +76187,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -72169,6 +76287,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -72254,7 +76379,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -72467,7 +76592,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -72546,7 +76671,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -72674,6 +76799,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -72767,6 +76899,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -72852,7 +76991,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -73065,7 +77204,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -73144,7 +77283,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -73272,6 +77411,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -73365,6 +77511,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -73458,7 +77611,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -73679,7 +77832,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -73758,7 +77911,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -73886,6 +78039,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -73979,6 +78139,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -74072,7 +78239,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -74293,7 +78460,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -74372,7 +78539,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -74510,6 +78677,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -74621,6 +78795,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -74732,6 +78913,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -74851,6 +79039,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -74962,6 +79157,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75081,6 +79283,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75200,6 +79409,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75327,6 +79543,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75446,6 +79669,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75573,6 +79803,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75684,6 +79921,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75795,6 +80039,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75844,7 +80095,7 @@ ] } }, - "/apis/resource.k8s.io/v1alpha1/": { + "/apis/resource.k8s.io/v1alpha2/": { "get": { "consumes": [ "application/json", @@ -75852,7 +80103,7 @@ "application/vnd.kubernetes.protobuf" ], "description": "get available resources", - "operationId": "getResourceV1alpha1APIResources", + "operationId": "getResourceV1alpha2APIResources", "produces": [ "application/json", "application/yaml", @@ -75873,17 +80124,17 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ] } }, - "/apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings": { + "/apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts": { "delete": { "consumes": [ "*/*" ], - "description": "delete collection of PodScheduling", - "operationId": "deleteResourceV1alpha1CollectionNamespacedPodScheduling", + "description": "delete collection of PodSchedulingContext", + "operationId": "deleteResourceV1alpha2CollectionNamespacedPodSchedulingContext", "parameters": [ { "in": "body", @@ -75962,6 +80213,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -75990,21 +80248,21 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "deletecollection", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "get": { "consumes": [ "*/*" ], - "description": "list or watch objects of kind PodScheduling", - "operationId": "listResourceV1alpha1NamespacedPodScheduling", + "description": "list or watch objects of kind PodSchedulingContext", + "operationId": "listResourceV1alpha2NamespacedPodSchedulingContext", "parameters": [ { "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", @@ -76055,6 +80313,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -76081,7 +80346,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodSchedulingList" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContextList" } }, "401": { @@ -76092,13 +80357,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "list", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "parameters": [ @@ -76122,15 +80387,15 @@ "consumes": [ "*/*" ], - "description": "create a PodScheduling", - "operationId": "createResourceV1alpha1NamespacedPodScheduling", + "description": "create a PodSchedulingContext", + "operationId": "createResourceV1alpha2NamespacedPodSchedulingContext", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, { @@ -76148,7 +80413,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -76164,19 +80429,19 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "202": { "description": "Accepted", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "401": { @@ -76187,23 +80452,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "post", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name}": { + "/apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}": { "delete": { "consumes": [ "*/*" ], - "description": "delete a PodScheduling", - "operationId": "deleteResourceV1alpha1NamespacedPodScheduling", + "description": "delete a PodSchedulingContext", + "operationId": "deleteResourceV1alpha2NamespacedPodSchedulingContext", "parameters": [ { "in": "body", @@ -76250,13 +80515,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "202": { "description": "Accepted", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "401": { @@ -76267,21 +80532,21 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "delete", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "get": { "consumes": [ "*/*" ], - "description": "read the specified PodScheduling", - "operationId": "readResourceV1alpha1NamespacedPodScheduling", + "description": "read the specified PodSchedulingContext", + "operationId": "readResourceV1alpha2NamespacedPodSchedulingContext", "produces": [ "application/json", "application/yaml", @@ -76291,7 +80556,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "401": { @@ -76302,18 +80567,18 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "get", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "parameters": [ { - "description": "name of the PodScheduling", + "description": "name of the PodSchedulingContext", "in": "path", "name": "name", "required": true, @@ -76343,8 +80608,8 @@ "application/strategic-merge-patch+json", "application/apply-patch+yaml" ], - "description": "partially update the specified PodScheduling", - "operationId": "patchResourceV1alpha1NamespacedPodScheduling", + "description": "partially update the specified PodSchedulingContext", + "operationId": "patchResourceV1alpha2NamespacedPodSchedulingContext", "parameters": [ { "in": "body", @@ -76369,7 +80634,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -76392,13 +80657,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "401": { @@ -76409,28 +80674,28 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "patch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "put": { "consumes": [ "*/*" ], - "description": "replace the specified PodScheduling", - "operationId": "replaceResourceV1alpha1NamespacedPodScheduling", + "description": "replace the specified PodSchedulingContext", + "operationId": "replaceResourceV1alpha2NamespacedPodSchedulingContext", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, { @@ -76448,7 +80713,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -76464,13 +80729,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "401": { @@ -76481,23 +80746,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "put", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name}/status": { + "/apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}/status": { "get": { "consumes": [ "*/*" ], - "description": "read status of the specified PodScheduling", - "operationId": "readResourceV1alpha1NamespacedPodSchedulingStatus", + "description": "read status of the specified PodSchedulingContext", + "operationId": "readResourceV1alpha2NamespacedPodSchedulingContextStatus", "produces": [ "application/json", "application/yaml", @@ -76507,7 +80772,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "401": { @@ -76518,18 +80783,18 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "get", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "parameters": [ { - "description": "name of the PodScheduling", + "description": "name of the PodSchedulingContext", "in": "path", "name": "name", "required": true, @@ -76559,8 +80824,8 @@ "application/strategic-merge-patch+json", "application/apply-patch+yaml" ], - "description": "partially update status of the specified PodScheduling", - "operationId": "patchResourceV1alpha1NamespacedPodSchedulingStatus", + "description": "partially update status of the specified PodSchedulingContext", + "operationId": "patchResourceV1alpha2NamespacedPodSchedulingContextStatus", "parameters": [ { "in": "body", @@ -76585,7 +80850,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -76608,13 +80873,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "401": { @@ -76625,28 +80890,28 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "patch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "put": { "consumes": [ "*/*" ], - "description": "replace status of the specified PodScheduling", - "operationId": "replaceResourceV1alpha1NamespacedPodSchedulingStatus", + "description": "replace status of the specified PodSchedulingContext", + "operationId": "replaceResourceV1alpha2NamespacedPodSchedulingContextStatus", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, { @@ -76664,7 +80929,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -76680,13 +80945,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodScheduling" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContext" } }, "401": { @@ -76697,23 +80962,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "put", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims": { + "/apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims": { "delete": { "consumes": [ "*/*" ], "description": "delete collection of ResourceClaim", - "operationId": "deleteResourceV1alpha1CollectionNamespacedResourceClaim", + "operationId": "deleteResourceV1alpha2CollectionNamespacedResourceClaim", "parameters": [ { "in": "body", @@ -76792,6 +81057,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -76820,13 +81092,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "deletecollection", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "get": { @@ -76834,7 +81106,7 @@ "*/*" ], "description": "list or watch objects of kind ResourceClaim", - "operationId": "listResourceV1alpha1NamespacedResourceClaim", + "operationId": "listResourceV1alpha2NamespacedResourceClaim", "parameters": [ { "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", @@ -76885,6 +81157,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -76911,7 +81190,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimList" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimList" } }, "401": { @@ -76922,13 +81201,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "list", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -76953,14 +81232,14 @@ "*/*" ], "description": "create a ResourceClaim", - "operationId": "createResourceV1alpha1NamespacedResourceClaim", + "operationId": "createResourceV1alpha2NamespacedResourceClaim", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, { @@ -76978,7 +81257,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -76994,19 +81273,19 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "202": { "description": "Accepted", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "401": { @@ -77017,23 +81296,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "post", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}": { + "/apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}": { "delete": { "consumes": [ "*/*" ], "description": "delete a ResourceClaim", - "operationId": "deleteResourceV1alpha1NamespacedResourceClaim", + "operationId": "deleteResourceV1alpha2NamespacedResourceClaim", "parameters": [ { "in": "body", @@ -77080,13 +81359,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "202": { "description": "Accepted", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "401": { @@ -77097,13 +81376,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "delete", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "get": { @@ -77111,7 +81390,7 @@ "*/*" ], "description": "read the specified ResourceClaim", - "operationId": "readResourceV1alpha1NamespacedResourceClaim", + "operationId": "readResourceV1alpha2NamespacedResourceClaim", "produces": [ "application/json", "application/yaml", @@ -77121,7 +81400,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "401": { @@ -77132,13 +81411,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "get", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -77174,7 +81453,7 @@ "application/apply-patch+yaml" ], "description": "partially update the specified ResourceClaim", - "operationId": "patchResourceV1alpha1NamespacedResourceClaim", + "operationId": "patchResourceV1alpha2NamespacedResourceClaim", "parameters": [ { "in": "body", @@ -77199,7 +81478,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -77222,13 +81501,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "401": { @@ -77239,13 +81518,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "patch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "put": { @@ -77253,14 +81532,14 @@ "*/*" ], "description": "replace the specified ResourceClaim", - "operationId": "replaceResourceV1alpha1NamespacedResourceClaim", + "operationId": "replaceResourceV1alpha2NamespacedResourceClaim", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, { @@ -77278,7 +81557,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -77294,13 +81573,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "401": { @@ -77311,23 +81590,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "put", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/status": { + "/apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status": { "get": { "consumes": [ "*/*" ], "description": "read status of the specified ResourceClaim", - "operationId": "readResourceV1alpha1NamespacedResourceClaimStatus", + "operationId": "readResourceV1alpha2NamespacedResourceClaimStatus", "produces": [ "application/json", "application/yaml", @@ -77337,7 +81616,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "401": { @@ -77348,13 +81627,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "get", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -77390,7 +81669,7 @@ "application/apply-patch+yaml" ], "description": "partially update status of the specified ResourceClaim", - "operationId": "patchResourceV1alpha1NamespacedResourceClaimStatus", + "operationId": "patchResourceV1alpha2NamespacedResourceClaimStatus", "parameters": [ { "in": "body", @@ -77415,7 +81694,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -77438,13 +81717,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "401": { @@ -77455,13 +81734,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "patch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "put": { @@ -77469,14 +81748,14 @@ "*/*" ], "description": "replace status of the specified ResourceClaim", - "operationId": "replaceResourceV1alpha1NamespacedResourceClaimStatus", + "operationId": "replaceResourceV1alpha2NamespacedResourceClaimStatus", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, { @@ -77494,7 +81773,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -77510,13 +81789,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaim" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaim" } }, "401": { @@ -77527,23 +81806,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "put", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates": { + "/apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates": { "delete": { "consumes": [ "*/*" ], "description": "delete collection of ResourceClaimTemplate", - "operationId": "deleteResourceV1alpha1CollectionNamespacedResourceClaimTemplate", + "operationId": "deleteResourceV1alpha2CollectionNamespacedResourceClaimTemplate", "parameters": [ { "in": "body", @@ -77622,6 +81901,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -77650,13 +81936,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "deletecollection", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "get": { @@ -77664,7 +81950,7 @@ "*/*" ], "description": "list or watch objects of kind ResourceClaimTemplate", - "operationId": "listResourceV1alpha1NamespacedResourceClaimTemplate", + "operationId": "listResourceV1alpha2NamespacedResourceClaimTemplate", "parameters": [ { "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", @@ -77715,6 +82001,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -77741,7 +82034,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplateList" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplateList" } }, "401": { @@ -77752,13 +82045,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "list", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -77783,14 +82076,14 @@ "*/*" ], "description": "create a ResourceClaimTemplate", - "operationId": "createResourceV1alpha1NamespacedResourceClaimTemplate", + "operationId": "createResourceV1alpha2NamespacedResourceClaimTemplate", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, { @@ -77808,7 +82101,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -77824,19 +82117,19 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "202": { "description": "Accepted", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "401": { @@ -77847,23 +82140,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "post", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates/{name}": { + "/apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name}": { "delete": { "consumes": [ "*/*" ], "description": "delete a ResourceClaimTemplate", - "operationId": "deleteResourceV1alpha1NamespacedResourceClaimTemplate", + "operationId": "deleteResourceV1alpha2NamespacedResourceClaimTemplate", "parameters": [ { "in": "body", @@ -77910,13 +82203,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "202": { "description": "Accepted", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "401": { @@ -77927,13 +82220,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "delete", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "get": { @@ -77941,7 +82234,7 @@ "*/*" ], "description": "read the specified ResourceClaimTemplate", - "operationId": "readResourceV1alpha1NamespacedResourceClaimTemplate", + "operationId": "readResourceV1alpha2NamespacedResourceClaimTemplate", "produces": [ "application/json", "application/yaml", @@ -77951,7 +82244,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "401": { @@ -77962,13 +82255,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "get", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -78004,7 +82297,7 @@ "application/apply-patch+yaml" ], "description": "partially update the specified ResourceClaimTemplate", - "operationId": "patchResourceV1alpha1NamespacedResourceClaimTemplate", + "operationId": "patchResourceV1alpha2NamespacedResourceClaimTemplate", "parameters": [ { "in": "body", @@ -78029,7 +82322,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -78052,13 +82345,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "401": { @@ -78069,13 +82362,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "patch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "put": { @@ -78083,14 +82376,14 @@ "*/*" ], "description": "replace the specified ResourceClaimTemplate", - "operationId": "replaceResourceV1alpha1NamespacedResourceClaimTemplate", + "operationId": "replaceResourceV1alpha2NamespacedResourceClaimTemplate", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, { @@ -78108,7 +82401,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -78124,13 +82417,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplate" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplate" } }, "401": { @@ -78141,23 +82434,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "put", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/podschedulings": { + "/apis/resource.k8s.io/v1alpha2/podschedulingcontexts": { "get": { "consumes": [ "*/*" ], - "description": "list or watch objects of kind PodScheduling", - "operationId": "listResourceV1alpha1PodSchedulingForAllNamespaces", + "description": "list or watch objects of kind PodSchedulingContext", + "operationId": "listResourceV1alpha2PodSchedulingContextForAllNamespaces", "produces": [ "application/json", "application/yaml", @@ -78169,7 +82462,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.PodSchedulingList" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.PodSchedulingContextList" } }, "401": { @@ -78180,13 +82473,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "list", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "parameters": [ @@ -78246,6 +82539,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -78262,13 +82562,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/resourceclaims": { + "/apis/resource.k8s.io/v1alpha2/resourceclaims": { "get": { "consumes": [ "*/*" ], "description": "list or watch objects of kind ResourceClaim", - "operationId": "listResourceV1alpha1ResourceClaimForAllNamespaces", + "operationId": "listResourceV1alpha2ResourceClaimForAllNamespaces", "produces": [ "application/json", "application/yaml", @@ -78280,7 +82580,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimList" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimList" } }, "401": { @@ -78291,13 +82591,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "list", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -78357,6 +82657,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -78373,13 +82680,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/resourceclaimtemplates": { + "/apis/resource.k8s.io/v1alpha2/resourceclaimtemplates": { "get": { "consumes": [ "*/*" ], "description": "list or watch objects of kind ResourceClaimTemplate", - "operationId": "listResourceV1alpha1ResourceClaimTemplateForAllNamespaces", + "operationId": "listResourceV1alpha2ResourceClaimTemplateForAllNamespaces", "produces": [ "application/json", "application/yaml", @@ -78391,7 +82698,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClaimTemplateList" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClaimTemplateList" } }, "401": { @@ -78402,13 +82709,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "list", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -78468,6 +82775,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -78484,13 +82798,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/resourceclasses": { + "/apis/resource.k8s.io/v1alpha2/resourceclasses": { "delete": { "consumes": [ "*/*" ], "description": "delete collection of ResourceClass", - "operationId": "deleteResourceV1alpha1CollectionResourceClass", + "operationId": "deleteResourceV1alpha2CollectionResourceClass", "parameters": [ { "in": "body", @@ -78569,6 +82883,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -78597,13 +82918,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "deletecollection", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } }, "get": { @@ -78611,7 +82932,7 @@ "*/*" ], "description": "list or watch objects of kind ResourceClass", - "operationId": "listResourceV1alpha1ResourceClass", + "operationId": "listResourceV1alpha2ResourceClass", "parameters": [ { "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", @@ -78662,6 +82983,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -78688,7 +83016,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClassList" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClassList" } }, "401": { @@ -78699,13 +83027,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "list", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -78722,14 +83050,14 @@ "*/*" ], "description": "create a ResourceClass", - "operationId": "createResourceV1alpha1ResourceClass", + "operationId": "createResourceV1alpha2ResourceClass", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, { @@ -78747,7 +83075,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -78763,19 +83091,19 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "202": { "description": "Accepted", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "401": { @@ -78786,23 +83114,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "post", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/resourceclasses/{name}": { + "/apis/resource.k8s.io/v1alpha2/resourceclasses/{name}": { "delete": { "consumes": [ "*/*" ], "description": "delete a ResourceClass", - "operationId": "deleteResourceV1alpha1ResourceClass", + "operationId": "deleteResourceV1alpha2ResourceClass", "parameters": [ { "in": "body", @@ -78849,13 +83177,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "202": { "description": "Accepted", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "401": { @@ -78866,13 +83194,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "delete", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } }, "get": { @@ -78880,7 +83208,7 @@ "*/*" ], "description": "read the specified ResourceClass", - "operationId": "readResourceV1alpha1ResourceClass", + "operationId": "readResourceV1alpha2ResourceClass", "produces": [ "application/json", "application/yaml", @@ -78890,7 +83218,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "401": { @@ -78901,13 +83229,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "get", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -78935,7 +83263,7 @@ "application/apply-patch+yaml" ], "description": "partially update the specified ResourceClass", - "operationId": "patchResourceV1alpha1ResourceClass", + "operationId": "patchResourceV1alpha2ResourceClass", "parameters": [ { "in": "body", @@ -78960,7 +83288,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -78983,13 +83311,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "401": { @@ -79000,13 +83328,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "patch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } }, "put": { @@ -79014,14 +83342,14 @@ "*/*" ], "description": "replace the specified ResourceClass", - "operationId": "replaceResourceV1alpha1ResourceClass", + "operationId": "replaceResourceV1alpha2ResourceClass", "parameters": [ { "in": "body", "name": "body", "required": true, "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, { @@ -79039,7 +83367,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -79055,13 +83383,13 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "201": { "description": "Created", "schema": { - "$ref": "#/definitions/io.k8s.api.resource.v1alpha1.ResourceClass" + "$ref": "#/definitions/io.k8s.api.resource.v1alpha2.ResourceClass" } }, "401": { @@ -79072,23 +83400,23 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "put", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } } }, - "/apis/resource.k8s.io/v1alpha1/watch/namespaces/{namespace}/podschedulings": { + "/apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/podschedulingcontexts": { "get": { "consumes": [ "*/*" ], - "description": "watch individual changes to a list of PodScheduling. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchResourceV1alpha1NamespacedPodSchedulingList", + "description": "watch individual changes to a list of PodSchedulingContext. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchResourceV1alpha2NamespacedPodSchedulingContextList", "produces": [ "application/json", "application/yaml", @@ -79111,13 +83439,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watchlist", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "parameters": [ @@ -79185,6 +83513,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -79201,13 +83536,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/namespaces/{namespace}/podschedulings/{name}": { + "/apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/podschedulingcontexts/{name}": { "get": { "consumes": [ "*/*" ], - "description": "watch changes to an object of kind PodScheduling. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "operationId": "watchResourceV1alpha1NamespacedPodScheduling", + "description": "watch changes to an object of kind PodSchedulingContext. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", + "operationId": "watchResourceV1alpha2NamespacedPodSchedulingContext", "produces": [ "application/json", "application/yaml", @@ -79230,13 +83565,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "parameters": [ @@ -79276,7 +83611,7 @@ "uniqueItems": true }, { - "description": "name of the PodScheduling", + "description": "name of the PodSchedulingContext", "in": "path", "name": "name", "required": true, @@ -79312,6 +83647,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -79328,13 +83670,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/namespaces/{namespace}/resourceclaims": { + "/apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaims": { "get": { "consumes": [ "*/*" ], "description": "watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchResourceV1alpha1NamespacedResourceClaimList", + "operationId": "watchResourceV1alpha2NamespacedResourceClaimList", "produces": [ "application/json", "application/yaml", @@ -79357,13 +83699,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watchlist", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -79431,6 +83773,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -79447,13 +83796,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/namespaces/{namespace}/resourceclaims/{name}": { + "/apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaims/{name}": { "get": { "consumes": [ "*/*" ], "description": "watch changes to an object of kind ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "operationId": "watchResourceV1alpha1NamespacedResourceClaim", + "operationId": "watchResourceV1alpha2NamespacedResourceClaim", "produces": [ "application/json", "application/yaml", @@ -79476,13 +83825,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -79558,6 +83907,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -79574,13 +83930,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/namespaces/{namespace}/resourceclaimtemplates": { + "/apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaimtemplates": { "get": { "consumes": [ "*/*" ], "description": "watch individual changes to a list of ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchResourceV1alpha1NamespacedResourceClaimTemplateList", + "operationId": "watchResourceV1alpha2NamespacedResourceClaimTemplateList", "produces": [ "application/json", "application/yaml", @@ -79603,13 +83959,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watchlist", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -79677,6 +84033,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -79693,13 +84056,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/namespaces/{namespace}/resourceclaimtemplates/{name}": { + "/apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaimtemplates/{name}": { "get": { "consumes": [ "*/*" ], "description": "watch changes to an object of kind ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "operationId": "watchResourceV1alpha1NamespacedResourceClaimTemplate", + "operationId": "watchResourceV1alpha2NamespacedResourceClaimTemplate", "produces": [ "application/json", "application/yaml", @@ -79722,13 +84085,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -79804,6 +84167,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -79820,13 +84190,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/podschedulings": { + "/apis/resource.k8s.io/v1alpha2/watch/podschedulingcontexts": { "get": { "consumes": [ "*/*" ], - "description": "watch individual changes to a list of PodScheduling. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchResourceV1alpha1PodSchedulingListForAllNamespaces", + "description": "watch individual changes to a list of PodSchedulingContext. deprecated: use the 'watch' parameter with a list operation instead.", + "operationId": "watchResourceV1alpha2PodSchedulingContextListForAllNamespaces", "produces": [ "application/json", "application/yaml", @@ -79849,13 +84219,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watchlist", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", - "kind": "PodScheduling", - "version": "v1alpha1" + "kind": "PodSchedulingContext", + "version": "v1alpha2" } }, "parameters": [ @@ -79915,6 +84285,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -79931,13 +84308,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/resourceclaims": { + "/apis/resource.k8s.io/v1alpha2/watch/resourceclaims": { "get": { "consumes": [ "*/*" ], "description": "watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchResourceV1alpha1ResourceClaimListForAllNamespaces", + "operationId": "watchResourceV1alpha2ResourceClaimListForAllNamespaces", "produces": [ "application/json", "application/yaml", @@ -79960,13 +84337,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watchlist", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaim", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -80026,6 +84403,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -80042,13 +84426,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/resourceclaimtemplates": { + "/apis/resource.k8s.io/v1alpha2/watch/resourceclaimtemplates": { "get": { "consumes": [ "*/*" ], "description": "watch individual changes to a list of ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchResourceV1alpha1ResourceClaimTemplateListForAllNamespaces", + "operationId": "watchResourceV1alpha2ResourceClaimTemplateListForAllNamespaces", "produces": [ "application/json", "application/yaml", @@ -80071,13 +84455,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watchlist", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClaimTemplate", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -80137,6 +84521,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -80153,13 +84544,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/resourceclasses": { + "/apis/resource.k8s.io/v1alpha2/watch/resourceclasses": { "get": { "consumes": [ "*/*" ], "description": "watch individual changes to a list of ResourceClass. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchResourceV1alpha1ResourceClassList", + "operationId": "watchResourceV1alpha2ResourceClassList", "produces": [ "application/json", "application/yaml", @@ -80182,13 +84573,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watchlist", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -80248,6 +84639,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -80264,13 +84662,13 @@ } ] }, - "/apis/resource.k8s.io/v1alpha1/watch/resourceclasses/{name}": { + "/apis/resource.k8s.io/v1alpha2/watch/resourceclasses/{name}": { "get": { "consumes": [ "*/*" ], "description": "watch changes to an object of kind ResourceClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "operationId": "watchResourceV1alpha1ResourceClass", + "operationId": "watchResourceV1alpha2ResourceClass", "produces": [ "application/json", "application/yaml", @@ -80293,13 +84691,13 @@ "https" ], "tags": [ - "resource_v1alpha1" + "resource_v1alpha2" ], "x-kubernetes-action": "watch", "x-kubernetes-group-version-kind": { "group": "resource.k8s.io", "kind": "ResourceClass", - "version": "v1alpha1" + "version": "v1alpha2" } }, "parameters": [ @@ -80367,6 +84765,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -80534,6 +84939,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -80627,6 +85039,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -80712,7 +85131,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -80925,7 +85344,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -81004,7 +85423,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -81142,6 +85561,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -81261,6 +85687,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -81428,6 +85861,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -81521,6 +85961,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -81606,7 +86053,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -81819,7 +86266,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -81898,7 +86345,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -82026,6 +86473,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -82119,6 +86573,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -82204,7 +86665,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -82417,7 +86878,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -82496,7 +86957,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -82634,6 +87095,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -82735,6 +87203,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -82828,6 +87303,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -82921,7 +87403,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -83142,7 +87624,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -83221,7 +87703,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -83349,6 +87831,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -83442,6 +87931,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -83527,7 +88023,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -83740,7 +88236,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -83819,7 +88315,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -83947,6 +88443,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -84040,6 +88543,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -84125,7 +88635,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -84338,7 +88848,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -84417,7 +88927,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -84546,7 +89056,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -84625,7 +89135,7 @@ "uniqueItems": true }, { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", + "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", "in": "query", "name": "fieldValidation", "type": "string", @@ -84763,6 +89273,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -84882,6 +89399,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -84993,6 +89517,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -85112,6 +89643,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -85223,6 +89761,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -85342,6 +89887,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -85469,6 +90021,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -85580,6 +90139,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -85699,6 +90265,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -85810,6 +90383,13 @@ "type": "string", "uniqueItems": true }, + { + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", + "in": "query", + "name": "sendInitialEvents", + "type": "boolean", + "uniqueItems": true + }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", "in": "query", @@ -85930,1119 +90510,11 @@ "uniqueItems": true }, { - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", + "description": "`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic \"Bookmark\" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `\"k8s.io/initial-events-end\": \"true\"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.\n\nWhen `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan\n is interpreted as \"data at least as new as the provided `resourceVersion`\"\n and the bookmark event is send when the state is synced\n to a `resourceVersion` at least as fresh as the one provided by the ListOptions.\n If `resourceVersion` is unset, this is interpreted as \"consistent read\" and the\n bookmark event is send when the state is synced at least to the moment\n when request started being processed.\n- `resourceVersionMatch` set to any other value or unset\n Invalid error is returned.\n\nDefaults to true if `resourceVersion=\"\"` or `resourceVersion=\"0\"` (for backward compatibility reasons) and to false otherwise.", "in": "query", - "name": "timeoutSeconds", - "type": "integer", - "uniqueItems": true - }, - { - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "in": "query", - "name": "watch", + "name": "sendInitialEvents", "type": "boolean", "uniqueItems": true - } - ] - }, - "/apis/storage.k8s.io/v1beta1/": { - "get": { - "consumes": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "description": "get available resources", - "operationId": "getStorageV1beta1APIResources", - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.APIResourceList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ] - } - }, - "/apis/storage.k8s.io/v1beta1/csistoragecapacities": { - "get": { - "consumes": [ - "*/*" - ], - "description": "list or watch objects of kind CSIStorageCapacity", - "operationId": "listStorageV1beta1CSIStorageCapacityForAllNamespaces", - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacityList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "parameters": [ - { - "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - "in": "query", - "name": "allowWatchBookmarks", - "type": "boolean", - "uniqueItems": true - }, - { - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "in": "query", - "name": "continue", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "in": "query", - "name": "fieldSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "in": "query", - "name": "labelSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "in": "query", - "name": "limit", - "type": "integer", - "uniqueItems": true - }, - { - "description": "If 'true', then the output is pretty printed.", - "in": "query", - "name": "pretty", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersion", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersionMatch", - "type": "string", - "uniqueItems": true - }, - { - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "in": "query", - "name": "timeoutSeconds", - "type": "integer", - "uniqueItems": true - }, - { - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "in": "query", - "name": "watch", - "type": "boolean", - "uniqueItems": true - } - ] - }, - "/apis/storage.k8s.io/v1beta1/namespaces/{namespace}/csistoragecapacities": { - "delete": { - "consumes": [ - "*/*" - ], - "description": "delete collection of CSIStorageCapacity", - "operationId": "deleteStorageV1beta1CollectionNamespacedCSIStorageCapacity", - "parameters": [ - { - "in": "body", - "name": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "in": "query", - "name": "continue", - "type": "string", - "uniqueItems": true - }, - { - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "in": "query", - "name": "dryRun", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "in": "query", - "name": "fieldSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "in": "query", - "name": "gracePeriodSeconds", - "type": "integer", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "in": "query", - "name": "labelSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "in": "query", - "name": "limit", - "type": "integer", - "uniqueItems": true - }, - { - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "in": "query", - "name": "orphanDependents", - "type": "boolean", - "uniqueItems": true - }, - { - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "in": "query", - "name": "propagationPolicy", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersion", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersionMatch", - "type": "string", - "uniqueItems": true - }, - { - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "in": "query", - "name": "timeoutSeconds", - "type": "integer", - "uniqueItems": true - } - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "deletecollection", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "get": { - "consumes": [ - "*/*" - ], - "description": "list or watch objects of kind CSIStorageCapacity", - "operationId": "listStorageV1beta1NamespacedCSIStorageCapacity", - "parameters": [ - { - "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - "in": "query", - "name": "allowWatchBookmarks", - "type": "boolean", - "uniqueItems": true - }, - { - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "in": "query", - "name": "continue", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "in": "query", - "name": "fieldSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "in": "query", - "name": "labelSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "in": "query", - "name": "limit", - "type": "integer", - "uniqueItems": true - }, - { - "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersion", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersionMatch", - "type": "string", - "uniqueItems": true - }, - { - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "in": "query", - "name": "timeoutSeconds", - "type": "integer", - "uniqueItems": true - }, - { - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "in": "query", - "name": "watch", - "type": "boolean", - "uniqueItems": true - } - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacityList" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "list", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "parameters": [ - { - "description": "object name and auth scope, such as for teams and projects", - "in": "path", - "name": "namespace", - "required": true, - "type": "string", - "uniqueItems": true - }, - { - "description": "If 'true', then the output is pretty printed.", - "in": "query", - "name": "pretty", - "type": "string", - "uniqueItems": true - } - ], - "post": { - "consumes": [ - "*/*" - ], - "description": "create a CSIStorageCapacity", - "operationId": "createStorageV1beta1NamespacedCSIStorageCapacity", - "parameters": [ - { - "in": "body", - "name": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - { - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "in": "query", - "name": "dryRun", - "type": "string", - "uniqueItems": true - }, - { - "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - "in": "query", - "name": "fieldManager", - "type": "string", - "uniqueItems": true - }, - { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - "in": "query", - "name": "fieldValidation", - "type": "string", - "uniqueItems": true - } - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "post", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - } - }, - "/apis/storage.k8s.io/v1beta1/namespaces/{namespace}/csistoragecapacities/{name}": { - "delete": { - "consumes": [ - "*/*" - ], - "description": "delete a CSIStorageCapacity", - "operationId": "deleteStorageV1beta1NamespacedCSIStorageCapacity", - "parameters": [ - { - "in": "body", - "name": "body", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions" - } - }, - { - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "in": "query", - "name": "dryRun", - "type": "string", - "uniqueItems": true - }, - { - "description": "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.", - "in": "query", - "name": "gracePeriodSeconds", - "type": "integer", - "uniqueItems": true - }, - { - "description": "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.", - "in": "query", - "name": "orphanDependents", - "type": "boolean", - "uniqueItems": true - }, - { - "description": "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.", - "in": "query", - "name": "propagationPolicy", - "type": "string", - "uniqueItems": true - } - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Status" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "delete", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "get": { - "consumes": [ - "*/*" - ], - "description": "read the specified CSIStorageCapacity", - "operationId": "readStorageV1beta1NamespacedCSIStorageCapacity", - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "get", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "parameters": [ - { - "description": "name of the CSIStorageCapacity", - "in": "path", - "name": "name", - "required": true, - "type": "string", - "uniqueItems": true - }, - { - "description": "object name and auth scope, such as for teams and projects", - "in": "path", - "name": "namespace", - "required": true, - "type": "string", - "uniqueItems": true - }, - { - "description": "If 'true', then the output is pretty printed.", - "in": "query", - "name": "pretty", - "type": "string", - "uniqueItems": true - } - ], - "patch": { - "consumes": [ - "application/json-patch+json", - "application/merge-patch+json", - "application/strategic-merge-patch+json", - "application/apply-patch+yaml" - ], - "description": "partially update the specified CSIStorageCapacity", - "operationId": "patchStorageV1beta1NamespacedCSIStorageCapacity", - "parameters": [ - { - "in": "body", - "name": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch" - } - }, - { - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "in": "query", - "name": "dryRun", - "type": "string", - "uniqueItems": true - }, - { - "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).", - "in": "query", - "name": "fieldManager", - "type": "string", - "uniqueItems": true - }, - { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - "in": "query", - "name": "fieldValidation", - "type": "string", - "uniqueItems": true - }, - { - "description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.", - "in": "query", - "name": "force", - "type": "boolean", - "uniqueItems": true - } - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "patch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "put": { - "consumes": [ - "*/*" - ], - "description": "replace the specified CSIStorageCapacity", - "operationId": "replaceStorageV1beta1NamespacedCSIStorageCapacity", - "parameters": [ - { - "in": "body", - "name": "body", - "required": true, - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - { - "description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed", - "in": "query", - "name": "dryRun", - "type": "string", - "uniqueItems": true - }, - { - "description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.", - "in": "query", - "name": "fieldManager", - "type": "string", - "uniqueItems": true - }, - { - "description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.", - "in": "query", - "name": "fieldValidation", - "type": "string", - "uniqueItems": true - } - ], - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/io.k8s.api.storage.v1beta1.CSIStorageCapacity" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "put", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - } - }, - "/apis/storage.k8s.io/v1beta1/watch/csistoragecapacities": { - "get": { - "consumes": [ - "*/*" - ], - "description": "watch individual changes to a list of CSIStorageCapacity. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchStorageV1beta1CSIStorageCapacityListForAllNamespaces", - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "parameters": [ - { - "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - "in": "query", - "name": "allowWatchBookmarks", - "type": "boolean", - "uniqueItems": true - }, - { - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "in": "query", - "name": "continue", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "in": "query", - "name": "fieldSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "in": "query", - "name": "labelSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "in": "query", - "name": "limit", - "type": "integer", - "uniqueItems": true - }, - { - "description": "If 'true', then the output is pretty printed.", - "in": "query", - "name": "pretty", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersion", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersionMatch", - "type": "string", - "uniqueItems": true - }, - { - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "in": "query", - "name": "timeoutSeconds", - "type": "integer", - "uniqueItems": true - }, - { - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "in": "query", - "name": "watch", - "type": "boolean", - "uniqueItems": true - } - ] - }, - "/apis/storage.k8s.io/v1beta1/watch/namespaces/{namespace}/csistoragecapacities": { - "get": { - "consumes": [ - "*/*" - ], - "description": "watch individual changes to a list of CSIStorageCapacity. deprecated: use the 'watch' parameter with a list operation instead.", - "operationId": "watchStorageV1beta1NamespacedCSIStorageCapacityList", - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "watchlist", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "parameters": [ - { - "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - "in": "query", - "name": "allowWatchBookmarks", - "type": "boolean", - "uniqueItems": true - }, - { - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "in": "query", - "name": "continue", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "in": "query", - "name": "fieldSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "in": "query", - "name": "labelSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "in": "query", - "name": "limit", - "type": "integer", - "uniqueItems": true - }, - { - "description": "object name and auth scope, such as for teams and projects", - "in": "path", - "name": "namespace", - "required": true, - "type": "string", - "uniqueItems": true - }, - { - "description": "If 'true', then the output is pretty printed.", - "in": "query", - "name": "pretty", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersion", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersionMatch", - "type": "string", - "uniqueItems": true - }, - { - "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", - "in": "query", - "name": "timeoutSeconds", - "type": "integer", - "uniqueItems": true - }, - { - "description": "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.", - "in": "query", - "name": "watch", - "type": "boolean", - "uniqueItems": true - } - ] - }, - "/apis/storage.k8s.io/v1beta1/watch/namespaces/{namespace}/csistoragecapacities/{name}": { - "get": { - "consumes": [ - "*/*" - ], - "description": "watch changes to an object of kind CSIStorageCapacity. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.", - "operationId": "watchStorageV1beta1NamespacedCSIStorageCapacity", - "produces": [ - "application/json", - "application/yaml", - "application/vnd.kubernetes.protobuf", - "application/json;stream=watch", - "application/vnd.kubernetes.protobuf;stream=watch" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.WatchEvent" - } - }, - "401": { - "description": "Unauthorized" - } - }, - "schemes": [ - "https" - ], - "tags": [ - "storage_v1beta1" - ], - "x-kubernetes-action": "watch", - "x-kubernetes-group-version-kind": { - "group": "storage.k8s.io", - "kind": "CSIStorageCapacity", - "version": "v1beta1" - } - }, - "parameters": [ - { - "description": "allowWatchBookmarks requests watch events with type \"BOOKMARK\". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.", - "in": "query", - "name": "allowWatchBookmarks", - "type": "boolean", - "uniqueItems": true - }, - { - "description": "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the \"next key\".\n\nThis field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.", - "in": "query", - "name": "continue", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their fields. Defaults to everything.", - "in": "query", - "name": "fieldSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "A selector to restrict the list of returned objects by their labels. Defaults to everything.", - "in": "query", - "name": "labelSelector", - "type": "string", - "uniqueItems": true - }, - { - "description": "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.", - "in": "query", - "name": "limit", - "type": "integer", - "uniqueItems": true - }, - { - "description": "name of the CSIStorageCapacity", - "in": "path", - "name": "name", - "required": true, - "type": "string", - "uniqueItems": true - }, - { - "description": "object name and auth scope, such as for teams and projects", - "in": "path", - "name": "namespace", - "required": true, - "type": "string", - "uniqueItems": true - }, - { - "description": "If 'true', then the output is pretty printed.", - "in": "query", - "name": "pretty", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersion", - "type": "string", - "uniqueItems": true - }, - { - "description": "resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.\n\nDefaults to unset", - "in": "query", - "name": "resourceVersionMatch", - "type": "string", - "uniqueItems": true }, { "description": "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.", diff --git a/api-ref-assets/config/fields.yaml b/api-ref-assets/config/fields.yaml index 60e76f6c299..4f78cffcf7a 100644 --- a/api-ref-assets/config/fields.yaml +++ b/api-ref-assets/config/fields.yaml @@ -99,6 +99,7 @@ - initContainerStatuses - containerStatuses - ephemeralContainerStatuses + - resize - definition: io.k8s.api.core.v1.Container field_categories: @@ -127,6 +128,7 @@ - name: Resources fields: - resources + - resizePolicy - name: Lifecycle fields: - lifecycle @@ -219,6 +221,9 @@ fields: - volumeMounts - volumeDevices + - name: Resources + fields: + - resizePolicy - name: Lifecycle fields: - terminationMessagePath diff --git a/api-ref-assets/config/toc.yaml b/api-ref-assets/config/toc.yaml index 0c720538739..77bd3cbe9df 100644 --- a/api-ref-assets/config/toc.yaml +++ b/api-ref-assets/config/toc.yaml @@ -66,18 +66,18 @@ parts: - name: PriorityClass group: scheduling.k8s.io version: v1 - - name: PodScheduling + - name: PodSchedulingContext group: resource.k8s.io - version: v1alpha1 + version: v1alpha2 - name: ResourceClaim group: resource.k8s.io - version: v1alpha1 + version: v1alpha2 - name: ResourceClaimTemplate group: resource.k8s.io - version: v1alpha1 + version: v1alpha2 - name: ResourceClass group: resource.k8s.io - version: v1alpha1 + version: v1alpha2 - name: Service Resources chapters: - name: Service @@ -148,6 +148,12 @@ parts: - name: CertificateSigningRequest group: certificates.k8s.io version: v1 + - name: ClusterTrustBundle + group: certificates.k8s.io + version: v1alpha1 + - name: SelfSubjectReview + group: authentication.k8s.io + version: v1beta1 - name: Authorization Resources chapters: - name: LocalSubjectAccessReview @@ -191,6 +197,9 @@ parts: - name: PodDisruptionBudget group: policy version: v1 + - name: IPAddress + group: networking.k8s.io + version: v1alpha1 - name: Extend Resources chapters: - name: CustomResourceDefinition diff --git a/assets/scss/_base.scss b/assets/scss/_base.scss index 8b2cc87b3ec..20025064d2b 100644 --- a/assets/scss/_base.scss +++ b/assets/scss/_base.scss @@ -102,6 +102,16 @@ main { } } +::selection { + background: #326ce5; + color: white; +} + +::-moz-selection { + background: #326ce5; + color: white; +} + // HEADER #hamburger { diff --git a/content/de/docs/concepts/configuration/manage-resource-containers.md b/content/de/docs/concepts/configuration/manage-resource-containers.md new file mode 100644 index 00000000000..9ba50de1934 --- /dev/null +++ b/content/de/docs/concepts/configuration/manage-resource-containers.md @@ -0,0 +1,9 @@ +--- +title: Resourcen-Verwaltung für Pods und Container +content_type: concept +weight: 40 +feature: + title: Automatisches Bin Packing + description: > + Container können je nach Systemanforderungen auf spezifischen Nodes ausgeführt werden. Somit kann eine effiziente Nutzung von Ressourcen erreicht werden. +--- \ No newline at end of file diff --git a/content/de/docs/concepts/configuration/secret.md b/content/de/docs/concepts/configuration/secret.md new file mode 100644 index 00000000000..25ee70b7c16 --- /dev/null +++ b/content/de/docs/concepts/configuration/secret.md @@ -0,0 +1,9 @@ +--- +title: Secrets +content_type: concept +feature: + title: Verwaltung von Secrets und Konfigurationen + description: > + Deploye und aktualisiere Secrets sowie Anwendungskonfigurationen, ohne ein Image neu zu bauen oder Secrets preiszugeben. +weight: 30 +--- \ No newline at end of file diff --git a/content/de/docs/concepts/extend-kubernetes/_index.md b/content/de/docs/concepts/extend-kubernetes/_index.md index a537b745ada..d23443d3c31 100644 --- a/content/de/docs/concepts/extend-kubernetes/_index.md +++ b/content/de/docs/concepts/extend-kubernetes/_index.md @@ -1,4 +1,8 @@ --- title: "Kubernetes erweitern" weight: 110 +feature: + title: Für Erweiterungen entworfen + description: > + Kubernetes kann ohne Änderungen am Upstream-Quelltext erweitert werden. --- diff --git a/content/de/docs/concepts/services-networking/dual-stack.md b/content/de/docs/concepts/services-networking/dual-stack.md new file mode 100644 index 00000000000..4e1f4be1af3 --- /dev/null +++ b/content/de/docs/concepts/services-networking/dual-stack.md @@ -0,0 +1,18 @@ +--- +title: IPv4/IPv6 dual-stack +description: >- + Kubernetes erlaubt Netzwerkkonfigurationen mit IPv4 oder IPv6 (Single Stack). + Im Dual-Stack-Betrieb kann IPv4 im Verbund mit IPv6 verwendet werden. + +feature: + title: IPv4/IPv6 Dual-Stack + description: > + Pods und Dienste können gleichzeitig IPv4- und IPv6-Adressen verwenden. +content_type: concept +reviewers: + - lachie83 + - khenidak + - aramase + - bridgetkromhout +weight: 90 +--- \ No newline at end of file diff --git a/content/de/docs/concepts/services-networking/service.md b/content/de/docs/concepts/services-networking/service.md new file mode 100644 index 00000000000..05b9f275a28 --- /dev/null +++ b/content/de/docs/concepts/services-networking/service.md @@ -0,0 +1,12 @@ +--- +title: Services +feature: + title: Service-Discovery und Load Balancing + description: > + Anwendungen müssen keinen komplizierten Mechanismus für Service-Discovery verwenden. Kubernetes verteilt IP-Adressen und DNS-Einträge automatisch an Pods und übernimmt auch das Load Balancing. +description: >- + Veröffentliche deine Applikation über einen einzelnen, nach außen sichtbaren Endpunkt, + auch wenn die Workload über mehrere Backends verteilt ist. +content_type: concept +weight: 10 +--- \ No newline at end of file diff --git a/content/de/docs/concepts/storage/persistent_volumes.md b/content/de/docs/concepts/storage/persistent_volumes.md new file mode 100644 index 00000000000..d0320d5b977 --- /dev/null +++ b/content/de/docs/concepts/storage/persistent_volumes.md @@ -0,0 +1,10 @@ +--- +title: Persistente Volumes +feature: + title: Speicher-Orchestrierung + description: > + Binde automatisch deinen gewünschten Speicher ein. Egal, ob lokaler Speicher, Speicher eines Cloud Providers (z.B. AWS oder GCP) oder ein Netzwerkspeicher (z.B. NFS, iSCSI, Ceph oder Cinder). + +content_type: concept +weight: 10 +--- \ No newline at end of file diff --git a/content/de/docs/concepts/workloads/controllers/deployment.md b/content/de/docs/concepts/workloads/controllers/deployment.md new file mode 100644 index 00000000000..35b21bc8519 --- /dev/null +++ b/content/de/docs/concepts/workloads/controllers/deployment.md @@ -0,0 +1,10 @@ +--- +title: Deployments +feature: + title: Automatisierte Rollouts und Rollbacks + description: > + Kubernetes wendet Änderungen an deinen Anwendungen oder seiner eigenen Konfiguration stufenweise an. Währenddessen achtet es darauf, dass nicht alle Instanzen der Anwendung zur gleichen Zeit beeinträchtigt werden. Falls etwas schief geht, macht Kubernetes die Änderungen rückgängig. + +content_type: concept +weight: 10 +--- \ No newline at end of file diff --git a/content/de/docs/concepts/workloads/controllers/job.md b/content/de/docs/concepts/workloads/controllers/job.md new file mode 100644 index 00000000000..da65fa9dca7 --- /dev/null +++ b/content/de/docs/concepts/workloads/controllers/job.md @@ -0,0 +1,9 @@ +--- +title: Jobs +content_type: concept +feature: + title: Stapelweise Ausführung + description: > + Neben Diensten kann Kubernetes auch die stapelweise Ausführung von Workloads verwalten. Im Falle eines Fehlers können Container ausgetauscht werden. +weight: 50 +--- \ No newline at end of file diff --git a/content/de/docs/concepts/workloads/controllers/replicaset.md b/content/de/docs/concepts/workloads/controllers/replicaset.md new file mode 100644 index 00000000000..03addcb9ca0 --- /dev/null +++ b/content/de/docs/concepts/workloads/controllers/replicaset.md @@ -0,0 +1,10 @@ +--- +title: ReplicaSet +feature: + title: Selbstheilung + anchor: Funktionsweise eines ReplicaSets + description: > + Container werden mithilfe von Health-Checks überwacht und im Falle eines Fehlers neu gestartet. Sie werden erst wieder verwendet, wenn Sie komplett einsatzbereit sind. +content_type: concept +weight: 20 +--- \ No newline at end of file diff --git a/content/de/docs/tasks/tools/_index.md b/content/de/docs/tasks/tools/_index.md index 1de111c0ce8..cb0a825dc58 100644 --- a/content/de/docs/tasks/tools/_index.md +++ b/content/de/docs/tasks/tools/_index.md @@ -3,3 +3,25 @@ title: "Werkzeuge installieren" weight: 10 --- +## kubectl + +Das Kubernetes Befehlszeilenprogramm [kubectl](/docs/user-guide/kubectl/) ermöglicht es Ihnen, Befehle auf einem Kubernetes-Cluster auszuführen. Sie können mit kubectl Anwendungen bereitstellen, Cluster-Ressourcen überwachen und verwalten sowie Logs einsehen. +Weitere Informationen über alle verfügbaren `kubectl`-Befehle finden Sie in der [Kommandoreferenz von kubectl](/docs/reference/kubectl/). + +`kubectl` kann unter Linux, macOS und Windows installiert werden. [Hier](install-kubectl) finden Sie Anleitungen zur Installation von `kubectl`. + +## kind +Mit [`kind`](https://kind.sigs.k8s.io/) können Sie Kubernetes lokal auf Ihrem Computer ausführen. Voraussetzung hierfür ist eine konfigurierte und funktionierende [Docker](https://docs.docker.com/get-docker/)-Installation. + +Die `kind` [Schnellstart](https://kind.sigs.k8s.io/docs/user/quick-start/)-Seite gibt Informationen darüber, was für den schnellen Einstieg mit `kind` benötigt wird. + +## minikube +Ähnlich wie `kind` ist [`minikube`](https://minikube.sigs.k8s.io/) ein Tool, mit dem man Kubernetes lokal auf dem Computer ausführen kann. Minikube erstellt Cluster mit einer Node oder mehreren Nodes. Somit ist es ein praktisches Tool für tägliche Entwicklungsaktivitäten mit Kubernetes, oder um Kubernetes einfach einmal lokal auszuprobieren. + +[Hier](/install-minikube) erfahren Sie, wie Sie `minikube` auf Ihrem Computer installieren können. +Falls Sie `minikube` bereits installiert haben, können Sie es verwenden, um eine [Beispiel-Anwendung zu bereitzustellen.](/docs/tutorials/hello-minikube/). + +## kubeadm +Mit `kubeadm` können Sie Kubernetes-Cluster erstellen und verwalten. `kubeadm` führt alle notwendigen Schritte aus, um ein minimales aber sicheres Cluster in einer benutzerfreundlichen Art und Weise aufzusetzen. +[Auf dieser Seite](/docs/setup/production-environment/tools/kubeadm/install-kubeadm/) finden Sie Anleitungen zur Installation von `kubeadm`. +Sobald Sie `kubeadm` installiert haben, erfahren Sie [hier](/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/) wie man ein Cluster mit `kubeadm` erstellt. \ No newline at end of file diff --git a/content/en/blog/_posts/2022-05-13-grpc-probes-in-beta.md b/content/en/blog/_posts/2022-05-13-grpc-probes-in-beta.md index e4a9ab0092c..77cf06d1040 100644 --- a/content/en/blog/_posts/2022-05-13-grpc-probes-in-beta.md +++ b/content/en/blog/_posts/2022-05-13-grpc-probes-in-beta.md @@ -7,6 +7,7 @@ slug: grpc-probes-now-in-beta **Author**: Sergey Kanzhelev (Google) +_Update: Since this article was posted, the feature was graduated to GA in v1.27 and doesn't require any feature gates to be enabled. With Kubernetes 1.24 the gRPC probes functionality entered beta and is available by default. Now you can configure startup, liveness, and readiness probes for your gRPC app diff --git a/content/en/blog/_posts/2022-12-27-cpumanager-goes-GA.md b/content/en/blog/_posts/2022-12-27-cpumanager-goes-GA.md index d1edc4575b0..d7ced81802d 100644 --- a/content/en/blog/_posts/2022-12-27-cpumanager-goes-GA.md +++ b/content/en/blog/_posts/2022-12-27-cpumanager-goes-GA.md @@ -40,7 +40,7 @@ compatible behavior when disabled, and to document how to interact with each oth This enabled the Kubernetes project to graduate to GA the CPU Manager core component and core CPU allocation algorithms to GA, while also enabling a new age of experimentation in this area. -In Kubernetes v1.26, the CPU Manager supports [three different policy options](/docs/tasks/administer-cluster/cpu-management-policies.md#static-policy-options): +In Kubernetes v1.26, the CPU Manager supports [three different policy options](/docs/tasks/administer-cluster/cpu-management-policies#static-policy-options): `full-pcpus-only` : restrict the CPU Manager core allocation algorithm to full physical cores only, reducing noisy neighbor issues from hardware technologies that allow sharing cores. diff --git a/content/en/blog/_posts/2023-04-11-kubernetes-1.27-blog.md b/content/en/blog/_posts/2023-04-11-kubernetes-1.27-blog.md new file mode 100644 index 00000000000..def80c55e40 --- /dev/null +++ b/content/en/blog/_posts/2023-04-11-kubernetes-1.27-blog.md @@ -0,0 +1,223 @@ +--- +layout: blog +title: "Kubernetes v1.27: Chill Vibes" +date: 2023-04-11 +slug: kubernetes-v1-27-release +--- + +**Authors**: [Kubernetes v1.27 Release Team](https://github.com/kubernetes/sig-release/blob/master/releases/release-1.27/release-team.md) + +Announcing the release of Kubernetes v1.27, the first release of 2023! + +This release consist of 60 enhancements. 18 of those enhancements are entering Alpha, 29 are graduating to Beta, and 13 are graduating to Stable. + +## Release theme and logo + +**Kubernetes v1.27: Chill Vibes** + +The theme for Kubernetes v1.27 is *Chill Vibes*. + +{{< figure src="/images/blog/2023-04-11-kubernetes-1.27-blog/kubernetes-1.27.png" alt="Kubernetes 1.27 Chill Vibes logo" class="release-logo" >}} + + +It's a little silly, but there were some important shifts in this release that helped inspire the theme. Throughout a typical Kubernetes release cycle, there are several deadlines that features need to meet to remain included. If a feature misses any of these deadlines, there is an exception process they can go through. Handling these exceptions is a very normal part of the release. But v1.27 is the first release that anyone can remember where we didn't receive a single exception request after the enhancements freeze. Even as the release progressed, things remained much calmer than any of us are used to. + +There's a specific reason we were able to enjoy a more calm release this time around, and that's all the work that folks put in behind the scenes to improve how we manage the release. That's what this theme celebrates, people putting in the work to make things better for the community. + +Special thanks to [Britnee Laverack](https://www.instagram.com/artsyfie/) for creating the logo. Britnee also designed the logo for [Kubernetes 1.24: Stargazer](https://kubernetes.io/blog/2022/05/03/kubernetes-1-24-release-announcement/#release-theme-and-logo). + +# What's New (Major Themes) + +## Freeze `k8s.gcr.io` image registry + +Replacing the old image registry, [k8s.gcr.io](https://cloud.google.com/container-registry/) with [registry.k8s.io](https://github.com/kubernetes/registry.k8s.io) which has been generally available for several months. The Kubernetes project created and runs the `registry.k8s.io` image registry, which is fully controlled by the community. +This means that the old registry `k8s.gcr.io` will be frozen and no further images for Kubernetes and related sub-projects will be published to the old registry. + +What does this change mean for contributors? + +* If you are a maintainer of a sub-project, you will need to update your manifests and Helm charts to use the new registry. For more information, checkout this [project](https://github.com/kubernetes-sigs/community-images). + +What does this change mean for end users? + +* Kubernetes `v1.27` release will not be published to the `k8s.gcr.io` registry. + +* Patch releases for `v1.24`, `v1.25`, and `v1.26` will no longer be published to the old registry after April. + +* Starting in v1.25, the default image registry has been set to `registry.k8s.io`. This value is overridable in kubeadm and kubelet but setting it to `k8s.gcr.io` will fail for new releases after April as they won’t be present in the old registry. + +* If you want to increase the reliability of your cluster and remove dependency on the community-owned registry or you are running Kubernetes in networks where external traffic is restricted, you should consider hosting local image registry mirrors. Some cloud vendors may offer hosted solutions for this. + + +## `SeccompDefault` graduates to stable + +To use seccomp profile defaulting, you must run the kubelet with the `--seccomp-default` [command line flag](/docs/reference/command-line-tools-reference/kubelet) enabled for each node where you want to use it. +If enabled, the kubelet will use the `RuntimeDefault` seccomp profile by default, which is defined by the container runtime, instead of using the `Unconfined` (seccomp disabled) mode. The default profiles aim to provide a strong set of security defaults while preserving the functionality of the workload. It is possible that the default profiles differ between container runtimes and their release versions. + +You can find detailed information about a possible upgrade and downgrade strategy in the related Kubernetes Enhancement Proposal (KEP): [Enable seccomp by default](https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2413-seccomp-by-default). + +## Mutable scheduling directives for Jobs graduates to GA + +This was introduced in v1.22 and started as a beta level, now it's stable. In most cases a parallel job will want the pods to run with constraints, like all in the same zone, or all either on GPU model x or y but not a mix of both. The `suspend` field is the first step towards achieving those semantics. `suspend` allows a custom queue controller to decide when a job should start. However, once a job is unsuspended, a custom queue controller has no influence on where the pods of a job will actually land. + +This feature allows updating a Job's scheduling directives before it starts, which gives custom queue controllers +the ability to influence pod placement while at the same time offloading actual pod-to-node assignment to +kube-scheduler. This is allowed only for suspended Jobs that have never been unsuspended before. +The fields in a Job's pod template that can be updated are node affinity, node selector, tolerations, labels +,annotations, and [scheduling gates](/docs/concepts/scheduling-eviction/pod-scheduling-readiness/). +Find more details in the KEP: +[Allow updating scheduling directives of jobs](https://github.com/kubernetes/enhancements/tree/master/keps/sig-scheduling/2926-job-mutable-scheduling-directives). + +## DownwardAPIHugePages graduates to stable + +In Kubernetes v1.20, support for `requests.hugepages-` and `limits.hugepages-` was added +to the [downward API](/docs/concepts/workloads/pods/downward-api/) to be consistent with other resources like cpu, memory, and ephemeral storage. +This feature graduates to stable in this release. You can find more details in the KEP: +[Downward API HugePages](https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2053-downward-api-hugepages). + +## Pod Scheduling Readiness goes to beta + +Upon creation, Pods are ready for scheduling. Kubernetes scheduler does its due diligence to find nodes to place all pending Pods. However, in a real-world case, some Pods may stay in a _missing-essential-resources_ state for a long period. These Pods actually churn the scheduler (and downstream integrators like Cluster Autoscaler) in an unnecessary manner. + +By specifying/removing a Pod's `.spec.schedulingGates`, you can control when a Pod is ready to be considered for scheduling. + +The `schedulingGates` field contains a list of strings, and each string literal is perceived as a criteria that must be satisfied before a Pod is considered schedulable. This field can be initialized only when a Pod is created (either by the client, or mutated during admission). After creation, each schedulingGate can be removed in an arbitrary order, but addition of a new scheduling gate is disallowed. + +## Node log access via Kubernetes API + +This feature helps cluster administrators debug issues with services running on nodes by allowing them to query service logs. To use this feature, ensure that the `NodeLogQuery` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) is enabled on that node, and that the kubelet configuration options `enableSystemLogHandler` and `enableSystemLogQuery` are both set to true. +On Linux, we assume that service logs are available via journald. On Windows, we assume that service logs are available in the application log provider. You can also fetch logs from the `/var/log/` and `C:\var\log` directories on Linux and Windows, respectively. + +A cluster administrator can try out this alpha feature across all nodes of their cluster, or on a subset of them. + +## ReadWriteOncePod PersistentVolume access mode goes to beta + +Kubernetes `v1.22` introduced a new access mode `ReadWriteOncePod` for [PersistentVolumes](/docs/concepts/storage/persistent-volumes/#persistent-volumes) (PVs) and [PersistentVolumeClaims](/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) (PVCs). This access mode enables you to restrict volume access to a single pod in the cluster, ensuring that only one pod can write to the volume at a time. This can be particularly useful for stateful workloads that require single-writer access to storage. + +The ReadWriteOncePod beta adds support for [scheduler preemption](/docs/concepts/scheduling-eviction/pod-priority-preemption/) +of pods that use ReadWriteOncePod PVCs. +Scheduler preemption allows higher-priority pods to preempt lower-priority pods. For example when a pod (A) with a `ReadWriteOncePod` PVC is scheduled, if another pod (B) is found using the same PVC and pod (A) has higher priority, the scheduler will return an `Unschedulable` status and attempt to preempt pod (B). +For more context, see the KEP: [ReadWriteOncePod PersistentVolume AccessMode](https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/2485-read-write-once-pod-pv-access-mode). + + +## Respect PodTopologySpread after rolling upgrades + +`matchLabelKeys` is a list of pod label keys used to select the pods over which spreading will be calculated. The keys are used to lookup values from the pod labels. Those key-value labels are ANDed with `labelSelector` to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the pod labels will be ignored. A null or empty list means only match against the `labelSelector`. + +With `matchLabelKeys`, users don't need to update the `pod.spec` between different revisions. The controller/operator just needs to set different values to the same `label` key for different revisions. The scheduler will assume the values automatically based on `matchLabelKeys`. For example, if users use Deployment, they can use the label keyed with `pod-template-hash`, which is added automatically by the Deployment controller, to distinguish between different revisions in a single Deployment. + + +## Faster SELinux volume relabeling using mounts + +In this release, how SELinux labels are applied to volumes used by Pods is graduating to beta. This feature speeds up container startup by mounting volumes with the correct SELinux label instead of changing each file on the volumes recursively. Linux kernel with SELinux support allows the first mount of a volume to set SELinux label on the whole volume using `-o context=` mount option. This way, all files will have assigned the given label in a constant time, without recursively walking through the whole volumes. + +The `context` mount option cannot be applied to bind mounts or re-mounts of already mounted volumes. +For CSI storage, a CSI driver does the first mount of a volume, and so it must be the CSI driver that actually +applies this mount option. We added a new field `SELinuxMount` to CSIDriver objects, so that drivers can +announce whether they support the `-o context` mount option. + +If Kubernetes knows the SELinux label of a Pod **and** the CSI driver responsible for a pod's volume +announces `SELinuxMount: true` **and** the volume has Access Mode `ReadWriteOncePod`, then it +will ask the CSI driver to mount the volume with mount option `context=` **and** it will tell the container +runtime not to relabel content of the volume (because all files already have the right label). +Get more information on this from the KEP: [Speed up SELinux volume relabeling using mounts](https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1710-selinux-relabeling). + +## Robust VolumeManager reconstruction goes to beta + +This is a volume manager refactoring that allows the kubelet to populate additional information about how +existing volumes are mounted during the kubelet startup. In general, this makes volume cleanup more robust. +If you enable the `NewVolumeManagerReconstruction` feature gate on a node, you'll get enhanced discovery of mounted volumes during kubelet startup. + +Before Kubernetes v1.25, the kubelet used different default behavior for discovering mounted volumes during the kubelet startup. If you disable this feature gate (it's enabled by default), you select the legacy discovery behavior. + +In Kubernetes v1.25 and v1.26, this behavior toggle was part of the `SELinuxMountReadWriteOncePod` feature gate. + +## Mutable Pod Scheduling Directives goes to beta + +This allows mutating a pod that is blocked on a scheduling readiness gate with a more constrained node affinity/selector. It gives the ability to mutate a pods scheduling directives before it is allowed to be scheduled and gives an external resource controller the ability to influence pod placement while at the same time offload actual pod-to-node assignment to kube-scheduler. + +This opens the door for a new pattern of adding scheduling features to Kubernetes. Specifically, building lightweight schedulers that implement features not supported by kube-scheduler, while relying on the existing kube-scheduler to support all upstream features and handle the pod-to-node binding. This pattern should be the preferred one if the custom feature doesn't require implementing a schedule plugin, which entails re-building and maintaining a custom kube-scheduler binary. + +## Feature graduations and deprecations in Kubernetes v1.27 +### Graduations to stable + +This release includes a total of 9 enhancements promoted to Stable: + +* [Default container annotation that to be used by kubectl](https://github.com/kubernetes/enhancements/issues/2227) +* [TimeZone support in CronJob](https://github.com/kubernetes/enhancements/issues/3140) +* [Expose metrics about resource requests and limits that represent the pod model](https://github.com/kubernetes/enhancements/issues/1748) +* [Server Side Unknown Field Validation](https://github.com/kubernetes/enhancements/issues/2885) +* [Node Topology Manager](https://github.com/kubernetes/enhancements/issues/693) +* [Add gRPC probe to Pod.Spec.Container.{Liveness,Readiness,Startup} Probe](https://github.com/kubernetes/enhancements/issues/2727) +* [Add configurable grace period to probes](https://github.com/kubernetes/enhancements/issues/2238) +* [OpenAPI v3](https://github.com/kubernetes/enhancements/issues/2896) +* [Stay on supported Go versions](https://github.com/kubernetes/enhancements/issues/3744) + +### Deprecations and removals + +This release saw several removals: + +* [Removal of `storage.k8s.io/v1beta1` from CSIStorageCapacity](https://github.com/kubernetes/kubernetes/pull/108445) +* [Removal of support for deprecated seccomp annotations](https://github.com/kubernetes/kubernetes/pull/114947) +* [Removal of `--master-service-namespace` command line argument](https://github.com/kubernetes/kubernetes/pull/112797) +* [Removal of the `ControllerManagerLeaderMigration` feature gate](https://github.com/kubernetes/kubernetes/pull/113534) +* [Removal of `--enable-taint-manager` command line argument](https://github.com/kubernetes/kubernetes/pull/111411) +* [Removal of `--pod-eviction-timeout` command line argument](https://github.com/kubernetes/kubernetes/pull/113710) +* [Removal of the `CSI Migration` feature gate](https://github.com/kubernetes/kubernetes/pull/110410) +* [Removal of `CSIInlineVolume` feature gate](https://github.com/kubernetes/kubernetes/pull/111258) +* [Removal of `EphemeralContainers` feature gate](https://github.com/kubernetes/kubernetes/pull/111402) +* [Removal of `LocalStorageCapacityIsolation` feature gate](https://github.com/kubernetes/kubernetes/pull/111513) +* [Removal of `NetworkPolicyEndPort` feature gate](https://github.com/kubernetes/kubernetes/pull/110868) +* [Removal of `StatefulSetMinReadySeconds` feature gate](https://github.com/kubernetes/kubernetes/pull/110896) +* [Removal of `IdentifyPodOS` feature gate](https://github.com/kubernetes/kubernetes/pull/111229) +* [Removal of `DaemonSetUpdateSurge` feature gate](https://github.com/kubernetes/kubernetes/pull/111194) + +## Release notes + +The complete details of the Kubernetes v1.27 release are available in our [release notes](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md). + +## Availability + +Kubernetes v1.27 is available for download on [GitHub](https://github.com/kubernetes/kubernetes/releases/tag/v1.27.0). To get started with Kubernetes, you can run local Kubernetes clusters using [minikube](https://minikube.sigs.k8s.io/docs/), [kind](https://kind.sigs.k8s.io/), etc. You can also easily install v1.27 using [kubeadm](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/). + +## Release team + +Kubernetes is only possible with the support, commitment, and hard work of its community. Each release team is made up of dedicated community volunteers who work together to build the many pieces that make up the Kubernetes releases you rely on. This requires people with specialised skills from all corners of our community, from the code itself to its documentation and project management. + +Special thanks to our Release Lead Xander Grzywinski for guiding us through a smooth and successful release cycle and to all members of the release team for supporting one another and working so hard to produce the v1.27 release for the community. + +## Ecosystem updates + +* KubeCon + CloudNativeCon Europe 2023 will take place in Amsterdam, The Netherlands, from 17 – 21 April 2023! You can find more information about the conference and registration on the [event site](https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/). +* cdCon + GitOpsCon will be held in Vancouver, Canada, on May 8th and 9th, 2023! More information about the conference and registration can be found on the [event site](https://events.linuxfoundation.org/cdcon-gitopscon/). + +## Project velocity + +The [CNCF K8s DevStats](https://k8s.devstats.cncf.io/d/12/dashboards?orgId=1&refresh=15m) project aggregates a number of interesting data points related to the velocity of Kubernetes and various sub-projects. This includes everything from individual contributions to the number of companies that are contributing, and is an illustration of the depth and breadth of effort that goes into evolving this ecosystem. + +In the v1.27 release cycle, which [ran for 14 weeks](https://github.com/kubernetes/sig-release/tree/master/releases/release-1.27) (January 9 to April 11), we saw contributions from [1020 companies](https://k8s.devstats.cncf.io/d/9/companies-table?orgId=1&var-period_name=v1.26.0%20-%20now&var-metric=contributions) and [1603 individuals](https://k8s.devstats.cncf.io/d/66/developer-activity-counts-by-companies?orgId=1&var-period_name=v1.26.0%20-%20now&var-metric=contributions&var-repogroup_name=Kubernetes&var-repo_name=kubernetes%2Fkubernetes&var-country_name=All&var-companies=All). + +## Upcoming release webinar + +Join members of the Kubernetes v1.27 release team on Friday, April 14, 2023, at 10 a.m. PDT to learn about the major features of this release, as well as deprecations and removals to help plan for upgrades. For more information and registration, visit the [event page](https://community.cncf.io/events/details/cncf-cncf-online-programs-presents-cncf-live-webinar-kubernetes-v127-release/) on the CNCF Online Programs site. + +## Get Involved + +The simplest way to get involved with Kubernetes is by joining one of the many [Special Interest Groups](https://github.com/kubernetes/community/blob/master/sig-list.md) (SIGs) that align with your interests. + +Have something you’d like to broadcast to the Kubernetes community? Share your voice at our weekly [community meeting](https://github.com/kubernetes/community/tree/master/communication), and through the channels below: + +* Find out more about contributing to Kubernetes at the [Kubernetes Contributors website](https://www.kubernetes.dev/). + +* Follow us on Twitter [@Kubernetesio](https://twitter.com/kubernetesio) for the latest updates. + +* Join the community discussion on [Discuss](https://discuss.kubernetes.io/). + +* Join the community on [Slack](https://communityinviter.com/apps/kubernetes/community). + +* Post questions (or answer questions) on [Server Fault](https://serverfault.com/questions/tagged/kubernetes). + +* [Share](https://docs.google.com/forms/d/e/1FAIpQLScuI7Ye3VQHQTwBASrgkjQDSS5TP0g3AXfFhwSM9YpHgxRKFA/viewform) your Kubernetes story. + +* Read more about what’s happening with Kubernetes on the [blog](https://kubernetes.io/blog/). + +* Learn more about the [Kubernetes Release Team](https://github.com/kubernetes/sig-release/tree/master/release-team). \ No newline at end of file diff --git a/content/en/blog/_posts/2023-04-17-topology-spread-features.md b/content/en/blog/_posts/2023-04-17-topology-spread-features.md new file mode 100644 index 00000000000..9edaada138d --- /dev/null +++ b/content/en/blog/_posts/2023-04-17-topology-spread-features.md @@ -0,0 +1,151 @@ +--- +layout: blog +title: "Kubernetes 1.27: More fine-grained pod topology spread policies reached beta" +date: 2023-04-17 +slug: fine-grained-pod-topology-spread-features-beta +--- + +**Authors:** [Alex Wang](https://github.com/denkensk) (Shopee), [Kante Yin](https://github.com/kerthcet) (DaoCloud), [Kensei Nakada](https://github.com/sanposhiho) (Mercari) + +In Kubernetes v1.19, [Pod topology spread constraints](/docs/concepts/scheduling-eviction/topology-spread-constraints/) +went to general availability (GA). + +As time passed, we - SIG Scheduling - received feedback from users, +and, as a result, we're actively working on improving the Topology Spread feature via three KEPs. +All of these features have reached beta in Kubernetes v1.27 and are enabled by default. + +This blog post introduces each feature and the use case behind each of them. + +## KEP-3022: min domains in Pod Topology Spread + +Pod Topology Spread has the `maxSkew` parameter to define the degree to which Pods may be unevenly distributed. + +But, there wasn't a way to control the number of domains over which we should spread. +Some users want to force spreading Pods over a minimum number of domains, and if there aren't enough already present, make the cluster-autoscaler provision them. + +Kubernetes v1.24 introduced the `minDomains` parameter for pod topology spread constraints, +as an alpha feature. +Via `minDomains` parameter, you can define the minimum number of domains. + +For example, assume there are 3 Nodes with the enough capacity, +and a newly created ReplicaSet has the following `topologySpreadConstraints` in its Pod template. + +```yaml +... +topologySpreadConstraints: +- maxSkew: 1 + minDomains: 5 # requires 5 Nodes at least (because each Node has a unique hostname). + whenUnsatisfiable: DoNotSchedule # minDomains is valid only when DoNotSchedule is used. + topologyKey: kubernetes.io/hostname + labelSelector: + matchLabels: + foo: bar +``` + +In this case, 3 Pods will be scheduled to those 3 Nodes, +but other 2 Pods from this replicaset will be unschedulable until more Nodes join the cluster. + +You can imagine that the cluster autoscaler provisions new Nodes based on these unschedulable Pods, +and as a result, the replicas are finally spread over 5 Nodes. + +## KEP-3094: Take taints/tolerations into consideration when calculating podTopologySpread skew + +Before this enhancement, when you deploy a pod with `podTopologySpread` configured, kube-scheduler would +take the Nodes that satisfy the Pod's nodeAffinity and nodeSelector into consideration +in filtering and scoring, but would not care about whether the node taints are tolerated by the incoming pod or not. +This may lead to a node with untolerated taint as the only candidate for spreading, and as a result, +the pod will stuck in Pending if it doesn't tolerate the taint. + +To allow more fine-gained decisions about which Nodes to account for when calculating spreading skew, +Kubernetes 1.25 introduced two new fields within `topologySpreadConstraints` to define node inclusion policies: +`nodeAffinityPolicy` and `nodeTaintPolicy`. + +A manifest that applies these policies looks like the following: + +```yaml +apiVersion: v1 +kind: Pod +metadata: + name: example-pod +spec: + # Configure a topology spread constraint + topologySpreadConstraints: + - maxSkew: + # ... + nodeAffinityPolicy: [Honor|Ignore] + nodeTaintsPolicy: [Honor|Ignore] + # other Pod fields go here +``` + +The `nodeAffinityPolicy` field indicates how Kubernetes treats a Pod's `nodeAffinity` or `nodeSelector` for +pod topology spreading. +If `Honor`, kube-scheduler filters out nodes not matching `nodeAffinity`/`nodeSelector` in the calculation of +spreading skew. +If `Ignore`, all nodes will be included, regardless of whether they match the Pod's `nodeAffinity`/`nodeSelector` +or not. + +For backwards compatibility, `nodeAffinityPolicy` defaults to `Honor`. + +The `nodeTaintsPolicy` field defines how Kubernetes considers node taints for pod topology spreading. +If `Honor`, only tainted nodes for which the incoming pod has a toleration, will be included in the calculation of spreading skew. +If `Ignore`, kube-scheduler will not consider the node taints at all in the calculation of spreading skew, so a node with +pod untolerated taint will also be included. + +For backwards compatibility, `nodeTaintsPolicy` defaults to `Ignore`. + +The feature was introduced in v1.25 as alpha. By default, it was disabled, so if you want to use this feature in v1.25, +you had to explictly enable the feature gate `NodeInclusionPolicyInPodTopologySpread`. In the following v1.26 +release, that associated feature graduated to beta and is enabled by default. + +## KEP-3243: Respect Pod topology spread after rolling upgrades + +Pod Topology Spread uses the field `labelSelector` to identify the group of pods over which +spreading will be calculated. When using topology spreading with Deployments, it is common +practice to use the `labelSelector` of the Deployment as the `labelSelector` in the topology +spread constraints. However, this implies that all pods of a Deployment are part of the spreading +calculation, regardless of whether they belong to different revisions. As a result, when a new revision +is rolled out, spreading will apply across pods from both the old and new ReplicaSets, and so by the +time the new ReplicaSet is completely rolled out and the old one is rolled back, the actual spreading +we are left with may not match expectations because the deleted pods from the older ReplicaSet will cause +skewed distribution for the remaining pods. To avoid this problem, in the past users needed to add a +revision label to Deployment and update it manually at each rolling upgrade (both the label on the +pod template and the `labelSelector` in the `topologySpreadConstraints`). + +To solve this problem with a simpler API, Kubernetes v1.25 introduced a new field named +`matchLabelKeys` to `topologySpreadConstraints`. `matchLabelKeys` is a list of pod label keys to select +the pods over which spreading will be calculated. The keys are used to lookup values from the labels of +the Pod being scheduled, those key-value labels are ANDed with `labelSelector` to select the group of +existing pods over which spreading will be calculated for the incoming pod. + +With `matchLabelKeys`, you don't need to update the `pod.spec` between different revisions. +The controller or operator managing rollouts just needs to set different values to the same label key for different revisions. +The scheduler will assume the values automatically based on `matchLabelKeys`. +For example, if you are configuring a Deployment, you can use the label keyed with +[pod-template-hash](/docs/concepts/workloads/controllers/deployment/#pod-template-hash-label), +which is added automatically by the Deployment controller, to distinguish between different +revisions in a single Deployment. + +```yaml +topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: foo + matchLabelKeys: + - pod-template-hash +``` + +## Getting involved + +These features are managed by Kubernetes [SIG Scheduling](https://github.com/kubernetes/community/tree/master/sig-scheduling). + +Please join us and share your feedback. We look forward to hearing from you! + +## How can I learn more? + +- [Pod Topology Spread Constraints](/docs/concepts/scheduling-eviction/topology-spread-constraints/) in the Kubernetes documentation +- [KEP-3022: min domains in Pod Topology Spread](https://github.com/kubernetes/enhancements/tree/master/keps/sig-scheduling/3022-min-domains-in-pod-topology-spread) +- [KEP-3094: Take taints/tolerations into consideration when calculating PodTopologySpread skew](https://github.com/kubernetes/enhancements/tree/master/keps/sig-scheduling/3094-pod-topology-spread-considering-taints) +- [KEP-3243: Respect PodTopologySpread after rolling upgrades](https://github.com/kubernetes/enhancements/tree/master/keps/sig-scheduling/3243-respect-pod-topology-spread-after-rolling-upgrades) \ No newline at end of file diff --git a/content/en/blog/_posts/2023-04-18-efficient-selinux-relabeling-beta.md b/content/en/blog/_posts/2023-04-18-efficient-selinux-relabeling-beta.md new file mode 100644 index 00000000000..c9f437a4806 --- /dev/null +++ b/content/en/blog/_posts/2023-04-18-efficient-selinux-relabeling-beta.md @@ -0,0 +1,120 @@ +--- +layout: blog +title: "Kubernetes 1.27: Efficient SELinux volume relabeling (Beta)" +date: 2023-04-18T10:00:00-08:00 +slug: kubernetes-1-27-efficient-selinux-relabeling-beta +--- + +**Author:** Jan Šafránek (Red Hat) + +# The problem + +On Linux with Security-Enhanced Linux (SELinux) enabled, it's traditionally +the container runtime that applies SELinux labels to a Pod and all its volumes. +Kubernetes only passes the SELinux label from a Pod's `securityContext` fields +to the container runtime. + +The container runtime then recursively changes SELinux label on all files that +are visible to the Pod's containers. This can be time-consuming if there are +many files on the volume, especially when the volume is on a remote filesystem. + +{{% alert title="Note" color="info" %}} +If a container uses `subPath` of a volume, only that `subPath` of the whole +volume is relabeled. This allows two pods that have two different SELinux labels +to use the same volume, as long as they use different subpaths of it. +{{% /alert %}} + +If a Pod does not have any SELinux label assigned in Kubernetes API, the +container runtime assigns a unique random one, so a process that potentially +escapes the container boundary cannot access data of any other container on the +host. The container runtime still recursively relabels all pod volumes with this +random SELinux label. + +# Improvement using mount options + +If a Pod and its volume meet **all** of the following conditions, Kubernetes will +_mount_ the volume directly with the right SELinux label. Such mount will happen +in a constant time and the container runtime will not need to recursively +relabel any files on it. + +1. The operating system must support SELinux. + + Without SELinux support detected, kubelet and the container runtime do not + do anything with regard to SELinux. + +1. The [feature gates](/docs/reference/command-line-tools-reference/feature-gates/) + `ReadWriteOncePod` and `SELinuxMountReadWriteOncePod` must be enabled. + These feature gates are Beta in Kubernetes 1.27 and Alpha in 1.25. + + With any of these feature gates disabled, SELinux labels will be always + applied by the container runtime by a recursive walk through the volume + (or its subPaths). + +1. The Pod must have at least `seLinuxOptions.level` assigned in its [Pod Security Context](/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) or all Pod containers must have it set in their [Security Contexts](/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1). + Kubernetes will read the default `user`, `role` and `type` from the operating + system defaults (typically `system_u`, `system_r` and `container_t`). + + Without Kubernetes knowing at least the SELinux `level`, the container + runtime will assign a random one _after_ the volumes are mounted. The + container runtime will still relabel the volumes recursively in that case. + +1. The volume must be a Persistent Volume with + [Access Mode](/docs/concepts/storage/persistent-volumes/#access-modes) + `ReadWriteOncePod`. + + This is a limitation of the initial implementation. As described above, + two Pods can have a different SELinux label and still use the same volume, + as long as they use a different `subPath` of it. This use case is not + possible when the volumes are _mounted_ with the SELinux label, because the + whole volume is mounted and most filesystems don't support mounting a single + volume multiple times with multiple SELinux labels. + + If running two Pods with two different SELinux contexts and using + different `subPaths` of the same volume is necessary in your deployments, + please comment in the [KEP](https://github.com/kubernetes/enhancements/issues/1710) + issue (or upvote any existing comment - it's best not to duplicate). + Such pods may not run when the feature is extended to cover all volume access modes. + +1. The volume plugin or the CSI driver responsible for the volume supports + mounting with SELinux mount options. + + These in-tree volume plugins support mounting with SELinux mount options: + `fc`, `iscsi`, and `rbd`. + + CSI drivers that support mounting with SELinux mount options must announce + that in their + [CSIDriver](/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1/) + instance by setting `seLinuxMount` field. + + Volumes managed by other volume plugins or CSI drivers that don't + set `seLinuxMount: true` will be recursively relabelled by the container + runtime. + +## Mounting with SELinux context + +When all aforementioned conditions are met, kubelet will +pass `-o context=` mount option to the volume plugin or CSI +driver. CSI driver vendors must ensure that this mount option is supported +by their CSI driver and, if necessary, the CSI driver appends other mount +options that are needed for `-o context` to work. + +For example, NFS may need `-o context=,nosharecache`, so each +volume mounted from the same NFS server can have a different SELinux label +value. Similarly, CIFS may need `-o context=,nosharesock`. + +It's up to the CSI driver vendor to test their CSI driver in a SELinux enabled +environment before setting `seLinuxMount: true` in the CSIDriver instance. + +# How can I learn more? +SELinux in containers: see excellent +[visual SELinux guide](https://opensource.com/business/13/11/selinux-policy-guide) +by Daniel J Walsh. Note that the guide is older than Kubernetes, it describes +*Multi-Category Security* (MCS) mode using virtual machines as an example, +however, a similar concept is used for containers. + +See a series of blog posts for details how exactly SELinux is applied to +containers by container runtimes: +* [How SELinux separates containers using Multi-Level Security](https://www.redhat.com/en/blog/how-selinux-separates-containers-using-multi-level-security) +* [Why you should be using Multi-Category Security for your Linux containers](https://www.redhat.com/en/blog/why-you-should-be-using-multi-category-security-your-linux-containers) + +Read the KEP: [Speed up SELinux volume relabeling using mounts](https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1710-selinux-relabeling) diff --git a/content/en/blog/_posts/2023-04-20-read-write-once-pod-access-mode-beta.md b/content/en/blog/_posts/2023-04-20-read-write-once-pod-access-mode-beta.md new file mode 100644 index 00000000000..1e3f83d806d --- /dev/null +++ b/content/en/blog/_posts/2023-04-20-read-write-once-pod-access-mode-beta.md @@ -0,0 +1,105 @@ +--- +layout: blog +title: "Kubernetes 1.27: Single Pod Access Mode for PersistentVolumes Graduates to Beta" +date: 2023-04-20 +slug: read-write-once-pod-access-mode-beta +--- + +**Author:** Chris Henzie (Google) + +With the release of Kubernetes v1.27 the ReadWriteOncePod feature has graduated +to beta. In this blog post, we'll take a closer look at this feature, what it +does, and how it has evolved in the beta release. + +## What is ReadWriteOncePod? + +ReadWriteOncePod is a new access mode for +[PersistentVolumes](/docs/concepts/storage/persistent-volumes/#persistent-volumes) (PVs) +and [PersistentVolumeClaims](/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) (PVCs) +introduced in Kubernetes v1.22. This access mode enables you to restrict volume +access to a single pod in the cluster, ensuring that only one pod can write to +the volume at a time. This can be particularly useful for stateful workloads +that require single-writer access to storage. + +For more context on access modes and how ReadWriteOncePod works read +[What are access modes and why are they important?](/blog/2021/09/13/read-write-once-pod-access-mode-alpha/#what-are-access-modes-and-why-are-they-important) +in the _Introducing Single Pod Access Mode for PersistentVolumes_ article from 2021. + +## Changes in the ReadWriteOncePod beta + +The ReadWriteOncePod beta adds support for +[scheduler preemption](/docs/concepts/scheduling-eviction/pod-priority-preemption/) +of pods using ReadWriteOncePod PVCs. + +Scheduler preemption allows higher-priority pods to preempt lower-priority pods, +so that they can start running on the same node. With this release, pods using +ReadWriteOncePod PVCs can also be preempted if a higher-priority pod requires +the same PVC. + +## How can I start using ReadWriteOncePod? + +With ReadWriteOncePod now in beta, it will be enabled by default in cluster +versions v1.27 and beyond. + +Note that ReadWriteOncePod is +[only supported for CSI volumes](/docs/concepts/storage/persistent-volumes/#access-modes). +Before using this feature you will need to update the following +[CSI sidecars](https://kubernetes-csi.github.io/docs/sidecar-containers.html) +to these versions or greater: + +- [csi-provisioner:v3.0.0+](https://github.com/kubernetes-csi/external-provisioner/releases/tag/v3.0.0) +- [csi-attacher:v3.3.0+](https://github.com/kubernetes-csi/external-attacher/releases/tag/v3.3.0) +- [csi-resizer:v1.3.0+](https://github.com/kubernetes-csi/external-resizer/releases/tag/v1.3.0) + +To start using ReadWriteOncePod, create a PVC with the ReadWriteOncePod access mode: + +```yaml +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: single-writer-only +spec: + accessModes: + - ReadWriteOncePod # Allow only a single pod to access single-writer-only. + resources: + requests: + storage: 1Gi +``` + +If your storage plugin supports +[dynamic provisioning](/docs/concepts/storage/dynamic-provisioning/), +new PersistentVolumes will be created with the ReadWriteOncePod access mode applied. + +Read [Migrating existing PersistentVolumes](/blog/2021/09/13/read-write-once-pod-access-mode-alpha/#migrating-existing-persistentvolumes) +for details on migrating existing volumes to use ReadWriteOncePod. + +## How can I learn more? + +Please see the [alpha blog post](/blog/2021/09/13/read-write-once-pod-access-mode-alpha) +and [KEP-2485](https://github.com/kubernetes/enhancements/blob/master/keps/sig-storage/2485-read-write-once-pod-pv-access-mode/README.md) +for more details on the ReadWriteOncePod access mode and motivations for CSI spec changes. + +## How do I get involved? + +The [Kubernetes #csi Slack channel](https://kubernetes.slack.com/messages/csi) +and any of the standard +[SIG Storage communication channels](https://github.com/kubernetes/community/blob/master/sig-storage/README.md#contact) +are great mediums to reach out to the SIG Storage and the CSI teams. + +Special thanks to the following people whose thoughtful reviews and feedback helped shape this feature: + +* Abdullah Gharaibeh (ahg-g) +* Aldo Culquicondor (alculquicondor) +* Antonio Ojea (aojea) +* David Eads (deads2k) +* Jan Šafránek (jsafrane) +* Joe Betz (jpbetz) +* Kante Yin (kerthcet) +* Michelle Au (msau42) +* Tim Bannister (sftim) +* Xing Yang (xing-yang) + +If you’re interested in getting involved with the design and development of CSI +or any part of the Kubernetes storage system, join the +[Kubernetes Storage Special Interest Group](https://github.com/kubernetes/community/tree/master/sig-storage) (SIG). +We’re rapidly growing and always welcome new contributors. diff --git a/content/en/blog/_posts/2023-04-21-node-log-query-alpha.md b/content/en/blog/_posts/2023-04-21-node-log-query-alpha.md new file mode 100644 index 00000000000..5791f865a4f --- /dev/null +++ b/content/en/blog/_posts/2023-04-21-node-log-query-alpha.md @@ -0,0 +1,78 @@ +--- +layout: blog +title: "Kubernetes 1.27: Query Node Logs Using The Kubelet API" +date: 2023-04-21 +slug: node-log-query-alpha +--- + +**Author:** Aravindh Puthiyaparambil (Red Hat) + +Kubernetes 1.27 introduced a new feature called _Node log query_ that allows +viewing logs of services running on the node. + +## What problem does it solve? +Cluster administrators face issues when debugging malfunctioning services +running on the node. They usually have to SSH or RDP into the node to view the +logs of the service to debug the issue. The _Node log query_ feature helps with +this scenario by allowing the cluster administrator to view the logs using +_kubectl_. This is especially useful with Windows nodes where you run into the +issue of the node going to the ready state but containers not coming up due to +CNI misconfigurations and other issues that are not easily identifiable by +looking at the Pod status. + +## How does it work? + +The kubelet already has a _/var/log/_ viewer that is accessible via the node +proxy endpoint. The feature supplements this endpoint with a shim that shells +out to `journalctl`, on Linux nodes, and the `Get-WinEvent` cmdlet on Windows +nodes. It then uses the existing filters provided by the commands to allow +filtering the logs. The kubelet also uses heuristics to retrieve the logs. +If the user is not aware if a given system services logs to a file or to the +native system logger, the heuristics first checks the native operating system +logger and if that is not available it attempts to retrieve the first logs +from `/var/log/` or `/var/log/.log` or +`/var/log//.log`. + +On Linux we assume that service logs are available via journald, and that +`journalctl` is installed. On Windows we assume that service logs are available +in the application log provider. Also note that fetching node logs is only +available if you are authorized to do so (in RBAC, that's **get** and +**create** access to `nodes/proxy`). The privileges that you need to fetch node +logs also allow elevation-of-privilege attacks, so be careful about how you +manage them. + +## How do I use it? + +To use the feature, ensure that the `NodeLogQuery` +[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) is +enabled for that node, and that the kubelet configuration options +`enableSystemLogHandler` and `enableSystemLogQuery` are both set to true. You can +then query the logs from all your nodes or just a subset. Here is an example to +retrieve the kubelet service logs from a node: +```shell +# Fetch kubelet logs from a node named node-1.example +kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet" +``` + +You can further filter the query to narrow down the results: +```shell +# Fetch kubelet logs from a node named node-1.example that have the word "error" +kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet&pattern=error" +``` + +You can also fetch files from `/var/log/` on a Linux node: +```shell +kubectl get --raw "/api/v1/nodes//proxy/logs/?query=/" +``` + +You can read the +[documentation](/docs/concepts/cluster-administration/system-logs/#log-query) +for all the available options. + +## How do I help? + +Please use the feature and provide feedback by opening GitHub issues or +reaching out to us on the +[#sig-windows](https://kubernetes.slack.com/archives/C0SJ4AFB7) channel on the +Kubernetes Slack or the SIG Windows +[mailing list](https://groups.google.com/g/kubernetes-sig-windows). diff --git a/content/en/blog/_posts/2023-04-24-openapi-v3-field-validation-ga.md b/content/en/blog/_posts/2023-04-24-openapi-v3-field-validation-ga.md new file mode 100644 index 00000000000..79546bec2ce --- /dev/null +++ b/content/en/blog/_posts/2023-04-24-openapi-v3-field-validation-ga.md @@ -0,0 +1,133 @@ +--- +layout: blog +title: "Kubernetes 1.27: Server Side Field Validation and OpenAPI V3 move to GA" +date: 2023-04-24 +slug: openapi-v3-field-validation-ga +--- + +**Author**: Jeffrey Ying (Google), Antoine Pelisse (Google) + +Before Kubernetes v1.8 (!), typos, mis-indentations or minor errors in +YAMLs could have catastrophic consequences (e.g. a typo like +forgetting the trailing s in `replica: 1000` could cause an outage, +because the value would be ignored and missing, forcing a reset of +replicas back to 1). This was solved back then by fetching the OpenAPI +v2 in kubectl and using it to verify that fields were correct and +present before applying. Unfortunately, at that time, Custom Resource +Definitions didn’t exist, and the code was written under that +assumption. When CRDs were later introduced, the lack of flexibility +in the validation code forced some hard decisions in the way CRDs +exposed their schema, leaving us in a cycle of bad validation causing +bad OpenAPI and vice-versa. With the new OpenAPI v3 and Server Field +Validation being GA in 1.27, we’ve now solved both of these problems. + +Server Side Field Validation offers resource validation on create, +update and patch requests to the apiserver and was added to Kubernetes +in v1.25, beta in v1.26 and is now GA in v1.27. It provides all the +functionality of kubectl validate on the server side. + +[OpenAPI](https://swagger.io/specification/) is a standard, language +agnostic interface for discovering the set of operations and types +that a Kubernetes cluster supports. OpenAPI V3 is the latest standard +of the OpenAPI and is an improvement upon [OpenAPI +V2](https://kubernetes.io/blog/2016/12/kubernetes-supports-openapi/) +which has been supported since Kubernetes 1.5. OpenAPI V3 support was +added in Kubernetes in v1.23, moved to beta in v1.24 and is now GA in +v1.27. + +## OpenAPI V3 + +### What does OpenAPI V3 offer over V2 + +#### Built-in types + +Kubernetes offers certain annotations on fields that are not +representable in OpenAPI V2, or sometimes not represented in the +OpenAPI v2 that Kubernetes generate. Most notably, the "default" field +is published in OpenAPI V3 while omitted in OpenAPI V2. A single type +that can represent multiple types is also expressed correctly in +OpenAPI V3 with the oneOf field. This includes proper representations +for IntOrString and Quantity. + +#### Custom Resource Definitions + +In Kubernetes, Custom Resource Definitions use a structural OpenAPI V3 +schema that cannot be represented as OpenAPI V2 without a loss of +certain fields. Some of these include nullable, default, anyOf, oneOf, +not, etc. OpenAPI V3 is a completely lossless representation of the +CustomResourceDefinition structural schema. + +### How do I use it? + +The OpenAPI V3 root discovery can be found at the `/openapi/v3` +endpoint of a Kubernetes API server. OpenAPI V3 documents are grouped +by group-version to reduce the size of the data transported, the +separate documents can be accessed at +`/openapi/v3/apis//` and `/openapi/v3/api/v1` +representing the legacy group version. Please refer to the [Kubernetes +API Documentation](/docs/concepts/overview/kubernetes-api/) for more +information around this endpoint. + +Various consumers of the OpenAPI have already been updated to consume +v3, including the entirety of kubectl, and server side apply. An +OpenAPI V3 Golang client is available in +[client-go](https://github.com/kubernetes/client-go/blob/release-1.27/openapi3/root.go). + +## Server Side Field Validation + +The query parameter `fieldValidation` may be used to indicate the +level of field validation the server should perform. If the parameter +is not passed, server side field validation is in `Warn` mode by +default. + +- Strict: Strict field validation, errors on validation failure +- Warn: Field validation is performed, but errors are exposed as + warnings rather than failing the request +- Ignore: No server side field validation is performed + +kubectl will skip client side validation and will automatically use +server side field validation in `Strict` mode. Controllers by default +use server side field validation in `Warn` mode. + +With client side validation, we had to be extra lenient because some +fields were missing from OpenAPI V2 and we didn’t want to reject +possibly valid objects. This is all fixed in server side validation. +Additional documentation may be found +[here](/docs/reference/using-api/api-concepts/#field-validation) + +## What's next? + +With Server Side Field Validation and OpenAPI V3 released as GA, we +introduce more accurate representations of Kubernetes resources. It is +recommended to use server side field validation over client side, but +with OpenAPI V3, clients are free to implement their own validation if +necessary (to “shift things left”) and we guarantee a full lossless +schema published by OpenAPI. + +Some existing efforts will further improve the information available +through OpenAPI including [CEL validation and +admission](/docs/reference/using-api/cel/), along with OpenAPI +annotations on built-in types. + +Many other tools can be built for authoring and transforming resources +using the type information found in the OpenAPI v3. + +## How to get involved? + +These two features are driven by the SIG API Machinery community, +available on the slack channel \#sig-api-machinery, through the +[mailing +list](https://groups.google.com/g/kubernetes-sig-api-machinery) and we +meet every other Wednesday at 11:00 AM PT on Zoom. + +We offer a huge thanks to all the contributors who helped design, +implement, and review these two features. + +- Alexander Zielenski +- Antoine Pelisse +- Daniel Smith +- David Eads +- Jeffrey Ying +- Jordan Liggitt +- Kevin Delgado +- Sean Sullivan diff --git a/content/en/blog/_posts/2023-04-25-Updates-to-the-Auto-refreshing-Official-CVE-Feed/index.md b/content/en/blog/_posts/2023-04-25-Updates-to-the-Auto-refreshing-Official-CVE-Feed/index.md new file mode 100644 index 00000000000..846369d082d --- /dev/null +++ b/content/en/blog/_posts/2023-04-25-Updates-to-the-Auto-refreshing-Official-CVE-Feed/index.md @@ -0,0 +1,64 @@ +--- +layout: blog +title: Updates to the Auto-refreshing Official CVE Feed +date: 2023-04-25 +slug: k8s-cve-feed-beta +--- + +**Authors**: Cailyn Edwards (Shopify), Mahé Tardy (Isovalent), Pushkar Joglekar + +Since launching the [Auto-refreshing Official CVE feed](/docs/reference/issues-security/official-cve-feed/) as an alpha +feature in the 1.25 release, we have made significant improvements and updates. We are excited to announce the release of the +beta version of the feed. This blog post will outline the feedback received, the changes made, and talk about how you can help +as we prepare to make this a stable feature in a future Kubernetes Release. + + +## Feedback from end-users + +SIG Security received some feedback from end-users: +- The JSON CVE Feed [did not comply](https://github.com/kubernetes/website/issues/36808) + with the [JSON Feed specification](https://www.jsonfeed.org/) as its name would suggest. +- The feed could also [support RSS](https://github.com/kubernetes/sig-security/issues/77) + in addition to JSON Feed format. +- Some metadata could be [added](https://github.com/kubernetes/sig-security/issues/72) to indicate the freshness of + the feed overall, or [specific CVEs](https://github.com/kubernetes/sig-security/issues/63). Another suggestion was + to [indicate](https://github.com/kubernetes/sig-security/issues/71) which Prow job recently updated the feed. See + more ideas directly on the [the umbrella issue](https://github.com/kubernetes/sig-security/issues/1). +- The feed Markdown table on the website [should be ordered](https://github.com/kubernetes/sig-security/issues/73) + from the most recent to the least recently announced CVE. + +## Summary of changes + +In response, the SIG did a [rework of the script generating the JSON feed](https://github.com/kubernetes/sig-security/pull/76) +to comply with the JSON Feed specification from generation and add a +`last_updated` root field to indicate overall freshness. This redesign needed a +[corresponding fix on the Kubernetes website side](https://github.com/kubernetes/website/pull/38579) +for the CVE feed page to continue to work with the new format. + +After that, [RSS feed support](https://github.com/kubernetes/website/pull/39513) +could be added transparently so that end-users can consume the feed in their +preferred format. + +Overall, the redesign based on the JSON Feed specification, which this time broke +backward compatibility, will allow updates in the future to address the rest of +the issue while being more transparent and less disruptive to end-users. + +### Updates +| **Title** | **Issue** | **Status** | +| ------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| CVE Feed: JSON feed should pass jsonfeed spec validator | [kubernetes/webite#36808](https://github.com/kubernetes/website/issues/36808) | closed, addressed by [kubernetes/sig-security#76](https://github.com/kubernetes/sig-security/pull/76) | +| CVE Feed: Add lastUpdatedAt as a metadata field | [kubernetes/sig-security#72](https://github.com/kubernetes/sig-security/issues/72) | closed, addressed by [kubernetes/sig-security#76](https://github.com/kubernetes/sig-security/pull/76) | +| Support RSS feeds by generating data in Atom format | [kubernetes/sig-security#77](https://github.com/kubernetes/sig-security/issues/77) | closed, addressed by [kubernetes/website#39513](https://github.com/kubernetes/website/pull/39513)| +| CVE Feed: Sort Markdown Table from most recent to least recently announced CVE | [kubernetes/sig-security#73](https://github.com/kubernetes/sig-security/issues/73) | closed, addressed by [kubernetes/sig-security#76](https://github.com/kubernetes/sig-security/pull/76) | +| CVE Feed: Include a timestamp field for each CVE indicating when it was last updated | [kubernetes/sig-security#63](https://github.com/kubernetes/sig-security/issues/63) | closed, addressed by [kubernetes/sig-security#76](https://github.com/kubernetes/sig-security/pull/76) | +| CVE Feed: Add Prow job link as a metadata field | [kubernetes/sig-security#71](https://github.com/kubernetes/sig-security/issues/71) | closed, addressed by [kubernetes/sig-security#83](https://github.com/kubernetes/sig-security/pull/83) | + +## What's next? + +In preparation to [graduate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/#feature-stages) the feed +to stable i.e. `General Availability` stage, SIG Security is still gathering feedback from end users who are using the updated beta feed. + +To help us continue to improve the feed in future Kubernetes Releases please share feedback by adding a comment to +this [tracking issue](https://github.com/kubernetes/sig-security/issues/1) or +let us know on [#sig-security-tooling](https://kubernetes.slack.com/archives/C01CUSVMHPY) +Kubernetes Slack channel, join [Kubernetes Slack here](https://slack.k8s.io). \ No newline at end of file diff --git a/content/en/blog/_posts/2023-05-09-Safer-More-Performant-Pruning-in-kubectl-apply.md b/content/en/blog/_posts/2023-05-09-Safer-More-Performant-Pruning-in-kubectl-apply.md new file mode 100644 index 00000000000..d8d1b9a138c --- /dev/null +++ b/content/en/blog/_posts/2023-05-09-Safer-More-Performant-Pruning-in-kubectl-apply.md @@ -0,0 +1,71 @@ +--- +layout: blog +title: "Kubernetes 1.27: Safer, More Performant Pruning in kubectl apply" +date: 2023-05-09 +slug: introducing-kubectl-applyset-pruning +--- + +**Authors:** Katrina Verey (Shopify) and Justin Santa Barbara (Google) + +Declarative configuration management with the `kubectl apply` command is the gold standard approach +to creating or modifying Kubernetes resources. However, one challenge it presents is the deletion +of resources that are no longer needed. In Kubernetes version 1.5, the `--prune` flag was +introduced to address this issue, allowing kubectl apply to automatically clean up previously +applied resources removed from the current configuration. + +Unfortunately, that existing implementation of `--prune` has design flaws that diminish its +performance and can result in unexpected behaviors. The main issue stems from the lack of explicit +encoding of the previously applied set by the preceding `apply` operation, necessitating +error-prone dynamic discovery. Object leakage, inadvertent over-selection of resources, and limited +compatibility with custom resources are a few notable drawbacks of this implementation. Moreover, +its coupling to client-side apply hinders user upgrades to the superior server-side apply +mechanism. + +Version 1.27 of `kubectl` introduces an alpha version of a revamped pruning implementation that +addresses these issues. This new implementation, based on a concept called _ApplySet_, promises +better performance and safety. + +An _ApplySet_ is a group of resources associated with a _parent_ object on the cluster, as +identified and configured through standardized labels and annotations. Additional standardized +metadata allows for accurate identification of ApplySet _member_ objects within the cluster, +simplifying operations like pruning. + +To leverage ApplySet-based pruning, set the `KUBECTL_APPLYSET=true` environment variable and include +the flags `--prune` and `--applyset` in your `kubectl apply` invocation: + +```shell +KUBECTL_APPLYSET=true kubectl apply -f --prune --applyset= +``` + +By default, ApplySet uses a Secret as the parent object. However, you can also use +a ConfigMap with the format `--applyset=configmaps/`. If your desired Secret or +ConfigMap object does not yet exist, `kubectl` will create it for you. Furthermore, custom +resources can be enabled for use as ApplySet parent objects. + +The ApplySet implementation is based on a new low-level specification that can support higher-level +ecosystem tools by improving their interoperability. The lightweight nature of this specification +enables these tools to continue to use existing object grouping systems while opting in to +ApplySet's metadata conventions to prevent inadvertent changes by other tools (such as `kubectl`). + +ApplySet-based pruning offers a promising solution to the shortcomings of the previous `--prune` +implementation in `kubectl` and can help streamline your Kubernetes resource management. Please +give this new feature a try and share your experiences with the community—ApplySet is under active +development, and your feedback is invaluable! + + +### Additional resources + +- For more information how to use ApplySet-based pruning, read + [Declarative Management of Kubernetes Objects Using Configuration Files](/docs/tasks/manage-kubernetes-objects/declarative-config/) in the Kubernetes documentation. +- For a deeper dive into the technical design of this feature or to learn how to implement the + ApplySet specification in your own tools, refer to [KEP 3659](https://git.k8s.io/enhancements/keps/sig-cli/3659-kubectl-apply-prune/README.md): + _ApplySet: `kubectl apply --prune` redesign and graduation strategy_. + + +### How do I get involved? + +If you want to get involved in ApplySet development, you can get in touch with the developers at +[SIG CLI](https://git.k8s.io/community/sig-cli). To provide feedback on the feature, please +[file a bug](https://github.com/kubernetes/kubectl/issues/new?assignees=knverey,justinsb&labels=kind%2Fbug&template=bug-report.md) +or [request an enhancement](https://github.com/kubernetes/kubectl/issues/new?assignees=knverey,justinsb&labels=kind%2Fbug&template=enhancement.md) +on the `kubernetes/kubectl` repository. diff --git a/content/en/blog/_posts/2023-05-11-nodeport-dynamic-and-static-allocation.md b/content/en/blog/_posts/2023-05-11-nodeport-dynamic-and-static-allocation.md new file mode 100644 index 00000000000..78c2ca1d2fa --- /dev/null +++ b/content/en/blog/_posts/2023-05-11-nodeport-dynamic-and-static-allocation.md @@ -0,0 +1,173 @@ +--- +layout: blog +title: "Kubernetes 1.27: Avoid Collisions Assigning Ports to NodePort Services" +date: 2023-05-11 +slug: nodeport-dynamic-and-static-allocation +--- + +**Author:** Xu Zhenglun (Alibaba) + +In Kubernetes, a Service can be used to provide a unified traffic endpoint for +applications running on a set of Pods. Clients can use the virtual IP address (or _VIP_) provided +by the Service for access, and Kubernetes provides load balancing for traffic accessing +different back-end Pods, but a ClusterIP type of Service is limited to providing access to +nodes within the cluster, while traffic from outside the cluster cannot be routed. +One way to solve this problem is to use a `type: NodePort` Service, which sets up a mapping +to a specific port of all nodes in the cluster, thus redirecting traffic from the +outside to the inside of the cluster. + +## How Kubernetes allocates node ports to Services? + +When a `type: NodePort` Service is created, its corresponding port(s) are allocated in one +of two ways: + +- **Dynamic** : If the Service type is `NodePort` and you do not set a `nodePort` + value explicitly in the `spec` for that Service, the Kubernetes control plane will + automatically allocate an unused port to it at creation time. + +- **Static** : In addition to the dynamic auto-assignment described above, you can also + explicitly assign a port that is within the nodeport port range configuration. + +The value of `nodePort` that you manually assign must be unique across the whole cluster. +Attempting to create a Service of `type: NodePort` where you explicitly specify a node port that +was already allocated results in an error. + +## Why do you need to reserve ports of NodePort Service? +Sometimes, you may want to have a NodePort Service running on well-known ports +so that other components and users inside o r outside the cluster can use them. + +In some complex cluster deployments with a mix of Kubernetes nodes and other servers on the same network, +it may be necessary to use some pre-defined ports for communication. In particular, some fundamental +components cannot rely on the VIPs that back `type: LoadBalancer` Services +because the virtual IP address mapping implementation for that cluster also relies on +these foundational components. + +Now suppose you need to expose a Minio object storage service on Kubernetes to clients +running outside the Kubernetes cluster, and the agreed port is `30009`, we need to +create a Service as follows: + +```yaml +apiVersion: v1 +kind: Service +metadata: + name: minio +spec: + ports: + - name: api + nodePort: 30009 + port: 9000 + protocol: TCP + targetPort: 9000 + selector: + app: minio + type: NodePort +``` + +However, as mentioned before, if the port (30009) required for the `minio` Service is not reserved, +and another `type: NodePort` (or possibly `type: LoadBalancer`) Service is created and dynamically +allocated before or concurrently with the `minio` Service, TCP port 30009 might be allocated to that +other Service; if so, creation of the `minio` Service will fail due to a node port collision. + +## How can you avoid NodePort Service port conflicts? +Kubernetes 1.24 introduced changes for `type: ClusterIP` Services, dividing the CIDR range for cluster +IP addresses into two blocks that use different allocation policies to [reduce the risk of conflicts](/docs/reference/networking/virtual-ips/#avoiding-collisions). +In Kubernetes 1.27, as an alpha feature, you can adopt a similar policy for `type: NodePort` Services. +You can enable a new [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) +`ServiceNodePortStaticSubrange`. Turning this on allows you to use a different port allocation strategy +for `type: NodePort` Services, and reduce the risk of collision. + +The port range for `NodePort` will be divided, based on the formula `min(max(16, nodeport-size / 32), 128)`. +The outcome of the formula will be a number between 16 and 128, with a step size that increases as the +size of the nodeport range increases. The outcome of the formula determine that the size of static port +range. When the port range is less than 16, the size of static port range will be set to 0, +which means that all ports will be dynamically allocated. + +Dynamic port assignment will use the upper band by default, once this has been exhausted it will use the lower range. +This will allow users to use static allocations on the lower band with a low risk of collision. + +## Examples + +### default range: 30000-32767 +| Range properties | Values | +|-------------------------|-------------------------------------------------------| +| service-node-port-range | 30000-32767 | +| Band Offset |   `min(max(16, 2768/32), 128)`
= `min(max(16, 86), 128)`
= `min(86, 128)`
= 86 | +| Static band start | 30000 | +| Static band end | 30085 | +| Dynamic band start | 30086 | +| Dynamic band end | 32767 | + +{{< mermaid >}} +pie showData + title 30000-32767 + "Static" : 86 + "Dynamic" : 2682 +{{< /mermaid >}} + +### very small range: 30000-30015 +| Range properties | Values | +|-------------------------|-------------------------------------------------------| +| service-node-port-range | 30000-30015 | +| Band Offset | 0 | +| Static band start | - | +| Static band end | - | +| Dynamic band start | 30000 | +| Dynamic band end | 30015 | + +{{< mermaid >}} +pie showData + title 30000-30015 + "Static" : 0 + "Dynamic" : 16 +{{< /mermaid >}} + +### small(lower boundary) range: 30000-30127 +| Range properties | Values | +|-------------------------|-------------------------------------------------------| +| service-node-port-range | 30000-30127 | +| Band Offset |   `min(max(16, 128/32), 128)`
= `min(max(16, 4), 128)`
= `min(16, 128)`
= 16 | +| Static band start | 30000 | +| Static band end | 30015 | +| Dynamic band start | 30016 | +| Dynamic band end | 30127 | + +{{< mermaid >}} +pie showData + title 30000-30127 + "Static" : 16 + "Dynamic" : 112 +{{< /mermaid >}} + +### large(upper boundary) range: 30000-34095 +| Range properties | Values | +|-------------------------|-------------------------------------------------------| +| service-node-port-range | 30000-34095 | +| Band Offset |   `min(max(16, 4096/32), 128)`
= `min(max(16, 128), 128)`
= `min(128, 128)`
= 128 | +| Static band start | 30000 | +| Static band end | 30127 | +| Dynamic band start | 30128 | +| Dynamic band end | 34095 | + +{{< mermaid >}} +pie showData + title 30000-34095 + "Static" : 128 + "Dynamic" : 3968 +{{< /mermaid >}} + +### very large range: 30000-38191 +| Range properties | Values | +|-------------------------|-------------------------------------------------------| +| service-node-port-range | 30000-38191 | +| Band Offset |   `min(max(16, 8192/32), 128)`
= `min(max(16, 256), 128)`
= `min(256, 128)`
= 128 | +| Static band start | 30000 | +| Static band end | 30127 | +| Dynamic band start | 30128 | +| Dynamic band end | 38191 | + +{{< mermaid >}} +pie showData + title 30000-38191 + "Static" : 128 + "Dynamic" : 8064 +{{< /mermaid >}} \ No newline at end of file diff --git a/content/en/docs/concepts/architecture/nodes.md b/content/en/docs/concepts/architecture/nodes.md index 944083bc4d0..6f4f0216375 100644 --- a/content/en/docs/concepts/architecture/nodes.md +++ b/content/en/docs/concepts/architecture/nodes.md @@ -93,7 +93,15 @@ For self-registration, the kubelet is started with the following options: {{< glossary_tooltip text="taints" term_id="taint" >}} (comma separated `=:`). No-op if `register-node` is false. -- `--node-ip` - IP address of the node. +- `--node-ip` - Optional comma-separated list of the IP addresses for the node. + You can only specify a single address for each address family. + For example, in a single-stack IPv4 cluster, you set this value to be the IPv4 address that the + kubelet should use for the node. + See [configure IPv4/IPv6 dual stack](/docs/concepts/services-networking/dual-stack/#configure-ipv4-ipv6-dual-stack) + for details of running a dual-stack cluster. + + If you don't provide this argument, the kubelet uses the node's default IPv4 address, if any; + if the node has no IPv4 addresses then the kubelet uses the node's default IPv6 address. - `--node-labels` - {{< glossary_tooltip text="Labels" term_id="label" >}} to add when registering the node in the cluster (see label restrictions enforced by the [NodeRestriction admission plugin](/docs/reference/access-authn-authz/admission-controllers/#noderestriction)). @@ -215,34 +223,20 @@ of the Node resource. For example, the following JSON structure describes a heal ] ``` -If the `status` of the Ready condition remains `Unknown` or `False` for longer -than the `pod-eviction-timeout` (an argument passed to the -{{< glossary_tooltip text="kube-controller-manager" term_id="kube-controller-manager" ->}}), then the [node controller](#node-controller) triggers -{{< glossary_tooltip text="API-initiated eviction" term_id="api-eviction" >}} -for all Pods assigned to that node. The default eviction timeout duration is -**five minutes**. -In some cases when the node is unreachable, the API server is unable to communicate -with the kubelet on the node. The decision to delete the pods cannot be communicated to -the kubelet until communication with the API server is re-established. In the meantime, -the pods that are scheduled for deletion may continue to run on the partitioned node. - -The node controller does not force delete pods until it is confirmed that they have stopped -running in the cluster. You can see the pods that might be running on an unreachable node as -being in the `Terminating` or `Unknown` state. In cases where Kubernetes cannot deduce from the -underlying infrastructure if a node has permanently left a cluster, the cluster administrator -may need to delete the node object by hand. Deleting the node object from Kubernetes causes -all the Pod objects running on the node to be deleted from the API server and frees up their -names. - When problems occur on nodes, the Kubernetes control plane automatically creates [taints](/docs/concepts/scheduling-eviction/taint-and-toleration/) that match the conditions -affecting the node. -The scheduler takes the Node's taints into consideration when assigning a Pod to a Node. -Pods can also have {{< glossary_tooltip text="tolerations" term_id="toleration" >}} that let -them run on a Node even though it has a specific taint. +affecting the node. An example of this is when the `status` of the Ready condition +remains `Unknown` or `False` for longer than the kube-controller-manager's `NodeMonitorGracePeriod`, +which defaults to 40 seconds. This will cause either an `node.kubernetes.io/unreachable` taint, for an `Unknown` status, +or a `node.kubernetes.io/not-ready` taint, for a `False` status, to be added to the Node. -See [Taint Nodes by Condition](/docs/concepts/scheduling-eviction/taint-and-toleration/#taint-nodes-by-condition) +These taints affect pending pods as the scheduler takes the Node's taints into consideration when +assigning a pod to a Node. Existing pods scheduled to the node may be evicted due to the application +of `NoExecute` taints. Pods may also have {{< glossary_tooltip text="tolerations" term_id="toleration" >}} that let +them schedule to and continue running on a Node even though it has a specific taint. + +See [Taint Based Evictions](/docs/concepts/scheduling-eviction/taint-and-toleration/#taint-based-evictions) and +[Taint Nodes by Condition](/docs/concepts/scheduling-eviction/taint-and-toleration/#taint-nodes-by-condition) for more details. ### Capacity and Allocatable {#capacity} diff --git a/content/en/docs/concepts/cluster-administration/system-logs.md b/content/en/docs/concepts/cluster-administration/system-logs.md index 6e731ade02b..2c7e29ab548 100644 --- a/content/en/docs/concepts/cluster-administration/system-logs.md +++ b/content/en/docs/concepts/cluster-administration/system-logs.md @@ -231,6 +231,53 @@ Similar to the container logs, you should rotate system component logs in the `/ In Kubernetes clusters created by the `kube-up.sh` script, log rotation is configured by the `logrotate` tool. The `logrotate` tool rotates logs daily, or once the log size is greater than 100MB. +## Log query + +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + +To help with debugging issues on nodes, Kubernetes v1.27 introduced a feature that allows viewing logs of services +running on the node. To use the feature, ensure that the `NodeLogQuery` +[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) is enabled for that node, and that the +kubelet configuration options `enableSystemLogHandler` and `enableSystemLogQuery` are both set to true. On Linux +we assume that service logs are available via journald. On Windows we assume that service logs are available +in the application log provider. On both operating systems, logs are also available by reading files within +`/var/log/`. + +Provided you are authorized to interact with node objects, you can try out this alpha feature on all your nodes or +just a subset. Here is an example to retrieve the kubelet service logs from a node: +```shell +# Fetch kubelet logs from a node named node-1.example +kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet" +``` + +You can also fetch files, provided that the files are in a directory that the kubelet allows for log +fetches. For example, you can fetch a log from `/var/log` on a Linux node: +```shell +kubectl get --raw "/api/v1/nodes//proxy/logs/?query=/" +``` + +The kubelet uses heuristics to retrieve logs. This helps if you are not aware whether a given system service is +writing logs to the operating system's native logger like journald or to a log file in `/var/log/`. The heuristics +first checks the native logger and if that is not available attempts to retrieve the first logs from +`/var/log/` or `/var/log/.log` or `/var/log//.log`. + +The complete list of options that can be used are: + +Option | Description +------ | ----------- +`boot` | boot show messages from a specific system boot +`pattern` | pattern filters log entries by the provided PERL-compatible regular expression +`query` | query specifies services(s) or files from which to return logs (required) +`sinceTime` | an [RFC3339](https://www.rfc-editor.org/rfc/rfc3339) timestamp from which to show logs (inclusive) +`untilTime` | an [RFC3339](https://www.rfc-editor.org/rfc/rfc3339) timestamp until which to show logs (inclusive) +`tailLines` | specify how many lines from the end of the log to retrieve; the default is to fetch the whole log + +Example of a more complex query: +```shell +# Fetch kubelet logs from a node named node-1.example that have the word "error" +kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet&pattern=error" +``` + ## {{% heading "whatsnext" %}} * Read about the [Kubernetes Logging Architecture](/docs/concepts/cluster-administration/logging/) diff --git a/content/en/docs/concepts/cluster-administration/system-traces.md b/content/en/docs/concepts/cluster-administration/system-traces.md index 04bd58ce38b..52cf194a882 100644 --- a/content/en/docs/concepts/cluster-administration/system-traces.md +++ b/content/en/docs/concepts/cluster-administration/system-traces.md @@ -9,7 +9,7 @@ weight: 90 -{{< feature-state for_k8s_version="v1.22" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} System component traces record the latency of and relationships between operations in the cluster. @@ -59,14 +59,12 @@ as the kube-apiserver is often a public endpoint. #### Enabling tracing in the kube-apiserver -To enable tracing, enable the `APIServerTracing` -[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) -on the kube-apiserver. Also, provide the kube-apiserver with a tracing configuration file +To enable tracing, provide the kube-apiserver with a tracing configuration file with `--tracing-config-file=`. This is an example config that records spans for 1 in 10000 requests, and uses the default OpenTelemetry endpoint: ```yaml -apiVersion: apiserver.config.k8s.io/v1alpha1 +apiVersion: apiserver.config.k8s.io/v1beta1 kind: TracingConfiguration # default value #endpoint: localhost:4317 @@ -74,11 +72,11 @@ samplingRatePerMillion: 100 ``` For more information about the `TracingConfiguration` struct, see -[API server config API (v1alpha1)](/docs/reference/config-api/apiserver-config.v1alpha1/#apiserver-k8s-io-v1alpha1-TracingConfiguration). +[API server config API (v1beta1)](/docs/reference/config-api/apiserver-config.v1beta1/#apiserver-k8s-io-v1beta1-TracingConfiguration). ### kubelet traces -{{< feature-state for_k8s_version="v1.25" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} The kubelet CRI interface and authenticated http servers are instrumented to generate trace spans. As with the apiserver, the endpoint and sampling rate are configurable. @@ -88,10 +86,7 @@ Enabled without a configured endpoint, the default OpenTelemetry Collector recei #### Enabling tracing in the kubelet -To enable tracing, enable the `KubeletTracing` -[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) -on the kubelet. Also, provide the kubelet with a -[tracing configuration](https://github.com/kubernetes/component-base/blob/release-1.25/tracing/api/v1/types.go). +To enable tracing, apply the [tracing configuration](https://github.com/kubernetes/component-base/blob/release-1.27/tracing/api/v1/types.go). This is an example snippet of a kubelet config that records spans for 1 in 10000 requests, and uses the default OpenTelemetry endpoint: ```yaml @@ -105,6 +100,21 @@ tracing: samplingRatePerMillion: 100 ``` +If the `samplingRatePerMillion` is set to one million (`1000000`), then every +span will be sent to the exporter. + +The kubelet in Kubernetes v{{< skew currentVersion >}} collects spans from +the garbage collection, pod synchronization routine as well as every gRPC +method. Connected container runtimes like CRI-O and containerd can link the +traces to their exported spans to provide additional context of information. + +Please note that exporting spans always comes with a small performance overhead +on the networking and CPU side, depending on the overall configuration of the +system. If there is any issue like that in a cluster which is running with +tracing enabled, then mitigate the problem by either reducing the +`samplingRatePerMillion` or disabling tracing completely by removing the +configuration. + ## Stability Tracing instrumentation is still under active development, and may change diff --git a/content/en/docs/concepts/containers/images.md b/content/en/docs/concepts/containers/images.md index 6e00eb46b67..247c8309d9e 100644 --- a/content/en/docs/concepts/containers/images.md +++ b/content/en/docs/concepts/containers/images.md @@ -157,6 +157,48 @@ that Kubernetes will keep trying to pull the image, with an increasing back-off Kubernetes raises the delay between each attempt until it reaches a compiled-in limit, which is 300 seconds (5 minutes). +## Serial and parallel image pulls + +By default, kubelet pulls images serially. In other words, kubelet sends only +one image pull request to the image service at a time. Other image pull requests +have to wait until the one being processed is complete. + +Nodes make image pull decisions in isolation. Even when you use serialized image +pulls, two different nodes can pull the same image in parallel. + +If you would like to enable parallel image pulls, you can set the field +`serializeImagePulls` to false in the [kubelet configuration](/docs/reference/config-api/kubelet-config.v1beta1/). +With `serializeImagePulls` set to false, image pull requests will be sent to the image service immediately, +and multiple images will be pulled at the same time. + +When enabling parallel image pulls, please make sure the image service of your +container runtime can handle parallel image pulls. + +The kubelet never pulls multiple images in parallel on behalf of one Pod. For example, +if you have a Pod that has an init container and an application container, the image +pulls for the two containers will not be parallelized. However, if you have two +Pods that use different images, the kubelet pulls the images in parallel on +behalf of the two different Pods, when parallel image pulls is enabled. + +### Maximum parallel image pulls + +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + +When `serializeImagePulls` is set to false, the kubelet defaults to no limit on the +maximum number of images being pulled at the same time. If you would like to +limit the number of parallel image pulls, you can set the field `maxParallelImagePulls` +in kubelet configuration. With `maxParallelImagePulls` set to _n_, only _n_ images +can be pulled at the same time, and any image pull beyond _n_ will have to wait +until at least one ongoing image pull is complete. + +Limiting the number parallel image pulls would prevent image pulling from consuming +too much network bandwidth or disk I/O, when parallel image pulling is enabled. + +You can set `maxParallelImagePulls` to a positive number that is greater than or +equal to 1. If you set `maxParallelImagePulls` to be greater than or equal to 2, you +must set the `serializeImagePulls` to false. The kubelet will fail to start with invalid +`maxParallelImagePulls` settings. + ## Multi-architecture images with image indexes As well as providing binary images, a container registry can also serve a diff --git a/content/en/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md b/content/en/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md index a241ccee3d4..537bde377ca 100644 --- a/content/en/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md +++ b/content/en/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md @@ -213,6 +213,7 @@ for these devices: service PodResourcesLister { rpc List(ListPodResourcesRequest) returns (ListPodResourcesResponse) {} rpc GetAllocatableResources(AllocatableResourcesRequest) returns (AllocatableResourcesResponse) {} + rpc Get(GetPodResourcesRequest) returns (GetPodResourcesResponse) {} } ``` @@ -223,6 +224,14 @@ id of exclusively allocated CPUs, device id as it was reported by device plugins the NUMA node where these devices are allocated. Also, for NUMA-based machines, it contains the information about memory and hugepages reserved for a container. +Starting from Kubernetes v1.27, the `List` enpoint can provide information on resources +of running pods allocated in `ResourceClaims` by the `DynamicResourceAllocation` API. To enable +this feature `kubelet` must be started with the following flags: + +``` +--feature-gates=DynamicResourceAllocation=true,KubeletPodResourcesDynamiceResources=true +``` + ```gRPC // ListPodResourcesResponse is the response returned by List function message ListPodResourcesResponse { @@ -242,6 +251,7 @@ message ContainerResources { repeated ContainerDevices devices = 2; repeated int64 cpu_ids = 3; repeated ContainerMemory memory = 4; + repeated DynamicResource dynamic_resources = 5; } // ContainerMemory contains information about memory and hugepages assigned to a container @@ -267,6 +277,28 @@ message ContainerDevices { repeated string device_ids = 2; TopologyInfo topology = 3; } + +// DynamicResource contains information about the devices assigned to a container by Dynamic Resource Allocation +message DynamicResource { + string class_name = 1; + string claim_name = 2; + string claim_namespace = 3; + repeated ClaimResource claim_resources = 4; +} + +// ClaimResource contains per-plugin resource information +message ClaimResource { + repeated CDIDevice cdi_devices = 1 [(gogoproto.customname) = "CDIDevices"]; +} + +// CDIDevice specifies a CDI device information +message CDIDevice { + // Fully qualified CDI device name + // for example: vendor.com/gpu=gpudevice1 + // see more details in the CDI specification: + // https://github.com/container-orchestrated-devices/container-device-interface/blob/main/SPEC.md + string name = 1; +} ``` {{< note >}} cpu_ids in the `ContainerResources` in the `List` endpoint correspond to exclusive CPUs allocated @@ -333,6 +365,36 @@ Support for the `PodResourcesLister service` requires `KubeletPodResources` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) to be enabled. It is enabled by default starting with Kubernetes 1.15 and is v1 since Kubernetes 1.20. +### `Get` gRPC endpoint {#grpc-endpoint-get} + +{{< feature-state state="alpha" for_k8s_version="v1.27" >}} + +The `Get` endpoint provides information on resources of a running Pod. It exposes information +similar to those described in the `List` endpoint. The `Get` endpoint requires `PodName` +and `PodNamespace` of the running Pod. + +```gRPC +// GetPodResourcesRequest contains information about the pod +message GetPodResourcesRequest { + string pod_name = 1; + string pod_namespace = 2; +} +``` + +To enable this feature, you must start your kubelet services with the following flag: + +``` +--feature-gates=KubeletPodResourcesGet=true +``` + +The `Get` endpoint can provide Pod information related to dynamic resources +allocated by the dynamic resource allocation API. To enable this feature, you must +ensure your kubelet services are started with the following flags: + +``` +--feature-gates=KubeletPodResourcesGet=true,DynamicResourceAllocation=true,KubeletPodResourcesDynamiceResources=true +``` + ## Device plugin integration with the Topology Manager {{< feature-state for_k8s_version="v1.18" state="beta" >}} diff --git a/content/en/docs/concepts/overview/kubernetes-api.md b/content/en/docs/concepts/overview/kubernetes-api.md index 27e4829ba55..ceec7e1eacd 100644 --- a/content/en/docs/concepts/overview/kubernetes-api.md +++ b/content/en/docs/concepts/overview/kubernetes-api.md @@ -82,17 +82,13 @@ packages that define the API objects. ### OpenAPI V3 -{{< feature-state state="beta" for_k8s_version="v1.24" >}} +{{< feature-state state="stable" for_k8s_version="v1.27" >}} -Kubernetes {{< param "version" >}} offers beta support for publishing its APIs as OpenAPI v3; this is a -beta feature that is enabled by default. -You can disable the beta feature by turning off the -[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) named `OpenAPIV3` -for the kube-apiserver component. +Kubernetes supports publishing a description of its APIs as OpenAPI v3. A discovery endpoint `/openapi/v3` is provided to see a list of all -group/versions available. This endpoint only returns JSON. These group/versions -are provided in the following format: +group/versions available. This endpoint only returns JSON. These +group/versions are provided in the following format: ```yaml { @@ -153,11 +149,37 @@ Refer to the table below for accepted request headers. +A Golang implementation to fetch the OpenAPI V3 is provided in the package `k8s.io/client-go/openapi3`. + ## Persistence Kubernetes stores the serialized state of objects by writing them into {{< glossary_tooltip term_id="etcd" >}}. +## API Discovery + +A list of all group versions supported by a cluster is published at +the `/api` and `/apis` endpoints. Each group version also advertises +the list of resources supported via `/apis//` (for +example: `/apis/rbac.authorization.k8s.io/v1alpha1`). These endpoints +are used by kubectl to fetch the list of resources supported by a +cluster. + +### Aggregated Discovery + +{{< feature-state state="beta" for_k8s_version="v1.27" >}} + +Kubernetes offers beta support for aggregated discovery, publishing +all resources supported by a cluster through two endpoints (`/api` and +`/apis`) compared to one for every group version. Requesting this +endpoint drastically reduces the number of requests sent to fetch the +discovery for the average Kubernetes cluster. This may be accessed by +requesting the respective endpoints with an Accept header indicating +the aggregated discovery resource: +`Accept: application/json;v=v2beta1;g=apidiscovery.k8s.io;as=APIGroupDiscoveryList`. + +The endpoint also supports ETag and protobuf encoding. + ## API groups and versioning To make it easier to eliminate fields or restructure resource representations, diff --git a/content/en/docs/concepts/overview/working-with-objects/owners-dependents.md b/content/en/docs/concepts/overview/working-with-objects/owners-dependents.md index fd11031ab3c..035298930ba 100644 --- a/content/en/docs/concepts/overview/working-with-objects/owners-dependents.md +++ b/content/en/docs/concepts/overview/working-with-objects/owners-dependents.md @@ -6,13 +6,13 @@ weight: 90 -In Kubernetes, some objects are *owners* of other objects. For example, a -{{}} is the owner of a set of Pods. These owned objects are *dependents* +In Kubernetes, some {{< glossary_tooltip text="objects" term_id="Object" >}} are *owners* of other objects. For example, a +{{}} is the owner of a set of {{}}. These owned objects are *dependents* of their owner. Ownership is different from the [labels and selectors](/docs/concepts/overview/working-with-objects/labels/) mechanism that some resources also use. For example, consider a Service that -creates `EndpointSlice` objects. The Service uses labels to allow the control plane to +creates `EndpointSlice` objects. The Service uses {{}} to allow the control plane to determine which `EndpointSlice` objects are used for that Service. In addition to the labels, each `EndpointSlice` that is managed on behalf of a Service has an owner reference. Owner references help different parts of Kubernetes avoid @@ -21,8 +21,8 @@ interfering with objects they don’t control. ## Owner references in object specifications Dependent objects have a `metadata.ownerReferences` field that references their -owner object. A valid owner reference consists of the object name and a UID -within the same namespace as the dependent object. Kubernetes sets the value of +owner object. A valid owner reference consists of the object name and a {{}} +within the same {{}} as the dependent object. Kubernetes sets the value of this field automatically for objects that are dependents of other objects like ReplicaSets, DaemonSets, Deployments, Jobs and CronJobs, and ReplicationControllers. You can also configure these relationships manually by changing the value of @@ -66,10 +66,10 @@ When you tell Kubernetes to delete a resource, the API server allows the managing controller to process any [finalizer rules](/docs/concepts/overview/working-with-objects/finalizers/) for the resource. {{}} prevent accidental deletion of resources your cluster may still need to function -correctly. For example, if you try to delete a `PersistentVolume` that is still +correctly. For example, if you try to delete a [PersistentVolume](/docs/concepts/storage/persistent-volumes/) that is still in use by a Pod, the deletion does not happen immediately because the `PersistentVolume` has the `kubernetes.io/pv-protection` finalizer on it. -Instead, the volume remains in the `Terminating` status until Kubernetes clears +Instead, the [volume](/docs/concepts/storage/volumes/) remains in the `Terminating` status until Kubernetes clears the finalizer, which only happens after the `PersistentVolume` is no longer bound to a Pod. @@ -86,4 +86,4 @@ object. * Learn more about [Kubernetes finalizers](/docs/concepts/overview/working-with-objects/finalizers/). * Learn about [garbage collection](/docs/concepts/architecture/garbage-collection). -* Read the API reference for [object metadata](/docs/reference/kubernetes-api/common-definitions/object-meta/#System). \ No newline at end of file +* Read the API reference for [object metadata](/docs/reference/kubernetes-api/common-definitions/object-meta/#System). diff --git a/content/en/docs/concepts/scheduling-eviction/dynamic-resource-allocation.md b/content/en/docs/concepts/scheduling-eviction/dynamic-resource-allocation.md index e1c468f58f0..cd7f5a0373a 100644 --- a/content/en/docs/concepts/scheduling-eviction/dynamic-resource-allocation.md +++ b/content/en/docs/concepts/scheduling-eviction/dynamic-resource-allocation.md @@ -9,7 +9,7 @@ weight: 65 -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} Dynamic resource allocation is a new API for requesting and sharing resources between pods and containers inside a pod. It is a generalization of the @@ -31,7 +31,7 @@ check the documentation for that version of Kubernetes. ## API -The new `resource.k8s.io/v1alpha1` {{< glossary_tooltip text="API group" +The `resource.k8s.io/v1alpha2` {{< glossary_tooltip text="API group" term_id="api-group" >}} provides four new types: ResourceClass @@ -51,7 +51,7 @@ ResourceClaimTemplate : Defines the spec and some meta data for creating ResourceClaims. Created by a user when deploying a workload. -PodScheduling +PodSchedulingContext : Used internally by the control plane and resource drivers to coordinate pod scheduling when ResourceClaims need to be allocated for a Pod. @@ -76,7 +76,7 @@ Here is an example for a fictional resource driver. Two ResourceClaim objects will get created for this Pod and each container gets access to one of them. ```yaml -apiVersion: resource.k8s.io/v1alpha1 +apiVersion: resource.k8s.io/v1alpha2 kind: ResourceClass name: resource.example.com driverName: resource-driver.example.com @@ -88,7 +88,7 @@ spec: color: black size: large --- -apiVersion: resource.k8s.io/v1alpha1 +apiVersion: resource.k8s.io/v1alpha2 kind: ResourceClaimTemplate metadata: name: large-black-cat-claim-template @@ -162,6 +162,12 @@ gets scheduled onto one node and then cannot run there, which is bad because such a pending Pod also blocks all other resources like RAM or CPU that were set aside for it. +## Monitoring resources + +The kubelet provides a gRPC service to enable discovery of dynamic resources of +running Pods. For more information on the gRPC endpoints, see the +[resource allocation reporting](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#monitoring-device-plugin-resources). + ## Limitations The scheduler plugin must be involved in scheduling Pods which use @@ -176,7 +182,7 @@ future. Dynamic resource allocation is an *alpha feature* and only enabled when the `DynamicResourceAllocation` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) and the -`resource.k8s.io/v1alpha1` {{< glossary_tooltip text="API group" +`resource.k8s.io/v1alpha2` {{< glossary_tooltip text="API group" term_id="api-group" >}} are enabled. For details on that, see the `--feature-gates` and `--runtime-config` [kube-apiserver parameters](/docs/reference/command-line-tools-reference/kube-apiserver/). @@ -203,8 +209,9 @@ error: the server doesn't have a resource type "resourceclasses" ``` The default configuration of kube-scheduler enables the "DynamicResources" -plugin if and only if the feature gate is enabled. Custom configurations may -have to be modified to include it. +plugin if and only if the feature gate is enabled and when using +the v1 configuration API. Custom configurations may have to be modified to +include it. In addition to enabling the feature in the cluster, a resource driver also has to be installed. Please refer to the driver's documentation for details. diff --git a/content/en/docs/concepts/scheduling-eviction/pod-scheduling-readiness.md b/content/en/docs/concepts/scheduling-eviction/pod-scheduling-readiness.md index be999463155..6146cd23d9f 100644 --- a/content/en/docs/concepts/scheduling-eviction/pod-scheduling-readiness.md +++ b/content/en/docs/concepts/scheduling-eviction/pod-scheduling-readiness.md @@ -55,7 +55,7 @@ kubectl get pod test-pod -o jsonpath='{.spec.schedulingGates}' The output is: ```none -[{"name":"foo"},{"name":"bar"}] +[{"name":"example.com/foo"},{"name":"example.com/bar"}] ``` To inform scheduler this Pod is ready for scheduling, you can remove its `schedulingGates` entirely @@ -89,6 +89,32 @@ The metric `scheduler_pending_pods` comes with a new label `"gated"` to distingu has been tried scheduling but claimed as unschedulable, or explicitly marked as not ready for scheduling. You can use `scheduler_pending_pods{queue="gated"}` to check the metric result. +## Mutable Pod Scheduling Directives + +{{< feature-state for_k8s_version="v1.27" state="beta" >}} + +You can mutate scheduling directives of Pods while they have scheduling gates, with certain constraints. +At a high level, you can only tighten the scheduling directives of a Pod. In other words, the updated +directives would cause the Pods to only be able to be scheduled on a subset of the nodes that it would +previously match. More concretely, the rules for updating a Pod's scheduling directives are as follows: + +1. For `.spec.nodeSelector`, only additions are allowed. If absent, it will be allowed to be set. + +2. For `spec.affinity.nodeAffinity`, if nil, then setting anything is allowed. + +3. If `NodeSelectorTerms` was empty, it will be allowed to be set. + If not empty, then only additions of `NodeSelectorRequirements` to `matchExpressions` + or `fieldExpressions` are allowed, and no changes to existing `matchExpressions` + and `fieldExpressions` will be allowed. This is because the terms in + `.requiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms`, are ORed + while the expressions in `nodeSelectorTerms[].matchExpressions` and + `nodeSelectorTerms[].fieldExpressions` are ANDed. + +4. For `.preferredDuringSchedulingIgnoredDuringExecution`, all updates are allowed. + This is because preferred terms are not authoritative, and so policy controllers + don't validate those terms. + + ## {{% heading "whatsnext" %}} * Read the [PodSchedulingReadiness KEP](https://github.com/kubernetes/enhancements/blob/master/keps/sig-scheduling/3521-pod-scheduling-readiness) for more details diff --git a/content/en/docs/concepts/scheduling-eviction/scheduling-framework.md b/content/en/docs/concepts/scheduling-eviction/scheduling-framework.md index d09934aa7d3..ea0d981055b 100644 --- a/content/en/docs/concepts/scheduling-eviction/scheduling-framework.md +++ b/content/en/docs/concepts/scheduling-eviction/scheduling-framework.md @@ -52,7 +52,18 @@ equivalent to "Predicate" and "Scoring" is equivalent to "Priority function". One plugin may register at multiple extension points to perform more complex or stateful tasks. -{{< figure src="/images/docs/scheduling-framework-extensions.png" title="scheduling framework extension points" class="diagram-large">}} +{{< figure src="/images/docs/scheduling-framework-extensions.png" title="Scheduling framework extension points" class="diagram-large">}} + +### PreEnqueue {#pre-enqueue} + +These plugins are called prior to adding Pods to the internal active queue, where Pods are marked as +ready for scheduling. + +Only when all PreEnqueue plugins return `Success`, the Pod is allowed to enter the active queue. +Otherwise, it's placed in the internal unschedulable Pods list, and doesn't get an `Unschedulable` condition. + +For more details about how internal scheduler queues work, read +[Scheduling queue in kube-scheduler](https://github.com/kubernetes/community/blob/f03b6d5692bd979f07dd472e7b6836b2dad0fd9b/contributors/devel/sig-scheduling/scheduler_queues.md). ### QueueSort {#queue-sort} diff --git a/content/en/docs/concepts/scheduling-eviction/taint-and-toleration.md b/content/en/docs/concepts/scheduling-eviction/taint-and-toleration.md index 7fde68c09f8..3ffb845ec87 100644 --- a/content/en/docs/concepts/scheduling-eviction/taint-and-toleration.md +++ b/content/en/docs/concepts/scheduling-eviction/taint-and-toleration.md @@ -224,6 +224,11 @@ In case a node is to be evicted, the node controller or the kubelet adds relevan with `NoExecute` effect. If the fault condition returns to normal the kubelet or node controller can remove the relevant taint(s). +In some cases when the node is unreachable, the API server is unable to communicate +with the kubelet on the node. The decision to delete the pods cannot be communicated to +the kubelet until communication with the API server is re-established. In the meantime, +the pods that are scheduled for deletion may continue to run on the partitioned node. + {{< note >}} The control plane limits the rate of adding node new taints to nodes. This rate limiting manages the number of evictions that are triggered when many nodes become unreachable at diff --git a/content/en/docs/concepts/scheduling-eviction/topology-spread-constraints.md b/content/en/docs/concepts/scheduling-eviction/topology-spread-constraints.md index 76855f5a5e5..a7691706462 100644 --- a/content/en/docs/concepts/scheduling-eviction/topology-spread-constraints.md +++ b/content/en/docs/concepts/scheduling-eviction/topology-spread-constraints.md @@ -64,7 +64,7 @@ spec: topologyKey: whenUnsatisfiable: labelSelector: - matchLabelKeys: # optional; alpha since v1.25 + matchLabelKeys: # optional; beta since v1.27 nodeAffinityPolicy: [Honor|Ignore] # optional; beta since v1.26 nodeTaintsPolicy: [Honor|Ignore] # optional; beta since v1.26 ### other Pod fields go here @@ -129,24 +129,36 @@ your cluster. Those fields are: for more details. - **matchLabelKeys** is a list of pod label keys to select the pods over which - spreading will be calculated. The keys are used to lookup values from the pod labels, those key-value labels are ANDed with `labelSelector` to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the pod labels will be ignored. A null or empty list means only match against the `labelSelector`. + spreading will be calculated. The keys are used to lookup values from the pod labels, + those key-value labels are ANDed with `labelSelector` to select the group of existing + pods over which spreading will be calculated for the incoming pod. The same key is + forbidden to exist in both `matchLabelKeys` and `labelSelector`. `matchLabelKeys` cannot + be set when `labelSelector` isn't set. Keys that don't exist in the pod labels will be + ignored. A null or empty list means only match against the `labelSelector`. - With `matchLabelKeys`, users don't need to update the `pod.spec` between different revisions. The controller/operator just needs to set different values to the same `label` key for different revisions. The scheduler will assume the values automatically based on `matchLabelKeys`. For example, if users use Deployment, they can use the label keyed with `pod-template-hash`, which is added automatically by the Deployment controller, to distinguish between different revisions in a single Deployment. + With `matchLabelKeys`, you don't need to update the `pod.spec` between different revisions. + The controller/operator just needs to set different values to the same label key for different + revisions. The scheduler will assume the values automatically based on `matchLabelKeys`. For + example, if you are configuring a Deployment, you can use the label keyed with + [pod-template-hash](/docs/concepts/workloads/controllers/deployment/#pod-template-hash-label), which + is added automatically by the Deployment controller, to distinguish between different revisions + in a single Deployment. ```yaml topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: foo matchLabelKeys: - - app - pod-template-hash ``` {{< note >}} - The `matchLabelKeys` field is an alpha field added in 1.25. You have to enable the - `MatchLabelKeysInPodTopologySpread` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) - in order to use it. + The `matchLabelKeys` field is a beta-level field and enabled by default in 1.27. You can disable it by disabling the + `MatchLabelKeysInPodTopologySpread` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/). {{< /note >}} - **nodeAffinityPolicy** indicates how we will treat Pod's nodeAffinity/nodeSelector diff --git a/content/en/docs/concepts/services-networking/dual-stack.md b/content/en/docs/concepts/services-networking/dual-stack.md index 6c05516b033..1fad8507788 100644 --- a/content/en/docs/concepts/services-networking/dual-stack.md +++ b/content/en/docs/concepts/services-networking/dual-stack.md @@ -79,6 +79,13 @@ An example of an IPv6 CIDR: `fdXY:IJKL:MNOP:15::/64` (this shows the format but address - see [RFC 4193](https://tools.ietf.org/html/rfc4193)) {{< /note >}} +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + +When using an external cloud provider, you can pass a dual-stack `--node-ip` value to +kubelet if you enable the `CloudDualStackNodeIPs` feature gate in both kubelet and the +external cloud provider. This is only supported for cloud providers that support dual +stack clusters. + ## Services You can create {{< glossary_tooltip text="Services" term_id="service" >}} which can use IPv4, IPv6, or both. diff --git a/content/en/docs/concepts/services-networking/service-topology.md b/content/en/docs/concepts/services-networking/service-topology.md index b833ff6e3b0..081a58cc851 100644 --- a/content/en/docs/concepts/services-networking/service-topology.md +++ b/content/en/docs/concepts/services-networking/service-topology.md @@ -16,8 +16,8 @@ weight: 150 This feature, specifically the alpha `topologyKeys` API, is deprecated since Kubernetes v1.21. -[Topology Aware Hints](/docs/concepts/services-networking/topology-aware-hints/), -introduced in Kubernetes v1.21, provide similar functionality. +[Topology Aware Routing](/docs/concepts/services-networking/topology-aware-routing/), +introduced in Kubernetes v1.21, provides similar functionality. {{}} _Service Topology_ enables a service to route traffic based upon the Node diff --git a/content/en/docs/concepts/services-networking/service.md b/content/en/docs/concepts/services-networking/service.md index 4cff084e9d4..cad2097afc3 100644 --- a/content/en/docs/concepts/services-networking/service.md +++ b/content/en/docs/concepts/services-networking/service.md @@ -588,6 +588,20 @@ spec: nodePort: 30007 ``` +#### Reserve Nodeport Ranges to avoid collisions when port assigning + +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + +The policy for assigning ports to NodePort services applies to both the auto-assignment and +the manual assignment scenarios. When a user wants to create a NodePort service that +uses a specific port, the target port may conflict with another port that has already been assigned. +In this case, you can enable the feature gate `ServiceNodePortStaticSubrange`, which allows you +to use a different port allocation strategy for NodePort Services. The port range for NodePort services +is divided into two bands. Dynamic port assignment uses the upper band by default, and it may use +the lower band once the upper band has been exhausted. Users can then allocate from the lower band +with a lower risk of port collision. + + #### Custom IP address configuration for `type: NodePort` Services {#service-nodeport-custom-listen-address} You can set up nodes in your cluster to use a particular IP address for serving node port @@ -647,12 +661,6 @@ status: Traffic from the external load balancer is directed at the backend Pods. The cloud provider decides how it is load balanced. -Some cloud providers allow you to specify the `loadBalancerIP`. In those cases, the load-balancer is created -with the user-specified `loadBalancerIP`. If the `loadBalancerIP` field is not specified, -the loadBalancer is set up with an ephemeral IP address. If you specify a `loadBalancerIP` -but your cloud provider does not support the feature, the `loadbalancerIP` field that you -set is ignored. - To implement a Service of `type: LoadBalancer`, Kubernetes typically starts off by making the changes that are equivalent to you requesting a Service of `type: NodePort`. The cloud-controller-manager component then configures the external load balancer to @@ -662,19 +670,24 @@ You can configure a load balanced Service to [omit](#load-balancer-nodeport-allocation) assigning a node port, provided that the cloud provider implementation supports this. +Some cloud providers allow you to specify the `loadBalancerIP`. In those cases, the load-balancer is created +with the user-specified `loadBalancerIP`. If the `loadBalancerIP` field is not specified, +the loadBalancer is set up with an ephemeral IP address. If you specify a `loadBalancerIP` +but your cloud provider does not support the feature, the `loadbalancerIP` field that you +set is ignored. {{< note >}} -On **Azure**, if you want to use a user-specified public type `loadBalancerIP`, you first need -to create a static type public IP address resource. This public IP address resource should -be in the same resource group of the other automatically created resources of the cluster. -For example, `MC_myResourceGroup_myAKSCluster_eastus`. - -Specify the assigned IP address as loadBalancerIP. Ensure that you have updated the -`securityGroupName` in the cloud provider configuration file. -For information about troubleshooting `CreatingLoadBalancerFailed` permission issues see, -[Use a static IP address with the Azure Kubernetes Service (AKS) load balancer](https://docs.microsoft.com/en-us/azure/aks/static-ip) -or [CreatingLoadBalancerFailed on AKS cluster with advanced networking](https://github.com/Azure/AKS/issues/357). +The`.spec.loadBalancerIP` field for a Service was deprecated in Kubernetes v1.24. + +This field was under-specified and its meaning varies across implementations. It also cannot support dual-stack networking. This field may be removed in a future API version. + +If you're integrating with a provider that supports specifying the load balancer IP address(es) +for a Service via a (provider specific) annotation, you should switch to doing that. + +If you are writing code for a load balancer integration with Kubernetes, avoid using this field. +You can integrate with [Gateway](https://gateway-api.sigs.k8s.io/) rather than Service, or you +can define your own (provider specific) annotations on the Service that specify the equivalent detail. {{< /note >}} diff --git a/content/en/docs/concepts/services-networking/topology-aware-hints.md b/content/en/docs/concepts/services-networking/topology-aware-routing.md similarity index 62% rename from content/en/docs/concepts/services-networking/topology-aware-hints.md rename to content/en/docs/concepts/services-networking/topology-aware-routing.md index 7a6d212476e..1977f199d0c 100644 --- a/content/en/docs/concepts/services-networking/topology-aware-hints.md +++ b/content/en/docs/concepts/services-networking/topology-aware-routing.md @@ -1,11 +1,11 @@ --- reviewers: - robscott -title: Topology Aware Hints +title: Topology Aware Routing content_type: concept weight: 100 description: >- - _Topology Aware Hints_ provides a mechanism to help keep network traffic within the zone + _Topology Aware Routing_ provides a mechanism to help keep network traffic within the zone where it originated. Preferring same-zone traffic between Pods in your cluster can help with reliability, performance (network latency and throughput), or cost. --- @@ -15,45 +15,68 @@ description: >- {{< feature-state for_k8s_version="v1.23" state="beta" >}} -_Topology Aware Hints_ enable topology aware routing by including suggestions -for how clients should consume endpoints. This approach adds metadata to enable -consumers of EndpointSlice (or Endpoints) objects, so that traffic to -those network endpoints can be routed closer to where it originated. +{{< note >}} +Prior to Kubernetes 1.27, this feature was known as _Topology Aware Hints_. +{{}} -For example, you can route traffic within a locality to reduce -costs, or to improve network performance. +_Topology Aware Routing_ adjusts routing behavior to prefer keeping traffic in +the zone it originated from. In some cases this can help reduce costs or improve +network performance. ## Motivation Kubernetes clusters are increasingly deployed in multi-zone environments. -_Topology Aware Hints_ provides a mechanism to help keep traffic within the zone -it originated from. This concept is commonly referred to as "Topology Aware -Routing". When calculating the endpoints for a {{< glossary_tooltip term_id="Service" >}}, -the EndpointSlice controller considers the topology (region and zone) of each endpoint -and populates the hints field to allocate it to a zone. -Cluster components such as the {{< glossary_tooltip term_id="kube-proxy" text="kube-proxy" >}} -can then consume those hints, and use them to influence how the traffic is routed -(favoring topologically closer endpoints). +_Topology Aware Routing_ provides a mechanism to help keep traffic within the +zone it originated from. When calculating the endpoints for a {{< +glossary_tooltip term_id="Service" >}}, the EndpointSlice controller considers +the topology (region and zone) of each endpoint and populates the hints field to +allocate it to a zone. Cluster components such as {{< glossary_tooltip +term_id="kube-proxy" text="kube-proxy" >}} can then consume those hints, and use +them to influence how the traffic is routed (favoring topologically closer +endpoints). -## Using Topology Aware Hints +## Enabling Topology Aware Routing -You can activate Topology Aware Hints for a Service by setting the -`service.kubernetes.io/topology-aware-hints` annotation to `auto`. This tells -the EndpointSlice controller to set topology hints if it is deemed safe. -Importantly, this does not guarantee that hints will always be set. +{{< note >}} +Prior to Kubernetes 1.27, this behavior was controlled using the +`service.kubernetes.io/topology-aware-hints` annotation. +{{}} -## How it works {#implementation} +You can enable Topology Aware Routing for a Service by setting the +`service.kubernetes.io/topology-mode` annotation to `Auto`. When there are +enough endpoints available in each zone, Topology Hints will be populated on +EndpointSlices to allocate individual endpoints to specific zones, resulting in +traffic being routed closer to where it originated from. -The functionality enabling this feature is split into two components: The -EndpointSlice controller and the kube-proxy. This section provides a high level overview -of how each component implements this feature. +## When it works best + +This feature works best when: + +### 1. Incoming traffic is evenly distributed + +If a large proportion of traffic is originating from a single zone, that traffic +could overload the subset of endpoints that have been allocated to that zone. +This feature is not recommended when incoming traffic is expected to originate +from a single zone. + +### 2. The Service has 3 or more endpoints per zone {#three-or-more-endpoints-per-zone} +In a three zone cluster, this means 9 or more endpoints. If there are fewer than +3 endpoints per zone, there is a high (≈50%) probability that the EndpointSlice +controller will not be able to allocate endpoints evenly and instead will fall +back to the default cluster-wide routing approach. + +## How It Works + +The "Auto" heuristic attempts to proportionally allocate a number of endpoints +to each zone. Note that this heuristic works best for Services that have a +significant number of endpoints. ### EndpointSlice controller {#implementation-control-plane} The EndpointSlice controller is responsible for setting hints on EndpointSlices -when this feature is enabled. The controller allocates a proportional amount of +when this heuristic is enabled. The controller allocates a proportional amount of endpoints to each zone. This proportion is based on the [allocatable](/docs/tasks/administer-cluster/reserve-compute-resources/#node-allocatable) CPU cores for nodes running in that zone. For example, if one zone had 2 CPU @@ -145,6 +168,11 @@ zone. proportions of each zone. This could have unintended consequences if a large portion of nodes are unready. +* The EndpointSlice controller ignores nodes with the + `node-role.kubernetes.io/control-plane` or `node-role.kubernetes.io/master` + label set. This could be problematic if workloads are also running on those + nodes. + * The EndpointSlice controller does not take into account {{< glossary_tooltip text="tolerations" term_id="toleration" >}} when deploying or calculating the proportions of each zone. If the Pods backing a Service are limited to a @@ -157,6 +185,17 @@ zone. either not picking up on this event, or newly added pods starting in a different zone. + +## Custom heuristics + +Kubernetes is deployed in many different ways, there is no single heuristic for +allocating endpoints to zones will work for every use case. A key goal of this +feature is to enable custom heuristics to be developed if the built in heuristic +does not work for your use case. The first steps to enable custom heuristics +were included in the 1.27 release. This is a limited implementation that may not +yet cover some relevant and plausible situations. + + ## {{% heading "whatsnext" %}} * Follow the [Connecting Applications with Services](/docs/tutorials/services/connect-applications-service/) tutorial diff --git a/content/en/docs/concepts/storage/persistent-volumes.md b/content/en/docs/concepts/storage/persistent-volumes.md index 6df299674b4..ca68c365eef 100644 --- a/content/en/docs/concepts/storage/persistent-volumes.md +++ b/content/en/docs/concepts/storage/persistent-volumes.md @@ -637,7 +637,8 @@ The access modes are: : the volume can be mounted as read-write by many nodes. `ReadWriteOncePod` -: the volume can be mounted as read-write by a single Pod. Use ReadWriteOncePod +: {{< feature-state for_k8s_version="v1.27" state="beta" >}} + the volume can be mounted as read-write by a single Pod. Use ReadWriteOncePod access mode if you want to ensure that only one pod across whole cluster can read that PVC or write to it. This is only supported for CSI volumes and Kubernetes version 1.22+. diff --git a/content/en/docs/concepts/storage/volumes.md b/content/en/docs/concepts/storage/volumes.md index 80f259aab31..e28532d90b2 100644 --- a/content/en/docs/concepts/storage/volumes.md +++ b/content/en/docs/concepts/storage/volumes.md @@ -1168,10 +1168,13 @@ persistent volume: secrets are passed. When you have configured secret data for node-initiated volume expansion, the kubelet passes that data via the `NodeExpandVolume()` call to the CSI driver. In order to use the `nodeExpandSecretRef` field, your - cluster should be running Kubernetes version 1.25 or later and you must enable + cluster should be running Kubernetes version 1.25 or later. +* If you are running Kubernetes Version 1.25 or 1.26, you must enable the [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) named `CSINodeExpandSecret` for each kube-apiserver and for the kubelet on every - node. You must also be using a CSI driver that supports or requires secret data during + node. In Kubernetes version 1.27 this feature has been enabled by default + and no explicit enablement of the feature gate is required. + You must also be using a CSI driver that supports or requires secret data during node-initiated storage resize operations. * `nodePublishSecretRef`: A reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI diff --git a/content/en/docs/concepts/windows/intro.md b/content/en/docs/concepts/windows/intro.md index 16a7ea3d8a1..19a9c2c7888 100644 --- a/content/en/docs/concepts/windows/intro.md +++ b/content/en/docs/concepts/windows/intro.md @@ -89,10 +89,6 @@ section refers to several key workload abstractions and how they map to Windows. The `.spec.os.name` field should be set to `windows` to indicate that the current Pod uses Windows containers. - {{< note >}} - Starting from 1.25, the `IdentifyPodOS` feature gate is in GA stage and defaults to be enabled. - {{< /note >}} - If you set the `.spec.os.name` field to `windows`, you must not set the following fields in the `.spec` of that Pod: diff --git a/content/en/docs/concepts/windows/user-guide.md b/content/en/docs/concepts/windows/user-guide.md index df3306f01ab..53f78951efc 100644 --- a/content/en/docs/concepts/windows/user-guide.md +++ b/content/en/docs/concepts/windows/user-guide.md @@ -162,10 +162,6 @@ that the containers in that Pod are designed for. For Pods that run Linux contai `.spec.os.name` to `linux`. For Pods that run Windows containers, set `.spec.os.name` to `windows`. -{{< note >}} -Starting from 1.25, the `IdentifyPodOS` feature is in GA stage and defaults to be enabled. -{{< /note >}} - The scheduler does not use the value of `.spec.os.name` when assigning Pods to nodes. You should use normal Kubernetes mechanisms for [assigning pods to nodes](/docs/concepts/scheduling-eviction/assign-pod-node/) diff --git a/content/en/docs/concepts/workloads/controllers/cron-jobs.md b/content/en/docs/concepts/workloads/controllers/cron-jobs.md index 4428822b710..f9143e06f26 100644 --- a/content/en/docs/concepts/workloads/controllers/cron-jobs.md +++ b/content/en/docs/concepts/workloads/controllers/cron-jobs.md @@ -14,9 +14,9 @@ weight: 80 A _CronJob_ creates {{< glossary_tooltip term_id="job" text="Jobs" >}} on a repeating schedule. -CronJob is meant for performing regular scheduled actions such as backups, report generation, -and so on. One CronJob object is like one line of a _crontab_ (cron table) file on a -Unix system. It runs a job periodically on a given schedule, written in +CronJob is meant for performing regular scheduled actions such as backups, report generation, +and so on. One CronJob object is like one line of a _crontab_ (cron table) file on a +Unix system. It runs a job periodically on a given schedule, written in [Cron](https://en.wikipedia.org/wiki/Cron) format. CronJobs have limitations and idiosyncrasies. @@ -162,19 +162,22 @@ For another way to clean up jobs automatically, see [Clean up finished jobs auto ### Time zones -For CronJobs with no time zone specified, the {{< glossary_tooltip term_id="kube-controller-manager" text="kube-controller-manager" >}} interprets schedules relative to its local time zone. +{{< feature-state for_k8s_version="v1.27" state="stable" >}} -{{< feature-state for_k8s_version="v1.25" state="beta" >}} +For CronJobs with no time zone specified, the {{< glossary_tooltip term_id="kube-controller-manager" text="kube-controller-manager" >}} +interprets schedules relative to its local time zone. -If you enable the `CronJobTimeZone` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/), -you can specify a time zone for a CronJob (if you don't enable that feature gate, or if you are using a version of -Kubernetes that does not have experimental time zone support, all CronJobs in your cluster have an unspecified -timezone). +You can specify a time zone for a CronJob by setting `.spec.timeZone` to the name +of a valid [time zone](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). +For example, setting `.spec.timeZone: "Etc/UTC"` instructs Kubernetes to interpret +the schedule relative to Coordinated Universal Time. -When you have the feature enabled, you can set `.spec.timeZone` to the name of a valid [time zone](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). For example, setting -`.spec.timeZone: "Etc/UTC"` instructs Kubernetes to interpret the schedule relative to Coordinated Universal Time. +A time zone database from the Go standard library is included in the binaries and used as a fallback in case an external database is not available on the system. + +## CronJob limitations {#cron-job-limitations} + +### Unsupported TimeZone specification -{{< caution >}} The implementation of the CronJob API in Kubernetes {{< skew currentVersion >}} lets you set the `.spec.schedule` field to include a timezone; for example: `CRON_TZ=UTC * * * * *` or `TZ=UTC * * * * *`. @@ -183,14 +186,10 @@ Specifying a timezone that way is **not officially supported** (and never has be If you try to set a schedule that includes `TZ` or `CRON_TZ` timezone specification, Kubernetes reports a [warning](/blog/2020/09/03/warnings/) to the client. -Future versions of Kubernetes might not implement that unofficial timezone mechanism at all. -{{< /caution >}} - -A time zone database from the Go standard library is included in the binaries and used as a fallback in case an external database is not available on the system. - -## CronJob limitations {#cron-job-limitations} +Future versions of Kubernetes will prevent setting the unofficial timezone mechanism entirely. ### Modifying a CronJob + By design, a CronJob contains a template for _new_ Jobs. If you modify an existing CronJob, the changes you make will apply to new Jobs that start to run after your modification is complete. Jobs (and their Pods) that have already diff --git a/content/en/docs/concepts/workloads/controllers/job.md b/content/en/docs/concepts/workloads/controllers/job.md index ecdcb62027b..20b655588d5 100644 --- a/content/en/docs/concepts/workloads/controllers/job.md +++ b/content/en/docs/concepts/workloads/controllers/job.md @@ -54,22 +54,22 @@ Check on the status of the Job with `kubectl`: {{< tabs name="Check status of Job" >}} {{< tab name="kubectl describe job pi" codelang="bash" >}} -Name: pi -Namespace: default -Selector: controller-uid=0cd26dd5-88a2-4a5f-a203-ea19a1d5d578 -Labels: controller-uid=0cd26dd5-88a2-4a5f-a203-ea19a1d5d578 - job-name=pi -Annotations: batch.kubernetes.io/job-tracking: -Parallelism: 1 -Completions: 1 -Completion Mode: NonIndexed -Start Time: Fri, 28 Oct 2022 13:05:18 +0530 -Completed At: Fri, 28 Oct 2022 13:05:21 +0530 -Duration: 3s -Pods Statuses: 0 Active / 1 Succeeded / 0 Failed +Name: pi +Namespace: default +Selector: batch.kubernetes.io/controller-uid=c9948307-e56d-4b5d-8302-ae2d7b7da67c +Labels: batch.kubernetes.io/controller-uid=c9948307-e56d-4b5d-8302-ae2d7b7da67c + batch.kubernetes.io/job-name=pi + ... +Annotations: batch.kubernetes.io/job-tracking: "" +Parallelism: 1 +Completions: 1 +Start Time: Mon, 02 Dec 2019 15:20:11 +0200 +Completed At: Mon, 02 Dec 2019 15:21:16 +0200 +Duration: 65s +Pods Statuses: 0 Running / 1 Succeeded / 0 Failed Pod Template: - Labels: controller-uid=0cd26dd5-88a2-4a5f-a203-ea19a1d5d578 - job-name=pi + Labels: batch.kubernetes.io/controller-uid=c9948307-e56d-4b5d-8302-ae2d7b7da67c + batch.kubernetes.io/job-name=pi Containers: pi: Image: perl:5.34.0 @@ -93,15 +93,13 @@ Events: apiVersion: batch/v1 kind: Job metadata: - annotations: - batch.kubernetes.io/job-tracking: "" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"name":"pi","namespace":"default"},"spec":{"backoffLimit":4,"template":{"spec":{"containers":[{"command":["perl","-Mbignum=bpi","-wle","print bpi(2000)"],"image":"perl:5.34.0","name":"pi"}],"restartPolicy":"Never"}}}} + annotations: batch.kubernetes.io/job-tracking: "" + ... creationTimestamp: "2022-11-10T17:53:53Z" generation: 1 labels: - controller-uid: 204fb678-040b-497f-9266-35ffa8716d14 - job-name: pi + batch.kubernetes.io/controller-uid: 863452e6-270d-420e-9b94-53a54146c223 + batch.kubernetes.io/job-name: pi name: pi namespace: default resourceVersion: "4751" @@ -113,14 +111,14 @@ spec: parallelism: 1 selector: matchLabels: - controller-uid: 204fb678-040b-497f-9266-35ffa8716d14 + batch.kubernetes.io/controller-uid: 863452e6-270d-420e-9b94-53a54146c223 suspend: false template: metadata: creationTimestamp: null labels: - controller-uid: 204fb678-040b-497f-9266-35ffa8716d14 - job-name: pi + batch.kubernetes.io/controller-uid: 863452e6-270d-420e-9b94-53a54146c223 + batch.kubernetes.io/job-name: pi spec: containers: - command: @@ -152,7 +150,7 @@ To view completed Pods of a Job, use `kubectl get pods`. To list all the Pods that belong to a Job in a machine readable form, you can use a command like this: ```shell -pods=$(kubectl get pods --selector=job-name=pi --output=jsonpath='{.items[*].metadata.name}') +pods=$(kubectl get pods --selector=batch.kubernetes.io/job-name=pi --output=jsonpath='{.items[*].metadata.name}') echo $pods ``` @@ -171,6 +169,12 @@ View the standard output of one of the pods: kubectl logs $pods ``` +Another way to view the logs of a Job: + +```shell +kubectl logs jobs/pi +``` + The output is similar to this: ``` @@ -192,6 +196,10 @@ characters. A Job also needs a [`.spec` section](https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status). +### Job Labels + +Job labels will have `batch.kubernetes.io/` prefix for `job-name` and `controller-uid`. + ### Pod Template The `.spec.template` is the only required field of the `.spec`. @@ -631,14 +639,7 @@ as soon as the Job was resumed. ### Mutable Scheduling Directives -{{< feature-state for_k8s_version="v1.23" state="beta" >}} - -{{< note >}} -In order to use this behavior, you must enable the `JobMutableNodeSchedulingDirectives` -[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) -on the [API server](/docs/reference/command-line-tools-reference/kube-apiserver/). -It is enabled by default. -{{< /note >}} +{{< feature-state for_k8s_version="v1.27" state="stable" >}} In most cases a parallel job will want the pods to run with constraints, like all in the same zone, or all either on GPU model x or y but not a mix of both. @@ -653,7 +654,7 @@ pod-to-node assignment to kube-scheduler. This is allowed only for suspended Job been unsuspended before. The fields in a Job's pod template that can be updated are node affinity, node selector, -tolerations, labels and annotations. +tolerations, labels, annotations and [scheduling gates](/docs/concepts/scheduling-eviction/pod-scheduling-readiness/). ### Specifying your own Pod selector @@ -696,12 +697,12 @@ metadata: spec: selector: matchLabels: - controller-uid: a8f3d00d-c6d2-11e5-9f87-42010af00002 + batch.kubernetes.io/controller-uid: a8f3d00d-c6d2-11e5-9f87-42010af00002 ... ``` Then you create a new Job with name `new` and you explicitly specify the same selector. -Since the existing Pods have label `controller-uid=a8f3d00d-c6d2-11e5-9f87-42010af00002`, +Since the existing Pods have label `batch.kubernetes.io/controller-uid=a8f3d00d-c6d2-11e5-9f87-42010af00002`, they are controlled by Job `new` as well. You need to specify `manualSelector: true` in the new Job since you are not using @@ -716,7 +717,7 @@ spec: manualSelector: true selector: matchLabels: - controller-uid: a8f3d00d-c6d2-11e5-9f87-42010af00002 + batch.kubernetes.io/controller-uid: a8f3d00d-c6d2-11e5-9f87-42010af00002 ... ``` @@ -807,6 +808,17 @@ These are some requirements and semantics of the API: - `Count`: use to indicate that the Pod should be handled in the default way. The counter towards the `.spec.backoffLimit` should be incremented. +{{< note >}} +When you use a `podFailurePolicy`, the job controller only matches Pods in the +`Failed` phase. Pods with a deletion timestamp that are not in a terminal phase +(`Failed` or `Succeeded`) are considered still terminating. This implies that +terminating pods retain a [tracking finalizer](#job-tracking-with-finalizers) +until they reach a terminal phase. +Since Kubernetes 1.27, Kubelet transitions deleted pods to a terminal phase +(see: [Pod Phase](/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase)). This +ensures that deleted pods have their finalizers removed by the Job controller. +{{< /note >}} + ### Job tracking with finalizers {{< feature-state for_k8s_version="v1.26" state="stable" >}} @@ -837,6 +849,19 @@ checking if the Job has the annotation this annotation from Jobs. Instead, you can recreate the Jobs to ensure they are tracked using Pod finalizers. +### Elastic Indexed Jobs + +{{< feature-state for_k8s_version="v1.27" state="beta" >}} + +You can scale Indexed Jobs up or down by mutating both `.spec.parallelism` +and `.spec.completions` together such that `.spec.parallelism == .spec.completions`. +When the `ElasticIndexedJob`[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) +on the [API server](/docs/reference/command-line-tools-reference/kube-apiserver/) +is disabled, `.spec.completions` is immutable. + +Use cases for elastic Indexed Jobs include batch workloads which require +scaling an indexed Job, such as MPI, Horovord, Ray, and PyTorch training jobs. + ## Alternatives ### Bare Pods diff --git a/content/en/docs/concepts/workloads/controllers/statefulset.md b/content/en/docs/concepts/workloads/controllers/statefulset.md index cfa65e285ad..bdb0703f7af 100644 --- a/content/en/docs/concepts/workloads/controllers/statefulset.md +++ b/content/en/docs/concepts/workloads/controllers/statefulset.md @@ -160,7 +160,7 @@ pods will be assigned ordinals from 0 up through N-1. ### Start ordinal -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} `.spec.ordinals` is an optional field that allows you to configure the integer ordinals assigned to each Pod. It defaults to nil. You must enable the @@ -360,7 +360,7 @@ StatefulSet will then begin to recreate the Pods using the reverted template. ## PersistentVolumeClaim retention -{{< feature-state for_k8s_version="v1.23" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} The optional `.spec.persistentVolumeClaimRetentionPolicy` field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. You must enable the diff --git a/content/en/docs/concepts/workloads/pods/disruptions.md b/content/en/docs/concepts/workloads/pods/disruptions.md index 66d05ef92a3..1d2b33d55f5 100644 --- a/content/en/docs/concepts/workloads/pods/disruptions.md +++ b/content/en/docs/concepts/workloads/pods/disruptions.md @@ -136,6 +136,11 @@ against the disruption budget, but workload resources (such as Deployment and St are not limited by PDBs when doing rolling upgrades. Instead, the handling of failures during application updates is configured in the spec for the specific workload resource. +It is recommended to set `AlwaysAllow` [Unhealthy Pod Eviction Policy](/docs/tasks/run-application/configure-pdb/#unhealthy-pod-eviction-policy) +to your PodDisruptionBudgets to support eviction of misbehaving applications during a node drain. +The default behavior is to wait for the application pods to become [healthy](/docs/tasks/run-application/configure-pdb/#healthiness-of-a-pod) +before the drain can proceed. + When a pod is evicted using the eviction API, it is gracefully [terminated](/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination), honoring the `terminationGracePeriodSeconds` setting in its [PodSpec](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#podspec-v1-core). @@ -231,11 +236,6 @@ can happen, according to: {{< feature-state for_k8s_version="v1.26" state="beta" >}} -{{< note >}} -If you are using an older version of Kubernetes than {{< skew currentVersion >}} -please refer to the corresponding version of the documentation. -{{< /note >}} - {{< note >}} In order to use this behavior, you must have the `PodDisruptionConditions` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) @@ -247,7 +247,7 @@ that the Pod is about to be deleted due to a {{}} by a scheduler in order to accommodate a new Pod with a higher priority. For more information, see [Pod priority preemption](/docs/concepts/scheduling-eviction/pod-priority-preemption/). `DeletionByTaintManager` diff --git a/content/en/docs/concepts/workloads/pods/downward-api.md b/content/en/docs/concepts/workloads/pods/downward-api.md index a3cb201d473..971475199c5 100644 --- a/content/en/docs/concepts/workloads/pods/downward-api.md +++ b/content/en/docs/concepts/workloads/pods/downward-api.md @@ -107,10 +107,10 @@ for resources such as CPU and memory. : A container's memory request `resource: limits.hugepages-*` -: A container's hugepages limit (provided that the `DownwardAPIHugePages` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) is enabled) +: A container's hugepages limit `resource: requests.hugepages-*` -: A container's hugepages request (provided that the `DownwardAPIHugePages` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) is enabled) +: A container's hugepages request `resource: limits.ephemeral-storage` : A container's ephemeral-storage limit diff --git a/content/en/docs/concepts/workloads/pods/pod-lifecycle.md b/content/en/docs/concepts/workloads/pods/pod-lifecycle.md index 9e599d23e71..b209a6a65f3 100644 --- a/content/en/docs/concepts/workloads/pods/pod-lifecycle.md +++ b/content/en/docs/concepts/workloads/pods/pod-lifecycle.md @@ -91,6 +91,12 @@ A Pod is granted a term to terminate gracefully, which defaults to 30 seconds. You can use the flag `--force` to [terminate a Pod by force](/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination-forced). {{< /note >}} +Since Kubernetes 1.27, the kubelet transitions deleted pods, except for +[static pods](/docs/tasks/configure-pod-container/static-pod/) and +[force-deleted pods](/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination-forced) +without a finalizer, to a terminal phase (`Failed` or `Succeeded` depending on +the exit statuses of the pod containers) before their deletion from the API server. + If a node dies or is disconnected from the rest of the cluster, Kubernetes applies a policy for setting the `phase` of all Pods on the lost node to Failed. @@ -296,10 +302,7 @@ Each probe must define exactly one of these four mechanisms: The target should implement [gRPC health checks](https://grpc.io/grpc/core/md_doc_health-checking.html). The diagnostic is considered successful if the `status` - of the response is `SERVING`. - gRPC probes are an alpha feature and are only available if you - enable the `GRPCContainerProbe` - [feature gate](/docs/reference/command-line-tools-reference/feature-gates/). + of the response is `SERVING`. `httpGet` : Performs an HTTP `GET` request against the Pod's IP @@ -494,6 +497,8 @@ feature gate `EndpointSliceTerminatingCondition` is enabled. 1. When the grace period expires, the kubelet triggers forcible shutdown. The container runtime sends `SIGKILL` to any processes still running in any container in the Pod. The kubelet also cleans up a hidden `pause` container if that container runtime uses one. +1. The kubelet transitions the pod into a terminal phase (`Failed` or `Succeeded` depending on + the end state of its containers). This step is guaranteed since version 1.27. 1. The kubelet triggers forcible removal of Pod object from the API server, by setting grace period to 0 (immediate deletion). 1. The API server deletes the Pod's API object, which is then no longer visible from any client. diff --git a/content/en/docs/concepts/workloads/pods/pod-qos.md b/content/en/docs/concepts/workloads/pods/pod-qos.md index fa0385e11e6..d95b0815ad7 100644 --- a/content/en/docs/concepts/workloads/pods/pod-qos.md +++ b/content/en/docs/concepts/workloads/pods/pod-qos.md @@ -85,6 +85,22 @@ CPU limit or a CPU request. Containers in a Pod can request other resources (not CPU or memory) and still be classified as `BestEffort`. +## Memory QoS with cgroup v2 + +{{< feature-state for_k8s_version="v1.22" state="alpha" >}} + +Memory QoS uses the memory controller of cgroup v2 to guarantee memory resources in Kubernetes. +Memory requests and limits of containers in pod are used to set specific interfaces `memory.min` +and `memory.high` provided by the memory controller. When `memory.min` is set to memory requests, +memory resources are reserved and never reclaimed by the kernel; this is how Memory QoS ensures +memory availability for Kubernetes pods. And if memory limits are set in the container, +this means that the system needs to limit container memory usage; Memory QoS uses `memory.high` +to throttle workload approaching its memory limit, ensuring that the system is not overwhelmed +by instantaneous memory allocation. + +Memory QoS relies on QoS class to determine which settings to apply; however, these are different +mechanisms that both provide controls over quality of service. + ## Some behavior is independent of QoS class {#class-independent-behavior} Certain behavior is independent of the QoS class assigned by Kubernetes. For example: diff --git a/content/en/docs/concepts/workloads/pods/user-namespaces.md b/content/en/docs/concepts/workloads/pods/user-namespaces.md index ca536ad48d2..1c620b9479e 100644 --- a/content/en/docs/concepts/workloads/pods/user-namespaces.md +++ b/content/en/docs/concepts/workloads/pods/user-namespaces.md @@ -31,18 +31,32 @@ mitigate some future vulnerabilities too. {{% thirdparty-content %}} +This is a Linux-only feature and support is needed in Linux for idmap mounts on +the filesystems used. This means: + +* On the node, the filesystem you use for `/var/lib/kubelet/pods/`, or the + custom directory you configure for this, needs idmap mount support. +* All the filesystems used in the pod's volumes must support idmap mounts. + +In practice this means you need at least Linux 6.3, as tmpfs started supporting +idmap mounts in that version. This is usually needed as several Kubernetes +features use tmpfs (the service account token that is mounted by default uses a +tmpfs, Secrets use a tmpfs, etc.) + +Some popular filesystems that support idmap mounts in Linux 6.3 are: btrfs, +ext4, xfs, fat, tmpfs, overlayfs. + -This is a Linux only feature. In addition, support is needed in the +In addition, support is needed in the {{< glossary_tooltip text="container runtime" term_id="container-runtime" >}} to use this feature with Kubernetes stateless pods: * CRI-O: version 1.25 (and later) supports user namespaces for containers. -* containerd: version 1.7 supports user namespaces for containers, compatible - with Kubernetes v1.25 and v1.26, but not with later releases. If you are - running a different version of Kubernetes, check the documentation for that - Kubernetes release. +Please note that containerd v1.7 supports user namespaces for containers, +compatible with Kubernetes {{< skew currentVersion >}}. It should not be used +with Kubernetes 1.27 (and later). Support for this in [cri-dockerd is not planned][CRI-dockerd-issue] yet. @@ -154,13 +168,6 @@ volume types are allowed: * downwardAPI * emptyDir -To guarantee that the pod can read the files of such volumes, volumes are -created as if you specified `.spec.securityContext.fsGroup` as `0` for the Pod. -If it is specified to a different value, this other value will of course be -honored instead. +## {{% heading "whatsnext" %}} -As a by-product of this, folders and files for these volumes will have -permissions for the group, even if `defaultMode` or `mode` to specific items of -the volumes were specified without permissions to groups. For example, it is not -possible to mount these volumes in a way that its files have permissions only -for the owner. +* Take a look at [Use a User Namespace With a Pod](/docs/tasks/configure-pod-container/user-namespaces/) diff --git a/content/en/docs/reference/_index.md b/content/en/docs/reference/_index.md index 960881e77f0..7fa6d578fde 100644 --- a/content/en/docs/reference/_index.md +++ b/content/en/docs/reference/_index.md @@ -100,7 +100,6 @@ operator to use or manage a cluster. ## Config API for kubeadm -* [v1beta2](/docs/reference/config-api/kubeadm-config.v1beta2/) * [v1beta3](/docs/reference/config-api/kubeadm-config.v1beta3/) ## Design Docs diff --git a/content/en/docs/reference/access-authn-authz/authentication.md b/content/en/docs/reference/access-authn-authz/authentication.md index 6ab9ba3c75d..ed0c8ef5cfa 100644 --- a/content/en/docs/reference/access-authn-authz/authentication.md +++ b/content/en/docs/reference/access-authn-authz/authentication.md @@ -1221,7 +1221,7 @@ The following `ExecCredential` manifest describes a cluster information sample. ## API access to authentication information for a client {#self-subject-review} -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} If your cluster has the API enabled, you can use the `SelfSubjectReview` API to find out how your Kubernetes cluster maps your authentication information to identify you as a client. This works whether you are authenticating as a user (typically representing @@ -1231,11 +1231,11 @@ a real person) or as a ServiceAccount. Request example (the body would be a `SelfSubjectReview`): ``` -POST /apis/authentication.k8s.io/v1alpha1/selfsubjectreviews +POST /apis/authentication.k8s.io/v1beta1/selfsubjectreviews ``` ```json { - "apiVersion": "authentication.k8s.io/v1alpha1", + "apiVersion": "authentication.k8s.io/v1beta1", "kind": "SelfSubjectReview" } ``` @@ -1243,7 +1243,7 @@ Response example: ```json { - "apiVersion": "authentication.k8s.io/v1alpha1", + "apiVersion": "authentication.k8s.io/v1beta1", "kind": "SelfSubjectReview", "status": { "userInfo": { @@ -1262,7 +1262,7 @@ Response example: } ``` -For convenience, the `kubectl alpha auth whoami` command is present. Executing this command will produce the following output (yet different user attributes will be shown): +For convenience, the `kubectl auth whoami` command is present. Executing this command will produce the following output (yet different user attributes will be shown): * Simple output example ``` @@ -1352,8 +1352,8 @@ By default, all authenticated users can create `SelfSubjectReview` objects when You can only make `SelfSubjectReview` requests if: * the `APISelfSubjectReview` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) - is enabled for your cluster -* the API server for your cluster has the `authentication.k8s.io/v1alpha1` + is enabled for your cluster (enabled by default after reaching Beta) +* the API server for your cluster has the `authentication.k8s.io/v1alpha1` or `authentication.k8s.io/v1beta1` {{< glossary_tooltip term_id="api-group" text="API group" >}} enabled. {{< /note >}} diff --git a/content/en/docs/reference/access-authn-authz/certificate-signing-requests.md b/content/en/docs/reference/access-authn-authz/certificate-signing-requests.md index aa95223bb05..ba41e551618 100644 --- a/content/en/docs/reference/access-authn-authz/certificate-signing-requests.md +++ b/content/en/docs/reference/access-authn-authz/certificate-signing-requests.md @@ -4,27 +4,33 @@ reviewers: - mikedanese - munnerz - enj -title: Certificate Signing Requests +title: Certificates and Certificate Signing Requests content_type: concept weight: 25 --- -{{< feature-state for_k8s_version="v1.19" state="stable" >}} - -The Certificates API enables automation of +Kubernetes certificate and trust bundle APIs enable automation of [X.509](https://www.itu.int/rec/T-REC-X.509) credential provisioning by providing a programmatic interface for clients of the Kubernetes API to request and obtain X.509 {{< glossary_tooltip term_id="certificate" text="certificates" >}} from a Certificate Authority (CA). +There is also experimental (alpha) support for distributing [trust bundles](#cluster-trust-bundles). + + + +## Certificate signing requests + +{{< feature-state for_k8s_version="v1.19" state="stable" >}} + + A CertificateSigningRequest (CSR) resource is used to request that a certificate be signed by a denoted signer, after which the request may be approved or denied before finally being signed. - -## Request signing process +### Request signing process The CertificateSigningRequest resource type allows a client to ask for an X.509 certificate be issued, based on a signing request. @@ -64,12 +70,46 @@ state for some duration: * Pending requests: automatically deleted after 24 hours * All requests: automatically deleted after the issued certificate has expired +### Certificate signing authorization {#authorization} + +To allow creating a CertificateSigningRequest and retrieving any CertificateSigningRequest: + +* Verbs: `create`, `get`, `list`, `watch`, group: `certificates.k8s.io`, resource: `certificatesigningrequests` + +For example: + +{{< codenew file="access/certificate-signing-request/clusterrole-create.yaml" >}} + +To allow approving a CertificateSigningRequest: + +* Verbs: `get`, `list`, `watch`, group: `certificates.k8s.io`, resource: `certificatesigningrequests` +* Verbs: `update`, group: `certificates.k8s.io`, resource: `certificatesigningrequests/approval` +* Verbs: `approve`, group: `certificates.k8s.io`, resource: `signers`, resourceName: `/` or `/*` + +For example: + +{{< codenew file="access/certificate-signing-request/clusterrole-approve.yaml" >}} + +To allow signing a CertificateSigningRequest: + +* Verbs: `get`, `list`, `watch`, group: `certificates.k8s.io`, resource: `certificatesigningrequests` +* Verbs: `update`, group: `certificates.k8s.io`, resource: `certificatesigningrequests/status` +* Verbs: `sign`, group: `certificates.k8s.io`, resource: `signers`, resourceName: `/` or `/*` + +{{< codenew file="access/certificate-signing-request/clusterrole-sign.yaml" >}} + + ## Signers -Custom signerNames can also be specified. All signers should provide information about how they work so that clients can predict what will happen to their CSRs. +Signers abstractly represent the entity or entities that might sign, or have +signed, a security certificate. + +Any signer that is made available for outside a particular cluster should provide information +about how the signer works, so that consumers can understand what that means for CertifcateSigningRequests +and (if enabled) [ClusterTrustBundles](#cluster-trust-bundles). This includes: -1. **Trust distribution**: how trust (CA bundles) are distributed. +1. **Trust distribution**: how trust anchors (CA certificates or certificate bundles) are distributed. 1. **Permitted subjects**: any restrictions on and behavior when a disallowed subject is requested. 1. **Permitted x509 extensions**: including IP subjectAltNames, DNS subjectAltNames, Email subjectAltNames, URI subjectAltNames etc, and behavior when a disallowed extension is requested. 1. **Permitted key usages / extended key usages**: any restrictions on and behavior when usages different than the signer-determined usages are specified in the CSR. @@ -77,13 +117,17 @@ This includes: and the behavior when the signer-determined expiration is different from the CSR `spec.expirationSeconds` field. 1. **CA bit allowed/disallowed**: and behavior if a CSR contains a request a for a CA certificate when the signer does not permit it. -Commonly, the `status.certificate` field contains a single PEM-encoded X.509 -certificate once the CSR is approved and the certificate is issued. Some -signers store multiple certificates into the `status.certificate` field. In +Commonly, the `status.certificate` field of a CertificateSigningRequest contains a +single PEM-encoded X.509 certificate once the CSR is approved and the certificate is issued. +Some signers store multiple certificates into the `status.certificate` field. In that case, the documentation for the signer should specify the meaning of additional certificates; for example, this might be the certificate plus intermediates to be presented during TLS handshakes. +If you want to make the _trust anchor_ (root certificate) available, this should be done +separately from a CertificateSigningRequest and its `status.certificate` field. For example, +you could use a ClusterTrustBundle. + The PKCS#10 signing request format does not have a standard mechanism to specify a certificate expiration or lifetime. The expiration or lifetime therefore has to be set through the `spec.expirationSeconds` field of the CSR object. The built-in signers @@ -153,9 +197,8 @@ Kubernetes provides built-in signers that each have a well-known `signerName`: of the `--cluster-signing-duration` option or, if specified, the `spec.expirationSeconds` field of the CSR object. 1. CA bit allowed/disallowed - not allowed. -{{< note >}} -Failures for all of these are only reported in kube-controller-manager logs. -{{< /note >}} +The kube-controller-manager implements [control plane signing](#signer-control-plane) for each of the built in +signers. Failures for all of these are only reported in kube-controller-manager logs. {{< note >}} The `spec.expirationSeconds` field was added in Kubernetes v1.22. Earlier versions of Kubernetes do not honor this field. @@ -168,156 +211,89 @@ kube-apiserver, but this is not a standard. None of these usages are related to ServiceAccount token secrets `.data[ca.crt]` in any way. That CA bundle is only guaranteed to verify a connection to the API server using the default service (`kubernetes.default.svc`). -## Authorization +### Custom signers -To allow creating a CertificateSigningRequest and retrieving any CertificateSigningRequest: +You can also introduce your own custom signer, which should have a similar prefixed name but using your +own domain name. For example, if you represent an open source project that uses the domain `open-fictional.example` +then you might use `issuer.open-fictional.example/service-mesh` as a signer name. -* Verbs: `create`, `get`, `list`, `watch`, group: `certificates.k8s.io`, resource: `certificatesigningrequests` +A custom signer uses the Kubernetes API to issue a certificate. See [API-based signers](#signer-api). -For example: +## Signing -{{< codenew file="access/certificate-signing-request/clusterrole-create.yaml" >}} +### Control plane signer {#signer-control-plane} -To allow approving a CertificateSigningRequest: +The Kubernetes control plane implements each of the +[Kubernetes signers](/docs/reference/access-authn-authz/certificate-signing-requests/#kubernetes-signers), +as part of the kube-controller-manager. -* Verbs: `get`, `list`, `watch`, group: `certificates.k8s.io`, resource: `certificatesigningrequests` -* Verbs: `update`, group: `certificates.k8s.io`, resource: `certificatesigningrequests/approval` -* Verbs: `approve`, group: `certificates.k8s.io`, resource: `signers`, resourceName: `/` or `/*` +{{< note >}} +Prior to Kubernetes v1.18, the kube-controller-manager would sign any CSRs that +were marked as approved. +{{< /note >}} -For example: +{{< note >}} +The `spec.expirationSeconds` field was added in Kubernetes v1.22. Earlier versions of Kubernetes do not honor this field. +Kubernetes API servers prior to v1.22 will silently drop this field when the object is created. +{{< /note >}} -{{< codenew file="access/certificate-signing-request/clusterrole-approve.yaml" >}} +### API-based signers {#signer-api} -To allow signing a CertificateSigningRequest: +Users of the REST API can sign CSRs by submitting an UPDATE request to the `status` +subresource of the CSR to be signed. -* Verbs: `get`, `list`, `watch`, group: `certificates.k8s.io`, resource: `certificatesigningrequests` -* Verbs: `update`, group: `certificates.k8s.io`, resource: `certificatesigningrequests/status` -* Verbs: `sign`, group: `certificates.k8s.io`, resource: `signers`, resourceName: `/` or `/*` +As part of this request, the `status.certificate` field should be set to contain the +signed certificate. This field contains one or more PEM-encoded certificates. -{{< codenew file="access/certificate-signing-request/clusterrole-sign.yaml" >}} +All PEM blocks must have the "CERTIFICATE" label, contain no headers, +and the encoded data must be a BER-encoded ASN.1 Certificate structure +as described in [section 4 of RFC5280](https://tools.ietf.org/html/rfc5280#section-4.1). -## Normal user +Example certificate content: -A few steps are required in order to get a normal user to be able to -authenticate and invoke an API. First, this user must have a certificate issued -by the Kubernetes cluster, and then present that certificate to the Kubernetes API. - -### Create private key - -The following scripts show how to generate PKI private key and CSR. It is -important to set CN and O attribute of the CSR. CN is the name of the user and -O is the group that this user will belong to. You can refer to -[RBAC](/docs/reference/access-authn-authz/rbac/) for standard groups. - -```shell -openssl genrsa -out myuser.key 2048 -openssl req -new -key myuser.key -out myuser.csr +``` +-----BEGIN CERTIFICATE----- +MIIDgjCCAmqgAwIBAgIUC1N1EJ4Qnsd322BhDPRwmg3b/oAwDQYJKoZIhvcNAQEL +BQAwXDELMAkGA1UEBhMCeHgxCjAIBgNVBAgMAXgxCjAIBgNVBAcMAXgxCjAIBgNV +BAoMAXgxCjAIBgNVBAsMAXgxCzAJBgNVBAMMAmNhMRAwDgYJKoZIhvcNAQkBFgF4 +MB4XDTIwMDcwNjIyMDcwMFoXDTI1MDcwNTIyMDcwMFowNzEVMBMGA1UEChMMc3lz +dGVtOm5vZGVzMR4wHAYDVQQDExVzeXN0ZW06bm9kZToxMjcuMC4wLjEwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDne5X2eQ1JcLZkKvhzCR4Hxl9+ZmU3 ++e1zfOywLdoQxrPi+o4hVsUH3q0y52BMa7u1yehHDRSaq9u62cmi5ekgXhXHzGmm +kmW5n0itRECv3SFsSm2DSghRKf0mm6iTYHWDHzUXKdm9lPPWoSOxoR5oqOsm3JEh +Q7Et13wrvTJqBMJo1GTwQuF+HYOku0NF/DLqbZIcpI08yQKyrBgYz2uO51/oNp8a +sTCsV4OUfyHhx2BBLUo4g4SptHFySTBwlpRWBnSjZPOhmN74JcpTLB4J5f4iEeA7 +2QytZfADckG4wVkhH3C2EJUmRtFIBVirwDn39GXkSGlnvnMgF3uLZ6zNAgMBAAGj +YTBfMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjAMBgNVHRMB +Af8EAjAAMB0GA1UdDgQWBBTREl2hW54lkQBDeVCcd2f2VSlB1DALBgNVHREEBDAC +ggAwDQYJKoZIhvcNAQELBQADggEBABpZjuIKTq8pCaX8dMEGPWtAykgLsTcD2jYr +L0/TCrqmuaaliUa42jQTt2OVsVP/L8ofFunj/KjpQU0bvKJPLMRKtmxbhXuQCQi1 +qCRkp8o93mHvEz3mTUN+D1cfQ2fpsBENLnpS0F4G/JyY2Vrh19/X8+mImMEK5eOy +o0BMby7byUj98WmcUvNCiXbC6F45QTmkwEhMqWns0JZQY+/XeDhEcg+lJvz9Eyo2 +aGgPsye1o3DpyXnyfJWAWMhOz7cikS5X2adesbgI86PhEHBXPIJ1v13ZdfCExmdd +M1fLPhLyR54fGaY+7/X8P9AZzPefAkwizeXwe9ii6/a08vWoiE4= +-----END CERTIFICATE----- ``` -### Create CertificateSigningRequest +Non-PEM content may appear before or after the CERTIFICATE PEM blocks and is unvalidated, +to allow for explanatory text as described in [section 5.2 of RFC7468](https://www.rfc-editor.org/rfc/rfc7468#section-5.2). -Create a CertificateSigningRequest and submit it to a Kubernetes Cluster via kubectl. Below is a script to generate the CertificateSigningRequest. +When encoded in JSON or YAML, this field is base-64 encoded. +A CertificateSigningRequest containing the example certificate above would look like this: -```shell -cat < myuser.crt -``` - -### Create Role and RoleBinding - -With the certificate created it is time to define the Role and RoleBinding for -this user to access Kubernetes cluster resources. - -This is a sample command to create a Role for this new user: - -```shell -kubectl create role developer --verb=create --verb=get --verb=list --verb=update --verb=delete --resource=pods -``` - -This is a sample command to create a RoleBinding for this new user: - -```shell -kubectl create rolebinding developer-binding-myuser --role=developer --user=myuser -``` - -### Add to kubeconfig - -The last step is to add this user into the kubeconfig file. - -First, you need to add new credentials: - -```shell -kubectl config set-credentials myuser --client-key=myuser.key --client-certificate=myuser.crt --embed-certs=true - -``` - -Then, you need to add the context: - -```shell -kubectl config set-context myuser --cluster=kubernetes --user=myuser -``` - -To test it, change the context to `myuser`: - -```shell -kubectl config use-context myuser +... +status: + certificate: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JS..." ``` ## Approval or rejection {#approval-rejection} +Before a [signer](#signers) issues a certificate based on a CertificateSigningRequest, +the signer typically checks that the issuance for that CSR has been _approved_. + ### Control plane automated approval {#approval-rejection-control-plane} The kube-controller-manager ships with a built-in approver for certificates with @@ -389,76 +365,236 @@ code using TitleCase; this is a convention but you can set it to anything you like. If you want to add a note for human consumption, use the `status.conditions.message` field. -## Signing -### Control plane signer {#signer-control-plane} +## Cluster trust bundles {#cluster-trust-bundles} -The Kubernetes control plane implements each of the -[Kubernetes signers](/docs/reference/access-authn-authz/certificate-signing-requests/#kubernetes-signers), -as part of the kube-controller-manager. +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} {{< note >}} -Prior to Kubernetes v1.18, the kube-controller-manager would sign any CSRs that -were marked as approved. +In Kubernetes {{< skew currentVersion >}}, you must enable the `ClusterTrustBundles` +[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) +_and_ the `certificates.k8s.io/v1alpha1` +{{< glossary_tooltip text="API group" term_id="api-group" >}} in order to use +this API. {{< /note >}} -{{< note >}} -The `spec.expirationSeconds` field was added in Kubernetes v1.22. Earlier versions of Kubernetes do not honor this field. -Kubernetes API servers prior to v1.22 will silently drop this field when the object is created. -{{< /note >}} +A ClusterTrustBundles is a cluster-scoped object for distributing X.509 trust +anchors (root certificates) to workloads within the cluster. They're designed +to work well with the [signer](#signers) concept from CertificateSigningRequests. -### API-based signers {#signer-api} +ClusterTrustBundles can be used in two modes: +[signer-linked](#ctb-signer-linked) and [signer-unlinked](#ctb-signer-unlinked). -Users of the REST API can sign CSRs by submitting an UPDATE request to the `status` -subresource of the CSR to be signed. +### Common properties and validation {#ctb-common} -As part of this request, the `status.certificate` field should be set to contain the -signed certificate. This field contains one or more PEM-encoded certificates. +All ClusterTrustBundle objects have strong validation on the contents of their +`trustBundle` field. That field must contain one or more X.509 certificates, +DER-serialized, each wrapped in a PEM `CERTIFICATE` block. The certificates +must parse as valid X.509 certificates. -All PEM blocks must have the "CERTIFICATE" label, contain no headers, -and the encoded data must be a BER-encoded ASN.1 Certificate structure -as described in [section 4 of RFC5280](https://tools.ietf.org/html/rfc5280#section-4.1). +Esoteric PEM features like inter-block data and intra-block headers are either +rejected during object validation, or can be ignored by consumers of the object. +Additionally, consumers are allowed to reorder the certificates in +the bundle with their own arbitrary but stable ordering. -Example certificate content: +ClusterTrustBundle objects should be considered world-readable within the +cluster. If your cluster uses [RBAC](/docs/reference/access-authn-authz/rbac/) +authorization, all ServiceAccounts have a default grant that allows them to +**get**, **list**, and **watch** all ClusterTrustBundle objects. +If you use your own authorization mechanism and you have enabled +ClusterTrustBundles in your cluster, you should set up an equivalent rule to +make these objects public within the cluster, so that they work as intended. -``` ------BEGIN CERTIFICATE----- -MIIDgjCCAmqgAwIBAgIUC1N1EJ4Qnsd322BhDPRwmg3b/oAwDQYJKoZIhvcNAQEL -BQAwXDELMAkGA1UEBhMCeHgxCjAIBgNVBAgMAXgxCjAIBgNVBAcMAXgxCjAIBgNV -BAoMAXgxCjAIBgNVBAsMAXgxCzAJBgNVBAMMAmNhMRAwDgYJKoZIhvcNAQkBFgF4 -MB4XDTIwMDcwNjIyMDcwMFoXDTI1MDcwNTIyMDcwMFowNzEVMBMGA1UEChMMc3lz -dGVtOm5vZGVzMR4wHAYDVQQDExVzeXN0ZW06bm9kZToxMjcuMC4wLjEwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDne5X2eQ1JcLZkKvhzCR4Hxl9+ZmU3 -+e1zfOywLdoQxrPi+o4hVsUH3q0y52BMa7u1yehHDRSaq9u62cmi5ekgXhXHzGmm -kmW5n0itRECv3SFsSm2DSghRKf0mm6iTYHWDHzUXKdm9lPPWoSOxoR5oqOsm3JEh -Q7Et13wrvTJqBMJo1GTwQuF+HYOku0NF/DLqbZIcpI08yQKyrBgYz2uO51/oNp8a -sTCsV4OUfyHhx2BBLUo4g4SptHFySTBwlpRWBnSjZPOhmN74JcpTLB4J5f4iEeA7 -2QytZfADckG4wVkhH3C2EJUmRtFIBVirwDn39GXkSGlnvnMgF3uLZ6zNAgMBAAGj -YTBfMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjAMBgNVHRMB -Af8EAjAAMB0GA1UdDgQWBBTREl2hW54lkQBDeVCcd2f2VSlB1DALBgNVHREEBDAC -ggAwDQYJKoZIhvcNAQELBQADggEBABpZjuIKTq8pCaX8dMEGPWtAykgLsTcD2jYr -L0/TCrqmuaaliUa42jQTt2OVsVP/L8ofFunj/KjpQU0bvKJPLMRKtmxbhXuQCQi1 -qCRkp8o93mHvEz3mTUN+D1cfQ2fpsBENLnpS0F4G/JyY2Vrh19/X8+mImMEK5eOy -o0BMby7byUj98WmcUvNCiXbC6F45QTmkwEhMqWns0JZQY+/XeDhEcg+lJvz9Eyo2 -aGgPsye1o3DpyXnyfJWAWMhOz7cikS5X2adesbgI86PhEHBXPIJ1v13ZdfCExmdd -M1fLPhLyR54fGaY+7/X8P9AZzPefAkwizeXwe9ii6/a08vWoiE4= ------END CERTIFICATE----- +If you do not have permission to list cluster trust bundles by default in your +cluster, you can impersonate a service account you have access to in order to +see available ClusterTrustBundles: + +```bash +kubectl get clustertrustbundles --as='system:serviceaccount:mynamespace:default' ``` -Non-PEM content may appear before or after the CERTIFICATE PEM blocks and is unvalidated, -to allow for explanatory text as described in [section 5.2 of RFC7468](https://www.rfc-editor.org/rfc/rfc7468#section-5.2). +### Signer-linked ClusterTrustBundles {#ctb-signer-linked} -When encoded in JSON or YAML, this field is base-64 encoded. -A CertificateSigningRequest containing the example certificate above would look like this: +Signer-linked ClusterTrustBundles are associated with a _signer name_, like this: ```yaml +apiVersion: certificates.k8s.io/v1alpha1 +kind: ClusterTrustBundle +metadata: + name: example.com:mysigner:foo +spec: + signerName: example.com/mysigner + trustBundle: "<... PEM data ...>" +``` + +These ClusterTrustBundles are intended to be maintained by a signer-specific +controller in the cluster, so they have several security features: + +* To create or update a signer-linked ClusterTrustBundle, you must be permitted + to **attest** on the signer (custom authorization verb `attest`, + API group `certificates.k8s.io`; resource path `signers`). You can configure + authorization for the specific resource name + `/` or match a pattern such as + `/*`. +* Signer-linked ClusterTrustBundles **must** be named with a prefix derived from + their `spec.signerName` field. Slashes (`/`) are replaced with colons (`:`), + and a final colon is appended. This is followed by an arbitary name. For + example, the signer `example.com/mysigner` can be linked to a + ClusterTrustBundle `example.com:mysigner:`. + +Signer-linked ClusterTrustBundles will typically be consumed in workloads +by a combination of a +[field selector](/docs/concepts/overview/working-with-objects/field-selectors/) on the signer name, and a separate +[label selector](/docs/concepts/overview/working-with-objects/labels/#label-selectors). + +### Signer-unlinked ClusterTrustBundles {#ctb-signer-unlinked} + +Signer-unlinked ClusterTrustBundles have an empty `spec.signerName` field, like this: + +```yaml +apiVersion: certificates.k8s.io/v1alpha1 +kind: ClusterTrustBundle +metadata: + name: foo +spec: + # no signerName specified, so the field is blank + trustBundle: "<... PEM data ...>" +``` + +They are primarily intended for cluster configuration use cases. Each +signer-unlinked ClusterTrustBundle is an independent object, in contrast to the +customary grouping behavior of signer-linked ClusterTrustBundles. + +Signer-unlinked ClusterTrustBundles have no `attest` verb requirement. +Instead, you control access to them directly using the usual mechanisms, +such as role-based access control. + +To distinguish them from signer-linked ClusterTrustBundles, the names of +signer-unlinked ClusterTrustBundles **must not** contain a colon (`:`). + + +## How to issue a certificate for a user {#normal-user} + +A few steps are required in order to get a normal user to be able to +authenticate and invoke an API. First, this user must have a certificate issued +by the Kubernetes cluster, and then present that certificate to the Kubernetes API. + +### Create private key + +The following scripts show how to generate PKI private key and CSR. It is +important to set CN and O attribute of the CSR. CN is the name of the user and +O is the group that this user will belong to. You can refer to +[RBAC](/docs/reference/access-authn-authz/rbac/) for standard groups. + +```shell +openssl genrsa -out myuser.key 2048 +openssl req -new -key myuser.key -out myuser.csr +``` + +### Create a CertificateSigningRequest {#create-certificatessigningrequest} + +Create a CertificateSigningRequest and submit it to a Kubernetes Cluster via kubectl. Below is a script to generate the CertificateSigningRequest. + +```shell +cat < myuser.crt +``` + +### Create Role and RoleBinding + +With the certificate created it is time to define the Role and RoleBinding for +this user to access Kubernetes cluster resources. + +This is a sample command to create a Role for this new user: + +```shell +kubectl create role developer --verb=create --verb=get --verb=list --verb=update --verb=delete --resource=pods +``` + +This is a sample command to create a RoleBinding for this new user: + +```shell +kubectl create rolebinding developer-binding-myuser --role=developer --user=myuser +``` + +### Add to kubeconfig + +The last step is to add this user into the kubeconfig file. + +First, you need to add new credentials: + +```shell +kubectl config set-credentials myuser --client-key=myuser.key --client-certificate=myuser.crt --embed-certs=true + +``` + +Then, you need to add the context: + +```shell +kubectl config set-context myuser --cluster=kubernetes --user=myuser +``` + +To test it, change the context to `myuser`: + +```shell +kubectl config use-context myuser +``` + + ## {{% heading "whatsnext" %}} * Read [Manage TLS Certificates in a Cluster](/docs/tasks/tls/managing-tls-in-a-cluster/) diff --git a/content/en/docs/reference/access-authn-authz/extensible-admission-controllers.md b/content/en/docs/reference/access-authn-authz/extensible-admission-controllers.md index da59b907c48..7c3636e49b1 100644 --- a/content/en/docs/reference/access-authn-authz/extensible-admission-controllers.md +++ b/content/en/docs/reference/access-authn-authz/extensible-admission-controllers.md @@ -719,6 +719,97 @@ webhooks: The `matchPolicy` for an admission webhooks defaults to `Equivalent`. +### Matching requests: `matchConditions` + +{{< feature-state state="alpha" for_k8s_version="v1.27" >}} + +{{< note >}} +Use of `matchConditions` requires the [featuregate](/docs/reference/command-line-tools-reference/feature-gates/) +`AdmissionWebhookMatchConditions` to be explicitly enabled on the kube-apiserver before this feature can be used. +{{< /note >}} + +You can define _match conditions_for webhooks if you need fine-grained request filtering. These +conditions are useful if you find that match rules, `objectSelectors` and `namespaceSelectors` still +doesn't provide the filtering you want over when to call out over HTTP. Match conditions are +[CEL expressions](/docs/reference/using-api/cel/). All match conditions must evaluate to true for the +webhook to be called. + +Here is an example illustrating a few different uses for match conditions: + +```yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +webhooks: + - name: my-webhook.example.com + matchPolicy: Equivalent + rules: + - operations: ['CREATE','UPDATE'] + apiGroups: ['*'] + apiVersions: ['*'] + resources: ['*'] + failurePolicy: 'Ignore' # Fail-open (optional) + sideEffects: None + clientConfig: + service: + namespace: my-namespace + name: my-webhook + caBundle: '' + matchConditions: + - name: 'exclude-leases' # Each match condition must have a unique name + expression: '!(request.resource.group == "coordination.k8s.io" && request.resource.resource == "leases")' # Match non-lease resources. + - name: 'exclude-kubelet-requests' + expression: '!("system:nodes" in request.userInfo.groups)' # Match requests made by non-node users. + - name: 'rbac' # Skip RBAC requests, which are handled by the second webhook. + expression: 'request.resource.group != "rbac.authorization.k8s.io"' + + # This example illustrates the use of the 'authorizer'. The authorization check is more expensive + # than a simple expression, so in this example it is scoped to only RBAC requests by using a second + # webhook. Both webhooks can be served by the same endpoint. + - name: rbac.my-webhook.example.com + matchPolicy: Equivalent + rules: + - operations: ['CREATE','UPDATE'] + apiGroups: ['rbac.authorization.k8s.io'] + apiVersions: ['*'] + resources: ['*'] + failurePolicy: 'Fail' # Fail-closed (the default) + sideEffects: None + clientConfig: + service: + namespace: my-namespace + name: my-webhook + caBundle: '' + matchConditions: + - name: 'breakglass' + # Skip requests made by users authorized to 'breakglass' on this webhook. + # The 'breakglass' API verb does not need to exist outside this check. + expression: '!authorizer.group("admissionregistration.k8s.io").resource("validatingwebhookconfigurations").name("my-webhook.example.com").check("breakglass").allowed()' +``` + +Match conditions have access to the following CEL variables: + +- `object` - The object from the incoming request. The value is null for DELETE requests. The object + version may be converted based on the [matchPolicy](#matching-requests-matchpolicy). +- `oldObject` - The existing object. The value is null for CREATE requests. +- `request` - The request portion of the [AdmissionReview](#request), excluding `object` and `oldObject`. +- `authorizer` - A CEL Authorizer. May be used to perform authorization checks for the principal + (authenticated user) of the request. See + [Authz](https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz) in the Kubernetes CEL library + documentation for more details. +- `authorizer.requestResource` - A shortcut for an authorization check configured with the request + resource (group, resource, (subresource), namespace, name). + +For more information on CEL expressions, refer to the +[Common Expression Language in Kubernetes reference](/docs/reference/using-api/cel/). + +In the event of an error evaluating a match condition the webhook is never called. Whether to reject +the request is determined as follows: + +1. If **any** match condition evaluated to `false` (regardless of other errors), the API server skips the webhook. +2. Otherwise: + - for [`failurePolicy: Fail`](#failure-policy), reject the request (without calling the webhook). + - for [`failurePolicy: Ignore`](#failure-policy), proceed with the request but skip the webhook. + ### Contacting the webhook Once the API server has determined a request should be sent to a webhook, @@ -1175,4 +1266,3 @@ cause the control plane components to stop functioning or introduce unknown beha If your admission webhooks don't intend to modify the behavior of the Kubernetes control plane, exclude the `kube-system` namespace from being intercepted using a [`namespaceSelector`](#matching-requests-namespaceselector). - diff --git a/content/en/docs/reference/access-authn-authz/rbac.md b/content/en/docs/reference/access-authn-authz/rbac.md index a5bb85f5029..06d84c8e06f 100644 --- a/content/en/docs/reference/access-authn-authz/rbac.md +++ b/content/en/docs/reference/access-authn-authz/rbac.md @@ -929,8 +929,8 @@ to a role that grants that permission. To allow a user to create/update role bin 1. Grant them a role that allows them to create/update RoleBinding or ClusterRoleBinding objects, as desired. 2. Grant them permissions needed to bind a particular role: - * implicitly, by giving them the permissions contained in the role. - * explicitly, by giving them permission to perform the `bind` verb on the particular Role (or ClusterRole). + * implicitly, by giving them the permissions contained in the role. + * explicitly, by giving them permission to perform the `bind` verb on the particular Role (or ClusterRole). For example, this ClusterRole and RoleBinding would allow `user-1` to grant other users the `admin`, `edit`, and `view` roles in the namespace `user-1-namespace`: @@ -1105,7 +1105,7 @@ Examples: * Test applying a manifest file of RBAC objects, displaying changes that would be made: - ``` + ```shell kubectl auth reconcile -f my-rbac-rules.yaml --dry-run=client ``` @@ -1260,7 +1260,7 @@ Here are two approaches for managing this transition: Run both the RBAC and ABAC authorizers, and specify a policy file that contains the [legacy ABAC policy](/docs/reference/access-authn-authz/abac/#policy-file-format): -``` +```shell --authorization-mode=...,RBAC,ABAC --authorization-policy-file=mypolicy.json ``` diff --git a/content/en/docs/reference/access-authn-authz/validating-admission-policy.md b/content/en/docs/reference/access-authn-authz/validating-admission-policy.md index 2bf6610eebd..a9c802b6058 100644 --- a/content/en/docs/reference/access-authn-authz/validating-admission-policy.md +++ b/content/en/docs/reference/access-authn-authz/validating-admission-policy.md @@ -92,6 +92,7 @@ metadata: name: "demo-binding-test.example.com" spec: policyName: "demo-policy.example.com" + validationActions: [Deny] matchResources: namespaceSelector: matchLabels: @@ -107,6 +108,37 @@ ValidatingAdmissionPolicy 'demo-policy.example.com' with binding 'demo-binding-t The above provides a simple example of using ValidatingAdmissionPolicy without a parameter configured. +#### Validation actions + +Each `ValidatingAdmissionPolicyBinding` must specify one or more +`validationActions` to declare how `validations` of a policy are enforced. + +The supported `validationActions` are: + +- `Deny`: Validation failure results in a denied request. +- `Warn`: Validation failure is reported to the request client + as a [warning](/blog/2020/09/03/warnings/). +- `Audit`: Validation failure is included in the audit event for the API request. + +For example, to both warn clients about a validation failure and to audit the +validation failures, use: + +```yaml +validationActions: [Warn, Audit] +``` + +`Deny` and `Warn` may not be used together since this combination +needlessly duplicates the validation failure both in the +API response body and the HTTP warning headers. + +A `validation` that evaluates to false is always enforced according to these +actions. Failures defined by the `failurePolicy` are enforced +according to these actions only if the `failurePolicy` is set to `Fail` (or unset), +otherwise the failures are ignored. + +See [Audit Annotations: validation falures](/docs/reference/labels-annotations-taints/audit-annotations/#validation-policy-admission-k8s-io-validation_failure) +for more details about the validation failure audit annotation. + #### Parameter resources Parameter resources allow a policy configuration to be separate from its definition. @@ -159,6 +191,7 @@ metadata: name: "replicalimit-binding-test.example.com" spec: policyName: "replicalimit-policy.example.com" + validationActions: [Deny] paramRef: name: "replica-limit-test.example.com" matchResources: @@ -188,6 +221,7 @@ metadata: name: "replicalimit-binding-nontest" spec: policyName: "replicalimit-policy.example.com" + validationActions: [Deny] paramRef: name: "replica-limit-clusterwide.example.com" matchResources: @@ -219,6 +253,7 @@ metadata: name: "replicalimit-binding-global" spec: policyName: "replicalimit-policy.example.com" + validationActions: [Deny] params: "replica-limit-clusterwide.example.com" matchResources: namespaceSelector: @@ -299,6 +334,12 @@ variables as well as some other useful variables: - 'request' - Attributes of the [admission request](/docs/reference/config-api/apiserver-admission.v1/#admission-k8s-io-v1-AdmissionRequest). - 'params' - Parameter resource referred to by the policy binding being evaluated. The value is null if `ParamKind` is unset. +- `authorizer` - A CEL Authorizer. May be used to perform authorization checks for the principal + (authenticated user) of the request. See + [Authz](https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz) in the Kubernetes CEL library + documentation for more details. +- `authorizer.requestResource` - A shortcut for an authorization check configured with the request + resource (group, resource, (subresource), namespace, name). The `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object. No other metadata properties are accessible. @@ -323,12 +364,12 @@ For example, `int` in the word “sprint” would not be escaped. Examples on escaping: -|property name | rule with escaped property name | -| ----------------| ----------------------- | -| namespace | `self.__namespace__ > 0` | -| x-prop | `self.x__dash__prop > 0` | -| redact__d | `self.redact__underscores__d > 0` | -| string | `self.startsWith('kube')` | +|property name | rule with escaped property name | +| ----------------|-----------------------------------| +| namespace | `object.__namespace__ > 0` | +| x-prop | `object.x__dash__prop > 0` | +| redact__d | `object.redact__underscores__d > 0` | +| string | `object.startsWith('kube')` | Equality on arrays with list type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type: @@ -365,3 +406,175 @@ HTTP response code, are used in the HTTP response to the client. The currently supported reasons are: `Unauthorized`, `Forbidden`, `Invalid`, `RequestEntityTooLarge`. If not set, `StatusReasonInvalid` is used in the response to the client. +### Matching requests: `matchConditions` + +You can define _match conditions_ for a `ValidatingAdmissionPolicy` if you need fine-grained request filtering. These +conditions are useful if you find that match rules, `objectSelectors` and `namespaceSelectors` still +doesn't provide the filtering you want. Match conditions are +[CEL expressions](/docs/reference/using-api/cel/). All match conditions must evaluate to true for the +resource to be evaluated. + +Here is an example illustrating a few different uses for match conditions: + +{{< codenew file="access/validating-admission-policy-match-conditions.yaml" >}} + +Match conditions have access to the same CEL variables as validation expressions. + +In the event of an error evaluating a match condition the policy is not evaluated. Whether to reject +the request is determined as follows: + +1. If **any** match condition evaluated to `false` (regardless of other errors), the API server skips the policy. +2. Otherwise: + - for [`failurePolicy: Fail`](#failure-policy), reject the request (without evaluating the policy). + - for [`failurePolicy: Ignore`](#failure-policy), proceed with the request but skip the policy. + +### Audit annotations + +`auditAnnotations` may be used to include audit annotations in the audit event of the API request. + +For example, here is an admission policy with an audit annotation: + +{{< codenew file="access/validating-admission-policy-audit-annotation.yaml" >}} + +When an API request is validated with this admission policy, the resulting audit event will look like: + +``` +# the audit event recorded +{ + "kind": "Event", + "apiVersion": "audit.k8s.io/v1", + "annotations": { + "demo-policy.example.com/high-replica-count": "Deployment spec.replicas set to 128" + # other annotations + ... + } + # other fields + ... +} +``` + +In this example the annotation will only be included if the `spec.replicas` of the Deployment is more than +50, otherwise the CEL expression evalutes to null and the annotation will not be included. + +Note that audit annotation keys are prefixed by the name of the `ValidatingAdmissionWebhook` and a `/`. If +another admission controller, such as an admission webhook, uses the exact same audit annotation key, the +value of the first admission controller to include the audit annotation will be included in the audit +event and all other values will be ignored. + +### Message expression + +To return a more friendly message when the policy rejects a request, we can use a CEL expression +to composite a message with `spec.validations[i].messageExpression`. Similar to the validation expression, +a message expression has access to `object`, `oldObject`, `request`, and `params`. Unlike validations, +message expression must evaluate to a string. + +For example, to better inform the user of the reason of denial when the policy refers to a parameter, +we can have the following validation: + +{{< codenew file="access/deployment-replicas-policy.yaml" >}} + +After creating a params object that limits the replicas to 3 and setting up the binding, +when we try to create a deployment with 5 replicas, we will receive the following message. + +``` +$ kubectl create deploy --image=nginx nginx --replicas=5 +error: failed to create deployment: deployments.apps "nginx" is forbidden: ValidatingAdmissionPolicy 'deploy-replica-policy.example.com' with binding 'demo-binding-test.example.com' denied request: object.spec.replicas must be no greater than 3 +``` + +This is more informative than a static message of "too many replicas". + +The message expression takes precedence over the static message defined in `spec.validations[i].message` if both are defined. +However, if the message expression fails to evaluate, the static message will be used instead. +Additionally, if the message expression evaluates to a multi-line string, +the evaluation result will be discarded and the static message will be used if present. +Note that static message is validated against multi-line strings. + +### Type checking + +When a policy definition is created or updated, the validation process parses the expressions it contains +and reports any syntax errors, rejecting the definition if any errors are found. +Afterward, the referred variables are checked for type errors, including missing fields and type confusion, +against the matched types of `spec.matchConstraints`. +The result of type checking can be retrieved from `status.typeChecking`. +The presence of `status.typeChecking` indicates the completion of type checking, +and an empty `status.typeChecking` means that no errors were detected. + +For example, given the following policy definition: + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicy +metadata: + name: "deploy-replica-policy.example.com" +spec: + matchConstraints: + resourceRules: + - apiGroups: ["apps"] + apiVersions: ["v1"] + operations: ["CREATE", "UPDATE"] + resources: ["deployments"] + validations: + - expression: "object.replicas > 1" # should be "object.spec.replicas > 1" + message: "must be replicated" + reason: Invalid +``` + +The status will yield the following information: + +```yaml +status: + typeChecking: + expressionWarnings: + - fieldRef: spec.validations[0].expression + warning: |- + apps/v1, Kind=Deployment: ERROR: :1:7: undefined field 'replicas' + | object.replicas > 1 + | ......^ +``` + +If multiple resources are matched in `spec.matchConstraints`, all of matched resources will be checked against. +For example, the following policy definition + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicy +metadata: + name: "replica-policy.example.com" +spec: + matchConstraints: + resourceRules: + - apiGroups: ["apps"] + apiVersions: ["v1"] + operations: ["CREATE", "UPDATE"] + resources: ["deployments","replicasets"] + validations: + - expression: "object.replicas > 1" # should be "object.spec.replicas > 1" + message: "must be replicated" + reason: Invalid +``` + +will have multiple types and type checking result of each type in the warning message. + +```yaml +status: + typeChecking: + expressionWarnings: + - fieldRef: spec.validations[0].expression + warning: |- + apps/v1, Kind=Deployment: ERROR: :1:7: undefined field 'replicas' + | object.replicas > 1 + | ......^ + apps/v1, Kind=ReplicaSet: ERROR: :1:7: undefined field 'replicas' + | object.replicas > 1 + | ......^ +``` + +Type Checking has the following limitation: + +- No wildcard matching. If `spec.matchConstraints.resourceRules` contains `"*"` in any of `apiGroups`, `apiVersions` or `resources`, + the types that `"*"` matches will not be checked. +- The number of matched types is limited to 10. This is to prevent a policy that manually specifying too many types. + to consume excessive computing resources. In the order of ascending group, version, and then resource, 11th combination and beyond are ignored. +- Type Checking does not affect the policy behavior in any way. Even if the type checking detects errors, the policy will continue + to evaluate. If errors do occur during evaluate, the failure policy will decide its outcome. +- Type Checking does not apply to CRDs, including matched CRD types and reference of paramKind. The support for CRDs will come in future release. diff --git a/content/en/docs/reference/command-line-tools-reference/feature-gates-removed.md b/content/en/docs/reference/command-line-tools-reference/feature-gates-removed.md index 0244c7703e1..eebb0137e38 100644 --- a/content/en/docs/reference/command-line-tools-reference/feature-gates-removed.md +++ b/content/en/docs/reference/command-line-tools-reference/feature-gates-removed.md @@ -58,8 +58,22 @@ In the following table: | `CSIDriverRegistry` | `false` | Alpha | 1.12 | 1.13 | | `CSIDriverRegistry` | `true` | Beta | 1.14 | 1.17 | | `CSIDriverRegistry` | `true` | GA | 1.18 | 1.21 | +| `CSIInlineVolume` | `false` | Alpha | 1.15 | 1.15 | +| `CSIInlineVolume` | `true` | Beta | 1.16 | 1.24 | +| `CSIInlineVolume` | `true` | GA | 1.25 | 1.26 | +| `CSIMigration` | `false` | Alpha | 1.14 | 1.16 | +| `CSIMigration` | `true` | Beta | 1.17 | 1.24 | +| `CSIMigration` | `true` | GA | 1.25 | 1.26 | +| `CSIMigrationAWS` | `false` | Alpha | 1.14 | 1.16 | +| `CSIMigrationAWS` | `false` | Beta | 1.17 | 1.22 | +| `CSIMigrationAWS` | `true` | Beta | 1.23 | 1.24 | +| `CSIMigrationAWS` | `true` | GA | 1.25 | 1.26 | | `CSIMigrationAWSComplete` | `false` | Alpha | 1.17 | 1.20 | | `CSIMigrationAWSComplete` | - | Deprecated | 1.21 | 1.21 | +| `CSIMigrationAzureDisk` | `false` | Alpha | 1.15 | 1.18 | +| `CSIMigrationAzureDisk` | `false` | Beta | 1.19 | 1.22 | +| `CSIMigrationAzureDisk` | `true` | Beta | 1.23 | 1.23 | +| `CSIMigrationAzureDisk` | `true` | GA | 1.24 | 1.26 | | `CSIMigrationAzureDiskComplete` | `false` | Alpha | 1.17 | 1.20 | | `CSIMigrationAzureDiskComplete` | - | Deprecated | 1.21 | 1.21 | | `CSIMigrationAzureFileComplete` | `false` | Alpha | 1.17 | 1.20 | @@ -85,14 +99,17 @@ In the following table: | `CSIVolumeFSGroupPolicy` | `false` | Alpha | 1.19 | 1.19 | | `CSIVolumeFSGroupPolicy` | `true` | Beta | 1.20 | 1.22 | | `CSIVolumeFSGroupPolicy` | `true` | GA | 1.23 | 1.25 | +| `CSRDuration` | `true` | Beta | 1.22 | 1.23 | +| `CSRDuration` | `true` | GA | 1.24 | 1.25 | | `ConfigurableFSGroupPolicy` | `false` | Alpha | 1.18 | 1.19 | | `ConfigurableFSGroupPolicy` | `true` | Beta | 1.20 | 1.22 | | `ConfigurableFSGroupPolicy` | `true` | GA | 1.23 | 1.25 | +| `ControllerManagerLeaderMigration` | `false` | Alpha | 1.21 | 1.21 | +| `ControllerManagerLeaderMigration` | `true` | Beta | 1.22 | 1.23 | +| `ControllerManagerLeaderMigration` | `true` | GA | 1.24 | 1.26 | | `CronJobControllerV2` | `false` | Alpha | 1.20 | 1.20 | | `CronJobControllerV2` | `true` | Beta | 1.21 | 1.21 | | `CronJobControllerV2` | `true` | GA | 1.22 | 1.23 | -| `CSRDuration` | `true` | Beta | 1.22 | 1.23 | -| `CSRDuration` | `true` | GA | 1.24 | 1.25 | | `CustomPodDNS` | `false` | Alpha | 1.9 | 1.9 | | `CustomPodDNS` | `true` | Beta| 1.10 | 1.13 | | `CustomPodDNS` | `true` | GA | 1.14 | 1.16 | @@ -111,6 +128,9 @@ In the following table: | `CustomResourceWebhookConversion` | `false` | Alpha | 1.13 | 1.14 | | `CustomResourceWebhookConversion` | `true` | Beta | 1.15 | 1.15 | | `CustomResourceWebhookConversion` | `true` | GA | 1.16 | 1.18 | +| `DaemonSetUpdateSurge` | `false` | Alpha | 1.21 | 1.21 | +| `DaemonSetUpdateSurge` | `true` | Beta | 1.22 | 1.24 | +| `DaemonSetUpdateSurge` | `true` | GA | 1.25 | 1.26 | | `DefaultPodTopologySpread` | `false` | Alpha | 1.19 | 1.19 | | `DefaultPodTopologySpread` | `true` | Beta | 1.20 | 1.23 | | `DefaultPodTopologySpread` | `true` | GA | 1.24 | 1.25 | @@ -135,9 +155,21 @@ In the following table: | `EndpointSliceProxying` | `false` | Alpha | 1.18 | 1.18 | | `EndpointSliceProxying` | `true` | Beta | 1.19 | 1.21 | | `EndpointSliceProxying` | `true` | GA | 1.22 | 1.24 | +| `EphemeralContainers` | `false` | Alpha | 1.16 | 1.22 | +| `EphemeralContainers` | `true` | Beta | 1.23 | 1.24 | +| `EphemeralContainers` | `true` | GA | 1.25 | 1.26 | | `EvenPodsSpread` | `false` | Alpha | 1.16 | 1.17 | | `EvenPodsSpread` | `true` | Beta | 1.18 | 1.18 | | `EvenPodsSpread` | `true` | GA | 1.19 | 1.21 | +| `ExpandCSIVolumes` | `false` | Alpha | 1.14 | 1.15 | +| `ExpandCSIVolumes` | `true` | Beta | 1.16 | 1.23 | +| `ExpandCSIVolumes` | `true` | GA | 1.24 | 1.26 | +| `ExpandInUsePersistentVolumes` | `false` | Alpha | 1.11 | 1.14 | +| `ExpandInUsePersistentVolumes` | `true` | Beta | 1.15 | 1.23 | +| `ExpandInUsePersistentVolumes` | `true` | GA | 1.24 | 1.26 | +| `ExpandPersistentVolumes` | `false` | Alpha | 1.8 | 1.10 | +| `ExpandPersistentVolumes` | `true` | Beta | 1.11 | 1.23 | +| `ExpandPersistentVolumes` | `true` | GA | 1.24 | 1.26 | | `ExperimentalCriticalPodAnnotation` | `false` | Alpha | 1.5 | 1.12 | | `ExperimentalCriticalPodAnnotation` | `false` | Deprecated | 1.13 | 1.16 | | `ExternalPolicyForExternalIP` | `true` | GA | 1.18 | 1.22 | @@ -157,6 +189,9 @@ In the following table: | `IPv6DualStack` | `false` | Alpha | 1.15 | 1.20 | | `IPv6DualStack` | `true` | Beta | 1.21 | 1.22 | | `IPv6DualStack` | `true` | GA | 1.23 | 1.24 | +| `IdentifyPodOS` | `false` | Alpha | 1.23 | 1.23 | +| `IdentifyPodOS` | `true` | Beta | 1.24 | 1.24 | +| `IdentifyPodOS` | `true` | GA | 1.25 | 1.26 | | `ImmutableEphemeralVolumes` | `false` | Alpha | 1.18 | 1.18 | | `ImmutableEphemeralVolumes` | `true` | Beta | 1.19 | 1.20 | | `ImmutableEphemeralVolumes` | `true` | GA | 1.21 | 1.24 | @@ -176,6 +211,9 @@ In the following table: | `LegacyNodeRoleBehavior` | `false` | Alpha | 1.16 | 1.18 | | `LegacyNodeRoleBehavior` | `true` | Beta | 1.19 | 1.20 | | `LegacyNodeRoleBehavior` | `false` | GA | 1.21 | 1.22 | +| `LocalStorageCapacityIsolation` | `false` | Alpha | 1.7 | 1.9 | +| `LocalStorageCapacityIsolation` | `true` | Beta | 1.10 | 1.24 | +| `LocalStorageCapacityIsolation` | `true` | GA | 1.25 | 1.26 | | `MountContainers` | `false` | Alpha | 1.9 | 1.16 | | `MountContainers` | `false` | Deprecated | 1.17 | 1.17 | | `MountPropagation` | `false` | Alpha | 1.8 | 1.9 | @@ -183,6 +221,9 @@ In the following table: | `MountPropagation` | `true` | GA | 1.12 | 1.14 | | `NamespaceDefaultLabelName` | `true` | Beta | 1.21 | 1.21 | | `NamespaceDefaultLabelName` | `true` | GA | 1.22 | 1.23 | +| `NetworkPolicyEndPort` | `false` | Alpha | 1.21 | 1.21 | +| `NetworkPolicyEndPort` | `true` | Beta | 1.22 | 1.24 | +| `NetworkPolicyEndPort` | `true` | GA | 1.25 | 1.26 | | `NodeDisruptionExclusion` | `false` | Alpha | 1.16 | 1.18 | | `NodeDisruptionExclusion` | `true` | Beta | 1.19 | 1.20 | | `NodeDisruptionExclusion` | `true` | GA | 1.21 | 1.22 | @@ -270,6 +311,9 @@ In the following table: | `StartupProbe` | `false` | Alpha | 1.16 | 1.17 | | `StartupProbe` | `true` | Beta | 1.18 | 1.19 | | `StartupProbe` | `true` | GA | 1.20 | 1.23 | +| `StatefulSetMinReadySeconds` | `false` | Alpha | 1.22 | 1.22 | +| `StatefulSetMinReadySeconds` | `true` | Beta | 1.23 | 1.24 | +| `StatefulSetMinReadySeconds` | `true` | GA | 1.25 | 1.26 | | `StorageObjectInUseProtection` | `true` | Beta | 1.10 | 1.10 | | `StorageObjectInUseProtection` | `true` | GA | 1.11 | 1.24 | | `StreamingProxyRedirects` | `false` | Beta | 1.5 | 1.5 | @@ -385,6 +429,18 @@ In the following table: - `CSIDriverRegistry`: Enable all logic related to the CSIDriver API object in `csi.storage.k8s.io`. +- `CSIInlineVolume`: Enable CSI Inline volumes support for pods. + +- `CSIMigration`: Enables shims and translation logic to route volume + operations from in-tree plugins to corresponding pre-installed CSI plugins + +- `CSIMigrationAWS`: Enables shims and translation logic to route volume + operations from the AWS-EBS in-tree plugin to EBS CSI plugin. Supports + falling back to in-tree EBS plugin for mount operations to nodes that have + the feature disabled or that do not have EBS CSI plugin installed and + configured. Does not support falling back for provision operations, for those + the CSI plugin must be installed and configured. + - `CSIMigrationAWSComplete`: Stops registering the EBS in-tree plugin in kubelet and volume controllers and enables shims and translation logic to route volume operations from the AWS-EBS in-tree plugin to EBS CSI plugin. @@ -393,6 +449,14 @@ In the following table: been deprecated in favor of the `InTreePluginAWSUnregister` feature flag which prevents the registration of in-tree EBS plugin. +- `CSIMigrationAzureDisk`: Enables shims and translation logic to route volume + operations from the Azure-Disk in-tree plugin to AzureDisk CSI plugin. + Supports falling back to in-tree AzureDisk plugin for mount operations to + nodes that have the feature disabled or that do not have AzureDisk CSI plugin + installed and configured. Does not support falling back for provision + operations, for those the CSI plugin must be installed and configured. + Requires CSIMigration feature flag enabled. + - `CSIMigrationAzureDiskComplete`: Stops registering the Azure-Disk in-tree plugin in kubelet and volume controllers and enables shims and translation logic to route volume operations from the Azure-Disk in-tree plugin to @@ -469,6 +533,13 @@ In the following table: {{< glossary_tooltip text="CronJob" term_id="cronjob" >}} controller. Otherwise, version 1 of the same controller is selected. +- `ControllerManagerLeaderMigration`: Enables Leader Migration for + [kube-controller-manager](/docs/tasks/administer-cluster/controller-manager-leader-migration/#initial-leader-migration-configuration) and + [cloud-controller-manager](/docs/tasks/administer-cluster/controller-manager-leader-migration/#deploy-cloud-controller-manager) + which allows a cluster operator to live migrate + controllers from the kube-controller-manager into an external controller-manager + (e.g. the cloud-controller-manager) in an HA cluster without downtime. + - `CustomPodDNS`: Enable customizing the DNS settings for a Pod using its `dnsConfig` property. Check [Pod's DNS Config](/docs/concepts/services-networking/dns-pod-service/#pods-dns-config) for more details. @@ -486,6 +557,10 @@ In the following table: - `CustomResourceWebhookConversion`: Enable webhook-based conversion on resources created from [CustomResourceDefinition](/docs/concepts/extend-kubernetes/api-extension/custom-resources/). +- `DaemonSetUpdateSurge`: Enables the DaemonSet workloads to maintain + availability during update per node. + See [Perform a Rolling Update on a DaemonSet](/docs/tasks/manage-daemon/update-daemon-set/). + - `DefaultPodTopologySpread`: Enables the use of `PodTopologySpread` scheduling plugin to do [default spreading](/docs/concepts/scheduling-eviction/topology-spread-constraints/#internal-default-constraints). @@ -518,9 +593,21 @@ In the following table: Endpoints, enabling scalability and performance improvements. See [Enabling Endpoint Slices](/docs/concepts/services-networking/endpoint-slices/). +- `EphemeralContainers`: Enable the ability to add + {{< glossary_tooltip text="ephemeral containers" term_id="ephemeral-container" >}} + to running Pods. + - `EvenPodsSpread`: Enable pods to be scheduled evenly across topology domains. See [Pod Topology Spread Constraints](/docs/concepts/scheduling-eviction/topology-spread-constraints/). +- `ExpandCSIVolumes`: Enable the expanding of CSI volumes. + +- `ExpandInUsePersistentVolumes`: Enable expanding in-use PVCs. See + [Resizing an in-use PersistentVolumeClaim](/docs/concepts/storage/persistent-volumes/#resizing-an-in-use-persistentvolumeclaim). + +- `ExpandPersistentVolumes`: Enable the expanding of persistent volumes. See + [Expanding Persistent Volumes Claims](/docs/concepts/storage/persistent-volumes/#expanding-persistent-volumes-claims). + - `ExperimentalCriticalPodAnnotation`: Enable annotating specific pods as *critical* so that their [scheduling is guaranteed](/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/). This feature is deprecated by Pod Priority and Preemption as of v1.13. @@ -548,6 +635,11 @@ In the following table: - `IPv6DualStack`: Enable [dual stack](/docs/concepts/services-networking/dual-stack/) support for IPv6. +- `IdentifyPodOS`: Allows the Pod OS field to be specified. This helps in identifying + the OS of the pod authoritatively during the API server admission time. + In Kubernetes {{< skew currentVersion >}}, the allowed values for the `pod.spec.os.name` + are `windows` and `linux`. + - `ImmutableEphemeralVolumes`: Allows for marking individual Secrets and ConfigMaps as immutable for better safety and performance. @@ -573,6 +665,11 @@ In the following table: node disruption will ignore the `node-role.kubernetes.io/master` label in favor of the feature-specific labels provided by `NodeDisruptionExclusion` and `ServiceNodeExclusion`. +- `LocalStorageCapacityIsolation`: Enable the consumption of + [local ephemeral storage](/docs/concepts/configuration/manage-resources-containers/) + and also the `sizeLimit` property of an + [emptyDir volume](/docs/concepts/storage/volumes/#emptydir). + - `MountContainers`: Enable using utility containers on host as the volume mounter. - `MountPropagation`: Enable sharing volume mounted by one container to other containers or pods. @@ -683,6 +780,9 @@ In the following table: - `StartupProbe`: Enable the [startup](/docs/concepts/workloads/pods/pod-lifecycle/#when-should-you-use-a-startup-probe) probe in the kubelet. +- `StatefulSetMinReadySeconds`: Allows `minReadySeconds` to be respected by + the StatefulSet controller. + - `StorageObjectInUseProtection`: Postpone the deletion of PersistentVolume or PersistentVolumeClaim objects if they are still being used. diff --git a/content/en/docs/reference/command-line-tools-reference/feature-gates.md b/content/en/docs/reference/command-line-tools-reference/feature-gates.md index 1ea5df83424..a68aa6a9a19 100644 --- a/content/en/docs/reference/command-line-tools-reference/feature-gates.md +++ b/content/en/docs/reference/command-line-tools-reference/feature-gates.md @@ -62,11 +62,15 @@ For a reference to old feature gates that are removed, please refer to | `APIPriorityAndFairness` | `true` | Beta | 1.20 | | | `APIResponseCompression` | `false` | Alpha | 1.7 | 1.15 | | `APIResponseCompression` | `true` | Beta | 1.16 | | -| `APISelfSubjectReview` | `false` | Alpha | 1.26 | | +| `APISelfSubjectReview` | `false` | Alpha | 1.26 | 1.26 | +| `APISelfSubjectReview` | `true` | Beta | 1.27 | | | `APIServerIdentity` | `false` | Alpha | 1.20 | 1.25 | | `APIServerIdentity` | `true` | Beta | 1.26 | | -| `APIServerTracing` | `false` | Alpha | 1.22 | | -| `AggregatedDiscoveryEndpoint` | `false` | Alpha | 1.26 | | +| `APIServerTracing` | `false` | Alpha | 1.22 | 1.26 | +| `APIServerTracing` | `true` | Beta | 1.27 | | +| `AdmissionWebhookMatchConditions` | `false` | Alpha | 1.27 | | +| `AggregatedDiscoveryEndpoint` | `false` | Alpha | 1.26 | 1.26 | +| `AggregatedDiscoveryEndpoint` | `true` | Beta | 1.27 | | | `AnyVolumeDataSource` | `false` | Alpha | 1.18 | 1.23 | | `AnyVolumeDataSource` | `true` | Beta | 1.24 | | | `AppArmor` | `true` | Beta | 1.4 | | @@ -77,37 +81,40 @@ For a reference to old feature gates that are removed, please refer to | `CSIMigrationPortworx` | `false` | Alpha | 1.23 | 1.24 | | `CSIMigrationPortworx` | `false` | Beta | 1.25 | | | `CSIMigrationRBD` | `false` | Alpha | 1.23 | | -| `CSINodeExpandSecret` | `false` | Alpha | 1.25 | | +| `CSINodeExpandSecret` | `false` | Alpha | 1.25 | 1.26 | +| `CSINodeExpandSecret` | `true` | Beta | 1.27 | | | `CSIVolumeHealth` | `false` | Alpha | 1.21 | | -| `ComponentSLIs` | `false` | Alpha | 1.26 | | +| `CloudControllerManagerWebhook` | false | Alpha | 1.27 | | +| `CloudDualStackNodeIPs` | false | Alpha | 1.27 | | +| `ClusterTrustBundle` | false | Alpha | 1.27 | | +| `ComponentSLIs` | `false` | Alpha | 1.26 | 1.26 | +| `ComponentSLIs` | `true` | Beta | 1.27 | | | `ContainerCheckpoint` | `false` | Alpha | 1.25 | | | `ContextualLogging` | `false` | Alpha | 1.24 | | -| `CronJobTimeZone` | `false` | Alpha | 1.24 | 1.24 | -| `CronJobTimeZone` | `true` | Beta | 1.25 | | | `CrossNamespaceVolumeDataSource` | `false` | Alpha| 1.26 | | | `CustomCPUCFSQuotaPeriod` | `false` | Alpha | 1.12 | | | `CustomResourceValidationExpressions` | `false` | Alpha | 1.23 | 1.24 | | `CustomResourceValidationExpressions` | `true` | Beta | 1.25 | | | `DisableCloudProviders` | `false` | Alpha | 1.22 | | | `DisableKubeletCloudCredentialProviders` | `false` | Alpha | 1.23 | | -| `DownwardAPIHugePages` | `false` | Alpha | 1.20 | 1.20 | -| `DownwardAPIHugePages` | `false` | Beta | 1.21 | 1.21 | -| `DownwardAPIHugePages` | `true` | Beta | 1.22 | | | `DynamicResourceAllocation` | `false` | Alpha | 1.26 | | -| `EventedPLEG` | `false` | Alpha | 1.26 | - | +| `ElasticIndexedJob` | `true` | Beta` | 1.27 | | +| `EventedPLEG` | `false` | Alpha | 1.26 | 1.26 | +| `EventedPLEG` | `false` | Beta | 1.27 | - | | `ExpandedDNSConfig` | `false` | Alpha | 1.22 | 1.25 | | `ExpandedDNSConfig` | `true` | Beta | 1.26 | | | `ExperimentalHostUserNamespaceDefaulting` | `false` | Beta | 1.5 | | -| `GRPCContainerProbe` | `false` | Alpha | 1.23 | 1.23 | -| `GRPCContainerProbe` | `true` | Beta | 1.24 | | | `GracefulNodeShutdown` | `false` | Alpha | 1.20 | 1.20 | | `GracefulNodeShutdown` | `true` | Beta | 1.21 | | | `GracefulNodeShutdownBasedOnPodPriority` | `false` | Alpha | 1.23 | 1.23 | | `GracefulNodeShutdownBasedOnPodPriority` | `true` | Beta | 1.24 | | -| `HPAContainerMetrics` | `false` | Alpha | 1.20 | | +| `HPAContainerMetrics` | `false` | Alpha | 1.20 | 1.26 | +| `HPAContainerMetrics` | `true` | Beta | 1.27 | | | `HPAScaleToZero` | `false` | Alpha | 1.16 | | | `HonorPVReclaimPolicy` | `false` | Alpha | 1.23 | | -| `IPTablesOwnershipCleanup` | `false` | Alpha | 1.25 | | +| `IPTablesOwnershipCleanup` | `false` | Alpha | 1.25 | 1.26 | +| `IPTablesOwnershipCleanup` | `true` | Beta | 1.27 | | +| `InPlacePodVerticalScaling` | `false` | Alpha | 1.27 | | | `InTreePluginAWSUnregister` | `false` | Alpha | 1.21 | | | `InTreePluginAzureDiskUnregister` | `false` | Alpha | 1.21 | | | `InTreePluginAzureFileUnregister` | `false` | Alpha | 1.21 | | @@ -116,51 +123,61 @@ For a reference to old feature gates that are removed, please refer to | `InTreePluginPortworxUnregister` | `false` | Alpha | 1.23 | | | `InTreePluginRBDUnregister` | `false` | Alpha | 1.23 | | | `InTreePluginvSphereUnregister` | `false` | Alpha | 1.21 | | -| `JobMutableNodeSchedulingDirectives` | `true` | Beta | 1.23 | | | `JobPodFailurePolicy` | `false` | Alpha | 1.25 | 1.25 | | `JobPodFailurePolicy` | `true` | Beta | 1.26 | | | `JobReadyPods` | `false` | Alpha | 1.23 | 1.23 | | `JobReadyPods` | `true` | Beta | 1.24 | | -| `KMSv2` | `false` | Alpha | 1.25 | | +| `KMSv2` | `false` | Alpha | 1.25 | 1.26 | +| `KMSv2` | `true` | Beta | 1.27 | | | `KubeletInUserNamespace` | `false` | Alpha | 1.22 | | | `KubeletPodResources` | `false` | Alpha | 1.13 | 1.14 | | `KubeletPodResources` | `true` | Beta | 1.15 | | +| `KubeletPodResourcesDynamicResources` | `false` | Alpha | 1.27 | | +| `KubeletPodResourcesGet` | `false` | Alpha | 1.27 | | | `KubeletPodResourcesGetAllocatable` | `false` | Alpha | 1.21 | 1.22 | | `KubeletPodResourcesGetAllocatable` | `true` | Beta | 1.23 | | -| `KubeletTracing` | `false` | Alpha | 1.25 | | -| `LegacyServiceAccountTokenTracking` | `false` | Alpha | 1.25 | | +| `KubeletTracing` | `false` | Alpha | 1.25 | 1.26 | +| `KubeletTracing` | `true` | Beta | 1.27 | | +| `LegacyServiceAccountTokenTracking` | `false` | Alpha | 1.26 | 1.26 | +| `LegacyServiceAccountTokenTracking` | `true` | Beta | 1.27 | | | `LocalStorageCapacityIsolationFSQuotaMonitoring` | `false` | Alpha | 1.15 | - | | `LogarithmicScaleDown` | `false` | Alpha | 1.21 | 1.21 | | `LogarithmicScaleDown` | `true` | Beta | 1.22 | | | `LoggingAlphaOptions` | `false` | Alpha | 1.24 | - | | `LoggingBetaOptions` | `true` | Beta | 1.24 | - | -| `MatchLabelKeysInPodTopologySpread` | `false` | Alpha | 1.25 | | +| `MatchLabelKeysInPodTopologySpread` | `false` | Alpha | 1.25 | 1.26 | +| `MatchLabelKeysInPodTopologySpread` | `true` | Beta | 1.27 | - | | `MaxUnavailableStatefulSet` | `false` | Alpha | 1.24 | | | `MemoryManager` | `false` | Alpha | 1.21 | 1.21 | | `MemoryManager` | `true` | Beta | 1.22 | | | `MemoryQoS` | `false` | Alpha | 1.22 | | | `MinDomainsInPodTopologySpread` | `false` | Alpha | 1.24 | 1.24 | -| `MinDomainsInPodTopologySpread` | `false` | Beta | 1.25 | | -| `MinimizeIPTablesRestore` | `false` | Alpha | 1.26 | - | +| `MinDomainsInPodTopologySpread` | `false` | Beta | 1.25 | 1.26 | +| `MinDomainsInPodTopologySpread` | `true` | Beta | 1.27 | | +| `MinimizeIPTablesRestore` | `false` | Alpha | 1.26 | 1.26 | +| `MinimizeIPTablesRestore` | `true` | Beta | 1.27 | | | `MultiCIDRRangeAllocator` | `false` | Alpha | 1.25 | | +| `MultiCIDRServiceAllocator` | `false` | Alpha | 1.27 | | | `NetworkPolicyStatus` | `false` | Alpha | 1.24 | | +| `NewVolumeManagerReconstruction` | `true` | Beta | 1.27 | | | `NodeInclusionPolicyInPodTopologySpread` | `false` | Alpha | 1.25 | 1.25 | | `NodeInclusionPolicyInPodTopologySpread` | `true` | Beta | 1.26 | | +| `NodeLogQuery` | `false` | Alpha | 1.27 | | | `NodeOutOfServiceVolumeDetach` | `false` | Alpha | 1.24 | 1.25 | | `NodeOutOfServiceVolumeDetach` | `true` | Beta | 1.26 | | | `NodeSwap` | `false` | Alpha | 1.22 | | | `OpenAPIEnums` | `false` | Alpha | 1.23 | 1.23 | | `OpenAPIEnums` | `true` | Beta | 1.24 | | -| `OpenAPIV3` | `false` | Alpha | 1.23 | 1.23 | -| `OpenAPIV3` | `true` | Beta | 1.24 | | -| `PDBUnhealthyPodEvictionPolicy` | `false` | Alpha | 1.26 | | +| `PDBUnhealthyPodEvictionPolicy` | `false` | Alpha | 1.26 | 1.26 | +| `PDBUnhealthyPodEvictionPolicy` | `true` | Beta | 1.27 | | | `PodAndContainerStatsFromCRI` | `false` | Alpha | 1.23 | | | `PodDeletionCost` | `false` | Alpha | 1.21 | 1.21 | | `PodDeletionCost` | `true` | Beta | 1.22 | | | `PodDisruptionConditions` | `false` | Alpha | 1.25 | 1.25 | | `PodDisruptionConditions` | `true` | Beta | 1.26 | | | `PodHasNetworkCondition` | `false` | Alpha | 1.25 | | -| `PodSchedulingReadiness` | `false` | Alpha | 1.26 | | +| `PodSchedulingReadiness` | `false` | Alpha | 1.26 | 1.26 | +| `PodSchedulingReadiness` | `true` | Beta | 1.27 | | | `ProbeTerminationGracePeriod` | `false` | Alpha | 1.21 | 1.21 | | `ProbeTerminationGracePeriod` | `false` | Beta | 1.22 | 1.24 | | `ProbeTerminationGracePeriod` | `true` | Beta | 1.25 | | @@ -168,7 +185,8 @@ For a reference to old feature gates that are removed, please refer to | `ProxyTerminatingEndpoints` | `false` | Alpha | 1.22 | 1.25 | | `ProxyTerminatingEndpoints` | `true` | Beta | 1.26 | | | `QOSReserved` | `false` | Alpha | 1.11 | | -| `ReadWriteOncePod` | `false` | Alpha | 1.22 | | +| `ReadWriteOncePod` | `false` | Alpha | 1.22 | 1.26 | +| `ReadWriteOncePod` | `true` | Beta | 1.27 | | | `RecoverVolumeExpansionFailure` | `false` | Alpha | 1.23 | | | `RemainingItemCount` | `false` | Alpha | 1.15 | 1.15 | | `RemainingItemCount` | `true` | Beta | 1.16 | | @@ -176,29 +194,30 @@ For a reference to old feature gates that are removed, please refer to | `RetroactiveDefaultStorageClass` | `true` | Beta | 1.26 | | | `RotateKubeletServerCertificate` | `false` | Alpha | 1.7 | 1.11 | | `RotateKubeletServerCertificate` | `true` | Beta | 1.12 | | -| `SELinuxMountReadWriteOncePod` | `false` | Alpha | 1.25 | | -| `SeccompDefault` | `false` | Alpha | 1.22 | 1.24 | -| `SeccompDefault` | `true` | Beta | 1.25 | | -| `ServerSideFieldValidation` | `false` | Alpha | 1.23 | 1.24 | -| `ServerSideFieldValidation` | `true` | Beta | 1.25 | | +| `SELinuxMountReadWriteOncePod` | `false` | Alpha | 1.25 | 1.26 | +| `SELinuxMountReadWriteOncePod` | `true` | Beta | 1.27 | | +| `SecurityContextDeny` | `false` | Alpha | 1.27 | | +| `ServiceNodePortStaticSubrange` | `false` | Alpha | 1.27 | | | `SizeMemoryBackedVolumes` | `false` | Alpha | 1.20 | 1.21 | | `SizeMemoryBackedVolumes` | `true` | Beta | 1.22 | | -| `StatefulSetAutoDeletePVC` | `false` | Alpha | 1.22 | | -| `StatefulSetStartOrdinal` | `false` | Alpha | 1.26 | | +| `StableLoadBalancerNodeGet` | `true` | Beta | 1.27 | | +| `StatefulSetAutoDeletePVC` | `false` | Alpha | 1.22 | 1.26 | +| `StatefulSetAutoDeletePVC` | `false` | Beta | 1.27 | | +| `StatefulSetStartOrdinal` | `false` | Alpha | 1.26 | 1.26 | +| `StatefulSetStartOrdinal` | `true` | Beta | 1.27 | | | `StorageVersionAPI` | `false` | Alpha | 1.20 | | | `StorageVersionHash` | `false` | Alpha | 1.14 | 1.14 | | `StorageVersionHash` | `true` | Beta | 1.15 | | | `TopologyAwareHints` | `false` | Alpha | 1.21 | 1.22 | | `TopologyAwareHints` | `false` | Beta | 1.23 | 1.23 | | `TopologyAwareHints` | `true` | Beta | 1.24 | | -| `TopologyManager` | `false` | Alpha | 1.16 | 1.17 | -| `TopologyManager` | `true` | Beta | 1.18 | | | `TopologyManagerPolicyAlphaOptions` | `false` | Alpha | 1.26 | | | `TopologyManagerPolicyBetaOptions` | `false` | Beta | 1.26 | | | `TopologyManagerPolicyOptions` | `false` | Alpha | 1.26 | | | `UserNamespacesStatelessPodsSupport` | `false` | Alpha | 1.25 | | | `ValidatingAdmissionPolicy` | `false` | Alpha | 1.26 | | | `VolumeCapacityPriority` | `false` | Alpha | 1.21 | - | +| `WatchList` | false | Alpha | 1.27 | | | `WinDSR` | `false` | Alpha | 1.14 | | | `WinOverlay` | `false` | Alpha | 1.14 | 1.19 | | `WinOverlay` | `true` | Beta | 1.20 | | @@ -217,20 +236,6 @@ For a reference to old feature gates that are removed, please refer to | `CPUManager` | `false` | Alpha | 1.8 | 1.9 | | `CPUManager` | `true` | Beta | 1.10 | 1.25 | | `CPUManager` | `true` | GA | 1.26 | - | -| `CSIInlineVolume` | `false` | Alpha | 1.15 | 1.15 | -| `CSIInlineVolume` | `true` | Beta | 1.16 | 1.24 | -| `CSIInlineVolume` | `true` | GA | 1.25 | - | -| `CSIMigration` | `false` | Alpha | 1.14 | 1.16 | -| `CSIMigration` | `true` | Beta | 1.17 | 1.24 | -| `CSIMigration` | `true` | GA | 1.25 | - | -| `CSIMigrationAWS` | `false` | Alpha | 1.14 | 1.16 | -| `CSIMigrationAWS` | `false` | Beta | 1.17 | 1.22 | -| `CSIMigrationAWS` | `true` | Beta | 1.23 | 1.24 | -| `CSIMigrationAWS` | `true` | GA | 1.25 | - | -| `CSIMigrationAzureDisk` | `false` | Alpha | 1.15 | 1.18 | -| `CSIMigrationAzureDisk` | `false` | Beta | 1.19 | 1.22 | -| `CSIMigrationAzureDisk` | `true` | Beta | 1.23 | 1.23 | -| `CSIMigrationAzureDisk` | `true` | GA | 1.24 | | | `CSIMigrationAzureFile` | `false` | Alpha | 1.15 | 1.20 | | `CSIMigrationAzureFile` | `false` | Beta | 1.21 | 1.23 | | `CSIMigrationAzureFile` | `true` | Beta | 1.24 | 1.25 | @@ -247,12 +252,9 @@ For a reference to old feature gates that are removed, please refer to | `CSIStorageCapacity` | `true` | Beta | 1.21 | 1.23 | | `CSIStorageCapacity` | `true` | GA | 1.24 | - | | `ConsistentHTTPGetHandlers` | `true` | GA | 1.25 | - | -| `ControllerManagerLeaderMigration` | `false` | Alpha | 1.21 | 1.21 | -| `ControllerManagerLeaderMigration` | `true` | Beta | 1.22 | 1.23 | -| `ControllerManagerLeaderMigration` | `true` | GA | 1.24 | - | -| `DaemonSetUpdateSurge` | `false` | Alpha | 1.21 | 1.21 | -| `DaemonSetUpdateSurge` | `true` | Beta | 1.22 | 1.24 | -| `DaemonSetUpdateSurge` | `true` | GA | 1.25 | - | +| `CronJobTimeZone` | `false` | Alpha | 1.24 | 1.24 | +| `CronJobTimeZone` | `true` | Beta | 1.25 | 1.26 | +| `CronJobTimeZone` | `true` | GA | 1.27 | - | | `DelegateFSGroupToCSIDriver` | `false` | Alpha | 1.22 | 1.22 | | `DelegateFSGroupToCSIDriver` | `true` | Beta | 1.23 | 1.25 | | `DelegateFSGroupToCSIDriver` | `true` | GA | 1.26 |-| @@ -262,6 +264,10 @@ For a reference to old feature gates that are removed, please refer to | `DisableAcceleratorUsageMetrics` | `false` | Alpha | 1.19 | 1.19 | | `DisableAcceleratorUsageMetrics` | `true` | Beta | 1.20 | 1.24 | | `DisableAcceleratorUsageMetrics` | `true` | GA | 1.25 |- | +| `DownwardAPIHugePages` | `false` | Alpha | 1.20 | 1.20 | +| `DownwardAPIHugePages` | `false` | Beta | 1.21 | 1.21 | +| `DownwardAPIHugePages` | `true` | Beta | 1.22 | 1.26 | +| `DownwardAPIHugePages` | `true` | GA | 1.27 | - | | `DryRun` | `false` | Alpha | 1.12 | 1.12 | | `DryRun` | `true` | Beta | 1.13 | 1.18 | | `DryRun` | `true` | GA | 1.19 | - | @@ -271,22 +277,12 @@ For a reference to old feature gates that are removed, please refer to | `EndpointSliceTerminatingCondition` | `false` | Alpha | 1.20 | 1.21 | | `EndpointSliceTerminatingCondition` | `true` | Beta | 1.22 | 1.25 | | `EndpointSliceTerminatingCondition` | `true` | GA | 1.26 | | -| `EphemeralContainers` | `false` | Alpha | 1.16 | 1.22 | -| `EphemeralContainers` | `true` | Beta | 1.23 | 1.24 | -| `EphemeralContainers` | `true` | GA | 1.25 | - | | `ExecProbeTimeout` | `true` | GA | 1.20 | - | -| `ExpandCSIVolumes` | `false` | Alpha | 1.14 | 1.15 | -| `ExpandCSIVolumes` | `true` | Beta | 1.16 | 1.23 | -| `ExpandCSIVolumes` | `true` | GA | 1.24 | - | -| `ExpandInUsePersistentVolumes` | `false` | Alpha | 1.11 | 1.14 | -| `ExpandInUsePersistentVolumes` | `true` | Beta | 1.15 | 1.23 | -| `ExpandInUsePersistentVolumes` | `true` | GA | 1.24 | - | -| `ExpandPersistentVolumes` | `false` | Alpha | 1.8 | 1.10 | -| `ExpandPersistentVolumes` | `true` | Beta | 1.11 | 1.23 | -| `ExpandPersistentVolumes` | `true` | GA | 1.24 |- | -| `IdentifyPodOS` | `false` | Alpha | 1.23 | 1.23 | -| `IdentifyPodOS` | `true` | Beta | 1.24 | 1.24 | -| `IdentifyPodOS` | `true` | GA | 1.25 | - | +| `GRPCContainerProbe` | `false` | Alpha | 1.23 | 1.23 | +| `GRPCContainerProbe` | `true` | Beta | 1.24 | 1.26 | +| `GRPCContainerProbe` | `true` | GA | 1.27 | | +| `JobMutableNodeSchedulingDirectives` | `true` | Beta | 1.23 | 1.26 | +| `JobMutableNodeSchedulingDirectives` | `true` | GA | 1.27 | | | `JobTrackingWithFinalizers` | `false` | Alpha | 1.22 | 1.22 | | `JobTrackingWithFinalizers` | `false` | Beta | 1.23 | 1.24 | | `JobTrackingWithFinalizers` | `true` | Beta | 1.25 | 1.25 | @@ -296,33 +292,36 @@ For a reference to old feature gates that are removed, please refer to | `KubeletCredentialProviders` | `true` | GA | 1.26 | - | | `LegacyServiceAccountTokenNoAutoGeneration` | `true` | Beta | 1.24 | 1.25 | | `LegacyServiceAccountTokenNoAutoGeneration` | `true` | GA | 1.26 | - | -| `LocalStorageCapacityIsolation` | `false` | Alpha | 1.7 | 1.9 | -| `LocalStorageCapacityIsolation` | `true` | Beta | 1.10 | 1.24 | -| `LocalStorageCapacityIsolation` | `true` | GA | 1.25 | - | | `MixedProtocolLBService` | `false` | Alpha | 1.20 | 1.23 | | `MixedProtocolLBService` | `true` | Beta | 1.24 | 1.25 | | `MixedProtocolLBService` | `true` | GA | 1.26 | - | -| `NetworkPolicyEndPort` | `false` | Alpha | 1.21 | 1.21 | -| `NetworkPolicyEndPort` | `true` | Beta | 1.22 | 1.24 | -| `NetworkPolicyEndPort` | `true` | GA | 1.25 | - | +| `OpenAPIV3` | `false` | Alpha | 1.23 | 1.23 | +| `OpenAPIV3` | `true` | Beta | 1.24 | 1.26 | +| `OpenAPIV3` | `true` | GA | 1.27 | - | | `PodSecurity` | `false` | Alpha | 1.22 | 1.22 | | `PodSecurity` | `true` | Beta | 1.23 | 1.24 | | `PodSecurity` | `true` | GA | 1.25 | | | `RemoveSelfLink` | `false` | Alpha | 1.16 | 1.19 | | `RemoveSelfLink` | `true` | Beta | 1.20 | 1.23 | | `RemoveSelfLink` | `true` | GA | 1.24 | - | +| `SeccompDefault` | `false` | Alpha | 1.22 | 1.24 | +| `SeccompDefault` | `true` | Beta | 1.25 | 1.26 | +| `SeccompDefault` | `true` | GA | 1.27 | - | | `ServerSideApply` | `false` | Alpha | 1.14 | 1.15 | | `ServerSideApply` | `true` | Beta | 1.16 | 1.21 | | `ServerSideApply` | `true` | GA | 1.22 | - | +| `ServerSideFieldValidation` | `false` | Alpha | 1.23 | 1.24 | +| `ServerSideFieldValidation` | `true` | Beta | 1.25 | 1.26 | +| `ServerSideFieldValidation` | `true` | GA | 1.27 | - | | `ServiceIPStaticSubrange` | `false` | Alpha | 1.24 | 1.24 | | `ServiceIPStaticSubrange` | `true` | Beta | 1.25 | 1.25 | | `ServiceIPStaticSubrange` | `true` | GA | 1.26 | - | | `ServiceInternalTrafficPolicy` | `false` | Alpha | 1.21 | 1.21 | | `ServiceInternalTrafficPolicy` | `true` | Beta | 1.22 | 1.25 | | `ServiceInternalTrafficPolicy` | `true` | GA | 1.26 | - | -| `StatefulSetMinReadySeconds` | `false` | Alpha | 1.22 | 1.22 | -| `StatefulSetMinReadySeconds` | `true` | Beta | 1.23 | 1.24 | -| `StatefulSetMinReadySeconds` | `true` | GA | 1.25 | - | +| `TopologyManager` | `false` | Alpha | 1.16 | 1.17 | +| `TopologyManager` | `true` | Beta | 1.18 | 1.26 | +| `TopologyManager` | `true` | GA | 1.27 | - | | `WatchBookmark` | `false` | Alpha | 1.15 | 1.15 | | `WatchBookmark` | `true` | Beta | 1.16 | 1.16 | | `WatchBookmark` | `true` | GA | 1.17 | - | @@ -374,6 +373,8 @@ A *General Availability* (GA) feature is also referred to as a *stable* feature. Each feature gate is designed for enabling/disabling a specific feature: +- `AdmissionWebhookMatchConditions`: Enable [match conditions](/docs/reference/access-authn-authz/extensible-admission-controllers/#matching-requests-matchconditions) + on mutating & validating admission webhooks. - `APIListChunking`: Enable the API clients to retrieve (`LIST` or `GET`) resources from API server in chunks. - `APIPriorityAndFairness`: Enable managing request concurrency with @@ -393,14 +394,6 @@ Each feature gate is designed for enabling/disabling a specific feature: {{< glossary_tooltip text="PVC" term_id="persistent-volume-claim" >}}. - `AppArmor`: Enable use of AppArmor mandatory access control for Pods running on Linux nodes. See [AppArmor Tutorial](/docs/tutorials/security/apparmor/) for more details. -- `ContainerCheckpoint`: Enables the kubelet `checkpoint` API. - See [Kubelet Checkpoint API](/docs/reference/node/kubelet-checkpoint-api/) for more details. -- `ControllerManagerLeaderMigration`: Enables Leader Migration for - [kube-controller-manager](/docs/tasks/administer-cluster/controller-manager-leader-migration/#initial-leader-migration-configuration) and - [cloud-controller-manager](/docs/tasks/administer-cluster/controller-manager-leader-migration/#deploy-cloud-controller-manager) - which allows a cluster operator to live migrate - controllers from the kube-controller-manager into an external controller-manager - (e.g. the cloud-controller-manager) in an HA cluster without downtime. - `CPUManager`: Enable container level CPU affinity support, see [CPU Management Policies](/docs/tasks/administer-cluster/cpu-management-policies/). - `CPUManagerPolicyAlphaOptions`: This allows fine-tuning of CPUManager policies, @@ -412,22 +405,6 @@ Each feature gate is designed for enabling/disabling a specific feature: This feature gate guards *a group* of CPUManager options whose quality level is beta. This feature gate will never graduate to stable. - `CPUManagerPolicyOptions`: Allow fine-tuning of CPUManager policies. -- `CSIInlineVolume`: Enable CSI Inline volumes support for pods. -- `CSIMigration`: Enables shims and translation logic to route volume - operations from in-tree plugins to corresponding pre-installed CSI plugins -- `CSIMigrationAWS`: Enables shims and translation logic to route volume - operations from the AWS-EBS in-tree plugin to EBS CSI plugin. Supports - falling back to in-tree EBS plugin for mount operations to nodes that have - the feature disabled or that do not have EBS CSI plugin installed and - configured. Does not support falling back for provision operations, for those - the CSI plugin must be installed and configured. -- `CSIMigrationAzureDisk`: Enables shims and translation logic to route volume - operations from the Azure-Disk in-tree plugin to AzureDisk CSI plugin. - Supports falling back to in-tree AzureDisk plugin for mount operations to - nodes that have the feature disabled or that do not have AzureDisk CSI plugin - installed and configured. Does not support falling back for provision - operations, for those the CSI plugin must be installed and configured. - Requires CSIMigration feature flag enabled. - `CSIMigrationAzureFile`: Enables shims and translation logic to route volume operations from the Azure-File in-tree plugin to AzureFile CSI plugin. Supports falling back to in-tree AzureFile plugin for mount operations to @@ -465,15 +442,20 @@ Each feature gate is designed for enabling/disabling a specific feature: [Storage Capacity](/docs/concepts/storage/storage-capacity/). Check the [`csi` volume type](/docs/concepts/storage/volumes/#csi) documentation for more details. - `CSIVolumeHealth`: Enable support for CSI volume health monitoring on node. +- `CloudControllerManagerWebhook`: Enable webhooks in cloud controller manager. +- `CloudDualStackNodeIPs`: Enables dual-stack `kubelet --node-ip` with external cloud providers. + See [Configure IPv4/IPv6 dual-stack](/docs/concepts/services-networking/dual-stack/#configure-ipv4-ipv6-dual-stack) + for more details. +- `ClusterTrustBundle`: Enable ClusterTrustBundle objects and kubelet integration. - `ComponentSLIs`: Enable the `/metrics/slis` endpoint on Kubernetes components like kubelet, kube-scheduler, kube-proxy, kube-controller-manager, cloud-controller-manager allowing you to scrape health check metrics. - `ConsistentHTTPGetHandlers`: Normalize HTTP get URL and Header passing for lifecycle handlers with probers. +- `ContainerCheckpoint`: Enables the kubelet `checkpoint` API. + See [Kubelet Checkpoint API](/docs/reference/node/kubelet-checkpoint-api/) for more details. - `ContextualLogging`: When you enable this feature gate, Kubernetes components that support contextual logging add extra detail to log output. -- `ControllerManagerLeaderMigration`: Enables leader migration for - `kube-controller-manager` and `cloud-controller-manager`. - `CronJobTimeZone`: Allow the use of the `timeZone` optional field in [CronJobs](/docs/concepts/workloads/controllers/cron-jobs/) - `CrossNamespaceVolumeDataSource`: Enable the usage of cross namespace volume data source to allow you to specify a source namespace in the `dataSourceRef` field of a @@ -483,9 +465,6 @@ Each feature gate is designed for enabling/disabling a specific feature: - `CustomResourceValidationExpressions`: Enable expression language validation in CRD which will validate customer resource based on validation rules written in the `x-kubernetes-validations` extension. -- `DaemonSetUpdateSurge`: Enables the DaemonSet workloads to maintain - availability during update per node. - See [Perform a Rolling Update on a DaemonSet](/docs/tasks/manage-daemon/update-daemon-set/). - `DelegateFSGroupToCSIDriver`: If supported by the CSI driver, delegates the role of applying `fsGroup` from a Pod's `securityContext` to the driver by passing `fsGroup` through the NodeStageVolume and NodePublishVolume CSI calls. @@ -502,15 +481,16 @@ Each feature gate is designed for enabling/disabling a specific feature: [downward API](/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information). - `DryRun`: Enable server-side [dry run](/docs/reference/using-api/api-concepts/#dry-run) requests so that validation, merging, and mutation can be tested without committing. -- `DynamicResourceAllocation": Enables support for resources with custom parameters and a lifecycle +- `DynamicResourceAllocation`: Enables support for resources with custom parameters and a lifecycle that is independent of a Pod. +- `ElasticIndexedJob`: Enables Indexed Jobs to be scaled up or down by mutating both + `spec.completions` and `spec.parallelism` together such that `spec.completions == spec.parallelism`. + See docs on [elastic Indexed Jobs](/docs/concepts/workloads/controllers/job#elastic-indexed-jobs) + for more details. - `EndpointSliceTerminatingCondition`: Enables EndpointSlice `terminating` and `serving` condition fields. - `EfficientWatchResumption`: Allows for storage-originated bookmark (progress notify) events to be delivered to the users. This is only applied to watch operations. -- `EphemeralContainers`: Enable the ability to add - {{< glossary_tooltip text="ephemeral containers" term_id="ephemeral-container" >}} - to running pods. - `EventedPLEG`: Enable support for the kubelet to receive container life cycle events from the {{< glossary_tooltip text="container runtime" term_id="container-runtime" >}} via an extension to {{}}. @@ -523,15 +503,10 @@ Each feature gate is designed for enabling/disabling a specific feature: This feature gate exists in case any of your existing workloads depend on a now-corrected fault where Kubernetes ignored exec probe timeouts. See [readiness probes](/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes). -- `ExpandCSIVolumes`: Enable the expanding of CSI volumes. - `ExpandedDNSConfig`: Enable kubelet and kube-apiserver to allow more DNS search paths and longer list of DNS search paths. This feature requires container runtime support(Containerd: v1.5.6 or higher, CRI-O: v1.22 or higher). See [Expanded DNS Configuration](/docs/concepts/services-networking/dns-pod-service/#expanded-dns-configuration). -- `ExpandInUsePersistentVolumes`: Enable expanding in-use PVCs. See - [Resizing an in-use PersistentVolumeClaim](/docs/concepts/storage/persistent-volumes/#resizing-an-in-use-persistentvolumeclaim). -- `ExpandPersistentVolumes`: Enable the expanding of persistent volumes. See - [Expanding Persistent Volumes Claims](/docs/concepts/storage/persistent-volumes/#expanding-persistent-volumes-claims). - `ExperimentalHostUserNamespaceDefaulting`: Enabling the defaulting user namespace to host. This is for containers that are using other host namespaces, host mounts, or containers that are privileged or using specific non-namespaced @@ -555,10 +530,7 @@ Each feature gate is designed for enabling/disabling a specific feature: - `HPAScaleToZero`: Enables setting `minReplicas` to 0 for `HorizontalPodAutoscaler` resources when using custom or external metrics. - `IPTablesOwnershipCleanup`: This causes kubelet to no longer create legacy iptables rules. -- `IdentifyPodOS`: Allows the Pod OS field to be specified. This helps in identifying - the OS of the pod authoritatively during the API server admission time. - In Kubernetes {{< skew currentVersion >}}, the allowed values for the `pod.spec.os.name` - are `windows` and `linux`. +- `InPlacePodVerticalScaling`: Enables in-place Pod vertical scaling. - `InTreePluginAWSUnregister`: Stops registering the aws-ebs in-tree plugin in kubelet and volume controllers. - `InTreePluginAzureDiskUnregister`: Stops registering the azuredisk in-tree plugin in kubelet @@ -597,9 +569,14 @@ Each feature gate is designed for enabling/disabling a specific feature: - `KubeletPodResources`: Enable the kubelet's pod resources gRPC endpoint. See [Support Device Monitoring](https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/606-compute-device-assignment/README.md) for more details. +- `KubeletPodResourcesGet`: Enable the `Get` gRPC endpoint on kubelet's for Pod resources. + This API augments the [resource allocation reporting](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#monitoring-device-plugin-resources). - `KubeletPodResourcesGetAllocatable`: Enable the kubelet's pod resources `GetAllocatableResources` functionality. This API augments the [resource allocation reporting](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#monitoring-device-plugin-resources) +- `KubeletPodResourcesDynamiceResources`: Extend the kubelet's pod resources gRPC endpoint to + to include resources allocated in `ResourceClaims` via `DynamicResourceAllocation` API. + See [resource allocation reporting](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#monitoring-device-plugin-resources) for more details. with informations about the allocatable resources, enabling clients to properly track the free compute resources on a node. - `KubeletTracing`: Add support for distributed tracing in the kubelet. @@ -610,10 +587,6 @@ Each feature gate is designed for enabling/disabling a specific feature: [service account tokens](/docs/reference/access-authn-authz/authentication/#service-account-tokens). - `LegacyServiceAccountTokenTracking`: Track usage of Secret-based [service account tokens](/docs/reference/access-authn-authz/authentication/#service-account-tokens). -- `LocalStorageCapacityIsolation`: Enable the consumption of - [local ephemeral storage](/docs/concepts/configuration/manage-resources-containers/) - and also the `sizeLimit` property of an - [emptyDir volume](/docs/concepts/storage/volumes/#emptydir). - `LocalStorageCapacityIsolationFSQuotaMonitoring`: When `LocalStorageCapacityIsolation` is enabled for [local ephemeral storage](/docs/concepts/configuration/manage-resources-containers/) @@ -642,12 +615,25 @@ Each feature gate is designed for enabling/disabling a specific feature: - `MixedProtocolLBService`: Enable using different protocols in the same `LoadBalancer` type Service instance. - `MultiCIDRRangeAllocator`: Enables the MultiCIDR range allocator. -- `NetworkPolicyEndPort`: Enable use of the field `endPort` in NetworkPolicy objects, - allowing the selection of a port range instead of a single port. +- `MultiCIDRServiceAllocator`: Track IP address allocations for Service cluster IPs using IPAddress objects. - `NetworkPolicyStatus`: Enable the `status` subresource for NetworkPolicy objects. +- `NewVolumeManagerReconstruction`: Enable improved discovery of mounted volumes during kubelet + startup. + + Before Kubernetes v1.25, the kubelet used different default behavior for discovering mounted + volumes during the kubelet startup. If you disable this feature gate (it's enabled by default), you select + the legacy discovery behavior. + + In Kubernetes v1.25 and v1.26, this behavior toggle was part of the `SELinuxMountReadWriteOncePod` + feature gate. +- `NewVolumeManagerReconstruction`: Enables improved discovery of mounted volumes during kubelet + startup. Since this code has been significantly refactored, we allow to opt-out in case kubelet + gets stuck at the startup or is not unmounting volumes from terminated Pods. Note that this + refactoring was behind `SELinuxMountReadWriteOncePod` alpha feature gate in Kubernetes 1.25. - `NodeInclusionPolicyInPodTopologySpread`: Enable using `nodeAffinityPolicy` and `nodeTaintsPolicy` in [Pod topology spread constraints](/docs/concepts/scheduling-eviction/topology-spread-constraints/) when calculating pod topology spread skew. +- `NodeLogQuery`: Enables querying logs of node services using the `/logs` endpoint. - `NodeOutOfServiceVolumeDetach`: When a Node is marked out-of-service using the `node.kubernetes.io/out-of-service` taint, Pods on the node will be forcefully deleted if they can not tolerate this taint, and the volume detach operations for Pods terminating @@ -703,6 +689,7 @@ Each feature gate is designed for enabling/disabling a specific feature: - `SeccompDefault`: Enables the use of `RuntimeDefault` as the default seccomp profile for all workloads. The seccomp profile is specified in the `securityContext` of a Pod and/or a Container. +- `SecurityContextDeny`: This gate signals that the `SecurityContextDeny` admission controller is deprecated. - `ServerSideApply`: Enables the [Sever Side Apply (SSA)](/docs/reference/using-api/server-side-apply/) feature on the API Server. - `ServerSideFieldValidation`: Enables server-side field validation. This means the validation @@ -717,8 +704,8 @@ Each feature gate is designed for enabling/disabling a specific feature: for more details. - `SizeMemoryBackedVolumes`: Enable kubelets to determine the size limit for memory-backed volumes (mainly `emptyDir` volumes). -- `StatefulSetMinReadySeconds`: Allows `minReadySeconds` to be respected by - the StatefulSet controller. +- `StableLoadBalancerNodeGet`: Enables less load balancer re-configurations by + the service controller (KCCM) as an effect of changing node state. - `StatefulSetStartOrdinal`: Allow configuration of the start ordinal in a StatefulSet. See [Start ordinal](/docs/concepts/workloads/controllers/statefulset/#start-ordinal) @@ -748,6 +735,7 @@ Each feature gate is designed for enabling/disabling a specific feature: - `VolumeCapacityPriority`: Enable support for prioritizing nodes in different topologies based on available PV capacity. - `WatchBookmark`: Enable support for watch bookmark events. +- `WatchList` : Enable support for [streaming initial state of objects in watch requests](/docs/reference/using-api/api-concepts/#streaming-lists). - `WinDSR`: Allows kube-proxy to create DSR loadbalancers for Windows. - `WinOverlay`: Allows kube-proxy to run in overlay mode for Windows. - `WindowsHostNetwork`: Enables support for joining Windows containers to a hosts' network namespace. diff --git a/content/en/docs/reference/command-line-tools-reference/kube-apiserver.md b/content/en/docs/reference/command-line-tools-reference/kube-apiserver.md index af3687662e6..8aa21abe024 100644 --- a/content/en/docs/reference/command-line-tools-reference/kube-apiserver.md +++ b/content/en/docs/reference/command-line-tools-reference/kube-apiserver.md @@ -421,14 +421,21 @@ kube-apiserver [flags] --contention-profiling -

Enable lock contention profiling, if profiling is enabled

+

Enable block profiling, if profiling is enabled

--cors-allowed-origins strings -

List of allowed origins for CORS, comma separated. An allowed origin can be a regular expression to support subdomain matching. If this list is empty CORS will not be enabled.

+

List of allowed origins for CORS, comma separated. An allowed origin can be a regular expression to support subdomain matching. If this list is empty CORS will not be enabled. Please ensure each expression matches the entire hostname by anchoring to the start with '^' or including the '//' prefix, and by anchoring to the end with '$' or including the ':' port separator suffix. Examples of valid expressions are '//example.com(:|$)' and '^https://example.com(:|$)'

+ + + +--debug-socket-path string + + +

Use an unprotected (no authn/authz) unix-domain socket for profiling with the given path

@@ -456,7 +463,7 @@ kube-apiserver [flags] --disable-admission-plugins strings -

admission plugins that should be disabled although they are in the default enabled plugins list (NamespaceLifecycle, LimitRanger, ServiceAccount, TaintNodesByCondition, PodSecurity, Priority, DefaultTolerationSeconds, DefaultStorageClass, StorageObjectInUseProtection, PersistentVolumeClaimResize, RuntimeClass, CertificateApproval, CertificateSigning, CertificateSubjectRestriction, DefaultIngressClass, MutatingAdmissionWebhook, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook, ResourceQuota). Comma-delimited list of admission plugins: AlwaysAdmit, AlwaysDeny, AlwaysPullImages, CertificateApproval, CertificateSigning, CertificateSubjectRestriction, DefaultIngressClass, DefaultStorageClass, DefaultTolerationSeconds, DenyServiceExternalIPs, EventRateLimit, ExtendedResourceToleration, ImagePolicyWebhook, LimitPodHardAntiAffinityTopology, LimitRanger, MutatingAdmissionWebhook, NamespaceAutoProvision, NamespaceExists, NamespaceLifecycle, NodeRestriction, OwnerReferencesPermissionEnforcement, PersistentVolumeClaimResize, PersistentVolumeLabel, PodNodeSelector, PodSecurity, PodTolerationRestriction, Priority, ResourceQuota, RuntimeClass, SecurityContextDeny, ServiceAccount, StorageObjectInUseProtection, TaintNodesByCondition, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook. The order of plugins in this flag does not matter.

+

admission plugins that should be disabled although they are in the default enabled plugins list (NamespaceLifecycle, LimitRanger, ServiceAccount, TaintNodesByCondition, PodSecurity, Priority, DefaultTolerationSeconds, DefaultStorageClass, StorageObjectInUseProtection, PersistentVolumeClaimResize, RuntimeClass, CertificateApproval, CertificateSigning, ClusterTrustBundleAttest, CertificateSubjectRestriction, DefaultIngressClass, MutatingAdmissionWebhook, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook, ResourceQuota). Comma-delimited list of admission plugins: AlwaysAdmit, AlwaysDeny, AlwaysPullImages, CertificateApproval, CertificateSigning, CertificateSubjectRestriction, ClusterTrustBundleAttest, DefaultIngressClass, DefaultStorageClass, DefaultTolerationSeconds, DenyServiceExternalIPs, EventRateLimit, ExtendedResourceToleration, ImagePolicyWebhook, LimitPodHardAntiAffinityTopology, LimitRanger, MutatingAdmissionWebhook, NamespaceAutoProvision, NamespaceExists, NamespaceLifecycle, NodeRestriction, OwnerReferencesPermissionEnforcement, PersistentVolumeClaimResize, PersistentVolumeLabel, PodNodeSelector, PodSecurity, PodTolerationRestriction, Priority, ResourceQuota, RuntimeClass, SecurityContextDeny, ServiceAccount, StorageObjectInUseProtection, TaintNodesByCondition, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook. The order of plugins in this flag does not matter.

@@ -477,7 +484,7 @@ kube-apiserver [flags] --enable-admission-plugins strings -

admission plugins that should be enabled in addition to default enabled ones (NamespaceLifecycle, LimitRanger, ServiceAccount, TaintNodesByCondition, PodSecurity, Priority, DefaultTolerationSeconds, DefaultStorageClass, StorageObjectInUseProtection, PersistentVolumeClaimResize, RuntimeClass, CertificateApproval, CertificateSigning, CertificateSubjectRestriction, DefaultIngressClass, MutatingAdmissionWebhook, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook, ResourceQuota). Comma-delimited list of admission plugins: AlwaysAdmit, AlwaysDeny, AlwaysPullImages, CertificateApproval, CertificateSigning, CertificateSubjectRestriction, DefaultIngressClass, DefaultStorageClass, DefaultTolerationSeconds, DenyServiceExternalIPs, EventRateLimit, ExtendedResourceToleration, ImagePolicyWebhook, LimitPodHardAntiAffinityTopology, LimitRanger, MutatingAdmissionWebhook, NamespaceAutoProvision, NamespaceExists, NamespaceLifecycle, NodeRestriction, OwnerReferencesPermissionEnforcement, PersistentVolumeClaimResize, PersistentVolumeLabel, PodNodeSelector, PodSecurity, PodTolerationRestriction, Priority, ResourceQuota, RuntimeClass, SecurityContextDeny, ServiceAccount, StorageObjectInUseProtection, TaintNodesByCondition, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook. The order of plugins in this flag does not matter.

+

admission plugins that should be enabled in addition to default enabled ones (NamespaceLifecycle, LimitRanger, ServiceAccount, TaintNodesByCondition, PodSecurity, Priority, DefaultTolerationSeconds, DefaultStorageClass, StorageObjectInUseProtection, PersistentVolumeClaimResize, RuntimeClass, CertificateApproval, CertificateSigning, ClusterTrustBundleAttest, CertificateSubjectRestriction, DefaultIngressClass, MutatingAdmissionWebhook, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook, ResourceQuota). Comma-delimited list of admission plugins: AlwaysAdmit, AlwaysDeny, AlwaysPullImages, CertificateApproval, CertificateSigning, CertificateSubjectRestriction, ClusterTrustBundleAttest, DefaultIngressClass, DefaultStorageClass, DefaultTolerationSeconds, DenyServiceExternalIPs, EventRateLimit, ExtendedResourceToleration, ImagePolicyWebhook, LimitPodHardAntiAffinityTopology, LimitRanger, MutatingAdmissionWebhook, NamespaceAutoProvision, NamespaceExists, NamespaceLifecycle, NodeRestriction, OwnerReferencesPermissionEnforcement, PersistentVolumeClaimResize, PersistentVolumeLabel, PodNodeSelector, PodSecurity, PodTolerationRestriction, Priority, ResourceQuota, RuntimeClass, SecurityContextDeny, ServiceAccount, StorageObjectInUseProtection, TaintNodesByCondition, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook. The order of plugins in this flag does not matter.

@@ -624,7 +631,7 @@ kube-apiserver [flags] --feature-gates <comma-separated 'key=True|False' pairs> -

A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
APIListChunking=true|false (BETA - default=true)
APIPriorityAndFairness=true|false (BETA - default=true)
APIResponseCompression=true|false (BETA - default=true)
APISelfSubjectReview=true|false (ALPHA - default=false)
APIServerIdentity=true|false (BETA - default=true)
APIServerTracing=true|false (ALPHA - default=false)
AggregatedDiscoveryEndpoint=true|false (ALPHA - default=false)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
AnyVolumeDataSource=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
CPUManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
CSINodeExpandSecret=true|false (ALPHA - default=false)
CSIVolumeHealth=true|false (ALPHA - default=false)
ComponentSLIs=true|false (ALPHA - default=false)
ContainerCheckpoint=true|false (ALPHA - default=false)
ContextualLogging=true|false (ALPHA - default=false)
CronJobTimeZone=true|false (BETA - default=true)
CrossNamespaceVolumeDataSource=true|false (ALPHA - default=false)
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false)
CustomResourceValidationExpressions=true|false (BETA - default=true)
DisableCloudProviders=true|false (ALPHA - default=false)
DisableKubeletCloudCredentialProviders=true|false (ALPHA - default=false)
DownwardAPIHugePages=true|false (BETA - default=true)
DynamicResourceAllocation=true|false (ALPHA - default=false)
EventedPLEG=true|false (ALPHA - default=false)
ExpandedDNSConfig=true|false (BETA - default=true)
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false)
GRPCContainerProbe=true|false (BETA - default=true)
GracefulNodeShutdown=true|false (BETA - default=true)
GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - default=true)
HPAContainerMetrics=true|false (ALPHA - default=false)
HPAScaleToZero=true|false (ALPHA - default=false)
HonorPVReclaimPolicy=true|false (ALPHA - default=false)
IPTablesOwnershipCleanup=true|false (ALPHA - default=false)
InTreePluginAWSUnregister=true|false (ALPHA - default=false)
InTreePluginAzureDiskUnregister=true|false (ALPHA - default=false)
InTreePluginAzureFileUnregister=true|false (ALPHA - default=false)
InTreePluginGCEUnregister=true|false (ALPHA - default=false)
InTreePluginOpenStackUnregister=true|false (ALPHA - default=false)
InTreePluginPortworxUnregister=true|false (ALPHA - default=false)
InTreePluginRBDUnregister=true|false (ALPHA - default=false)
InTreePluginvSphereUnregister=true|false (ALPHA - default=false)
JobMutableNodeSchedulingDirectives=true|false (BETA - default=true)
JobPodFailurePolicy=true|false (BETA - default=true)
JobReadyPods=true|false (BETA - default=true)
KMSv2=true|false (ALPHA - default=false)
KubeletInUserNamespace=true|false (ALPHA - default=false)
KubeletPodResources=true|false (BETA - default=true)
KubeletPodResourcesGetAllocatable=true|false (BETA - default=true)
KubeletTracing=true|false (ALPHA - default=false)
LegacyServiceAccountTokenTracking=true|false (ALPHA - default=false)
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false)
LogarithmicScaleDown=true|false (BETA - default=true)
LoggingAlphaOptions=true|false (ALPHA - default=false)
LoggingBetaOptions=true|false (BETA - default=true)
MatchLabelKeysInPodTopologySpread=true|false (ALPHA - default=false)
MaxUnavailableStatefulSet=true|false (ALPHA - default=false)
MemoryManager=true|false (BETA - default=true)
MemoryQoS=true|false (ALPHA - default=false)
MinDomainsInPodTopologySpread=true|false (BETA - default=false)
MinimizeIPTablesRestore=true|false (ALPHA - default=false)
MultiCIDRRangeAllocator=true|false (ALPHA - default=false)
NetworkPolicyStatus=true|false (ALPHA - default=false)
NodeInclusionPolicyInPodTopologySpread=true|false (BETA - default=true)
NodeOutOfServiceVolumeDetach=true|false (BETA - default=true)
NodeSwap=true|false (ALPHA - default=false)
OpenAPIEnums=true|false (BETA - default=true)
OpenAPIV3=true|false (BETA - default=true)
PDBUnhealthyPodEvictionPolicy=true|false (ALPHA - default=false)
PodAndContainerStatsFromCRI=true|false (ALPHA - default=false)
PodDeletionCost=true|false (BETA - default=true)
PodDisruptionConditions=true|false (BETA - default=true)
PodHasNetworkCondition=true|false (ALPHA - default=false)
PodSchedulingReadiness=true|false (ALPHA - default=false)
ProbeTerminationGracePeriod=true|false (BETA - default=true)
ProcMountType=true|false (ALPHA - default=false)
ProxyTerminatingEndpoints=true|false (BETA - default=true)
QOSReserved=true|false (ALPHA - default=false)
ReadWriteOncePod=true|false (ALPHA - default=false)
RecoverVolumeExpansionFailure=true|false (ALPHA - default=false)
RemainingItemCount=true|false (BETA - default=true)
RetroactiveDefaultStorageClass=true|false (BETA - default=true)
RotateKubeletServerCertificate=true|false (BETA - default=true)
SELinuxMountReadWriteOncePod=true|false (ALPHA - default=false)
SeccompDefault=true|false (BETA - default=true)
ServerSideFieldValidation=true|false (BETA - default=true)
SizeMemoryBackedVolumes=true|false (BETA - default=true)
StatefulSetAutoDeletePVC=true|false (ALPHA - default=false)
StatefulSetStartOrdinal=true|false (ALPHA - default=false)
StorageVersionAPI=true|false (ALPHA - default=false)
StorageVersionHash=true|false (BETA - default=true)
TopologyAwareHints=true|false (BETA - default=true)
TopologyManager=true|false (BETA - default=true)
TopologyManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
TopologyManagerPolicyBetaOptions=true|false (BETA - default=false)
TopologyManagerPolicyOptions=true|false (ALPHA - default=false)
UserNamespacesStatelessPodsSupport=true|false (ALPHA - default=false)
ValidatingAdmissionPolicy=true|false (ALPHA - default=false)
VolumeCapacityPriority=true|false (ALPHA - default=false)
WinDSR=true|false (ALPHA - default=false)
WinOverlay=true|false (BETA - default=true)
WindowsHostNetwork=true|false (ALPHA - default=true)

+

A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
APIListChunking=true|false (BETA - default=true)
APIPriorityAndFairness=true|false (BETA - default=true)
APIResponseCompression=true|false (BETA - default=true)
APISelfSubjectReview=true|false (BETA - default=true)
APIServerIdentity=true|false (BETA - default=true)
APIServerTracing=true|false (BETA - default=true)
AdmissionWebhookMatchConditions=true|false (ALPHA - default=false)
AggregatedDiscoveryEndpoint=true|false (BETA - default=true)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
AnyVolumeDataSource=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
CPUManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
CSINodeExpandSecret=true|false (BETA - default=true)
CSIVolumeHealth=true|false (ALPHA - default=false)
CloudControllerManagerWebhook=true|false (ALPHA - default=false)
CloudDualStackNodeIPs=true|false (ALPHA - default=false)
ClusterTrustBundle=true|false (ALPHA - default=false)
ComponentSLIs=true|false (BETA - default=true)
ContainerCheckpoint=true|false (ALPHA - default=false)
ContextualLogging=true|false (ALPHA - default=false)
CrossNamespaceVolumeDataSource=true|false (ALPHA - default=false)
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false)
CustomResourceValidationExpressions=true|false (BETA - default=true)
DisableCloudProviders=true|false (ALPHA - default=false)
DisableKubeletCloudCredentialProviders=true|false (ALPHA - default=false)
DynamicResourceAllocation=true|false (ALPHA - default=false)
ElasticIndexedJob=true|false (BETA - default=true)
EventedPLEG=true|false (BETA - default=false)
ExpandedDNSConfig=true|false (BETA - default=true)
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false)
GracefulNodeShutdown=true|false (BETA - default=true)
GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - default=true)
HPAContainerMetrics=true|false (BETA - default=true)
HPAScaleToZero=true|false (ALPHA - default=false)
HonorPVReclaimPolicy=true|false (ALPHA - default=false)
IPTablesOwnershipCleanup=true|false (BETA - default=true)
InPlacePodVerticalScaling=true|false (ALPHA - default=false)
InTreePluginAWSUnregister=true|false (ALPHA - default=false)
InTreePluginAzureDiskUnregister=true|false (ALPHA - default=false)
InTreePluginAzureFileUnregister=true|false (ALPHA - default=false)
InTreePluginGCEUnregister=true|false (ALPHA - default=false)
InTreePluginOpenStackUnregister=true|false (ALPHA - default=false)
InTreePluginPortworxUnregister=true|false (ALPHA - default=false)
InTreePluginRBDUnregister=true|false (ALPHA - default=false)
InTreePluginvSphereUnregister=true|false (ALPHA - default=false)
JobPodFailurePolicy=true|false (BETA - default=true)
JobReadyPods=true|false (BETA - default=true)
KMSv2=true|false (BETA - default=true)
KubeletInUserNamespace=true|false (ALPHA - default=false)
KubeletPodResources=true|false (BETA - default=true)
KubeletPodResourcesDynamicResources=true|false (ALPHA - default=false)
KubeletPodResourcesGet=true|false (ALPHA - default=false)
KubeletPodResourcesGetAllocatable=true|false (BETA - default=true)
KubeletTracing=true|false (BETA - default=true)
LegacyServiceAccountTokenTracking=true|false (BETA - default=true)
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false)
LogarithmicScaleDown=true|false (BETA - default=true)
LoggingAlphaOptions=true|false (ALPHA - default=false)
LoggingBetaOptions=true|false (BETA - default=true)
MatchLabelKeysInPodTopologySpread=true|false (BETA - default=true)
MaxUnavailableStatefulSet=true|false (ALPHA - default=false)
MemoryManager=true|false (BETA - default=true)
MemoryQoS=true|false (ALPHA - default=false)
MinDomainsInPodTopologySpread=true|false (BETA - default=true)
MinimizeIPTablesRestore=true|false (BETA - default=true)
MultiCIDRRangeAllocator=true|false (ALPHA - default=false)
MultiCIDRServiceAllocator=true|false (ALPHA - default=false)
NetworkPolicyStatus=true|false (ALPHA - default=false)
NewVolumeManagerReconstruction=true|false (BETA - default=true)
NodeInclusionPolicyInPodTopologySpread=true|false (BETA - default=true)
NodeLogQuery=true|false (ALPHA - default=false)
NodeOutOfServiceVolumeDetach=true|false (BETA - default=true)
NodeSwap=true|false (ALPHA - default=false)
OpenAPIEnums=true|false (BETA - default=true)
PDBUnhealthyPodEvictionPolicy=true|false (BETA - default=true)
PodAndContainerStatsFromCRI=true|false (ALPHA - default=false)
PodDeletionCost=true|false (BETA - default=true)
PodDisruptionConditions=true|false (BETA - default=true)
PodHasNetworkCondition=true|false (ALPHA - default=false)
PodSchedulingReadiness=true|false (BETA - default=true)
ProbeTerminationGracePeriod=true|false (BETA - default=true)
ProcMountType=true|false (ALPHA - default=false)
ProxyTerminatingEndpoints=true|false (BETA - default=true)
QOSReserved=true|false (ALPHA - default=false)
ReadWriteOncePod=true|false (BETA - default=true)
RecoverVolumeExpansionFailure=true|false (ALPHA - default=false)
RemainingItemCount=true|false (BETA - default=true)
RetroactiveDefaultStorageClass=true|false (BETA - default=true)
RotateKubeletServerCertificate=true|false (BETA - default=true)
SELinuxMountReadWriteOncePod=true|false (BETA - default=true)
SecurityContextDeny=true|false (ALPHA - default=false)
ServiceNodePortStaticSubrange=true|false (ALPHA - default=false)
SizeMemoryBackedVolumes=true|false (BETA - default=true)
StableLoadBalancerNodeSet=true|false (BETA - default=true)
StatefulSetAutoDeletePVC=true|false (BETA - default=true)
StatefulSetStartOrdinal=true|false (BETA - default=true)
StorageVersionAPI=true|false (ALPHA - default=false)
StorageVersionHash=true|false (BETA - default=true)
TopologyAwareHints=true|false (BETA - default=true)
TopologyManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
TopologyManagerPolicyBetaOptions=true|false (BETA - default=false)
TopologyManagerPolicyOptions=true|false (ALPHA - default=false)
UserNamespacesStatelessPodsSupport=true|false (ALPHA - default=false)
ValidatingAdmissionPolicy=true|false (ALPHA - default=false)
VolumeCapacityPriority=true|false (ALPHA - default=false)
WatchList=true|false (ALPHA - default=false)
WinDSR=true|false (ALPHA - default=false)
WinOverlay=true|false (BETA - default=true)
WindowsHostNetwork=true|false (ALPHA - default=true)

@@ -984,6 +991,13 @@ kube-apiserver [flags]

If true the HTTP Server will continue listening until all non long running request(s) in flight have been drained, during this window all incoming requests will be rejected with a status code 429 and a 'Retry-After' response header, in addition 'Connection: close' response header is set in order to tear down the TCP connection when idle.

+ +--shutdown-watch-termination-grace-period duration + + +

This option, if set, represents the maximum amount of grace period the apiserver will wait for active watch request(s) to drain during the graceful server shutdown window.

+ + --storage-backend string diff --git a/content/en/docs/reference/command-line-tools-reference/kube-controller-manager.md b/content/en/docs/reference/command-line-tools-reference/kube-controller-manager.md index 0d448987d06..98316ac6851 100644 --- a/content/en/docs/reference/command-line-tools-reference/kube-controller-manager.md +++ b/content/en/docs/reference/command-line-tools-reference/kube-controller-manager.md @@ -369,7 +369,7 @@ kube-controller-manager [flags] --contention-profiling -

Enable lock contention profiling, if profiling is enabled

+

Enable block profiling, if profiling is enabled

@@ -453,7 +453,7 @@ kube-controller-manager [flags] --feature-gates <comma-separated 'key=True|False' pairs> -

A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
APIListChunking=true|false (BETA - default=true)
APIPriorityAndFairness=true|false (BETA - default=true)
APIResponseCompression=true|false (BETA - default=true)
APISelfSubjectReview=true|false (ALPHA - default=false)
APIServerIdentity=true|false (BETA - default=true)
APIServerTracing=true|false (ALPHA - default=false)
AggregatedDiscoveryEndpoint=true|false (ALPHA - default=false)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
AnyVolumeDataSource=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
CPUManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
CSINodeExpandSecret=true|false (ALPHA - default=false)
CSIVolumeHealth=true|false (ALPHA - default=false)
ComponentSLIs=true|false (ALPHA - default=false)
ContainerCheckpoint=true|false (ALPHA - default=false)
ContextualLogging=true|false (ALPHA - default=false)
CronJobTimeZone=true|false (BETA - default=true)
CrossNamespaceVolumeDataSource=true|false (ALPHA - default=false)
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false)
CustomResourceValidationExpressions=true|false (BETA - default=true)
DisableCloudProviders=true|false (ALPHA - default=false)
DisableKubeletCloudCredentialProviders=true|false (ALPHA - default=false)
DownwardAPIHugePages=true|false (BETA - default=true)
DynamicResourceAllocation=true|false (ALPHA - default=false)
EventedPLEG=true|false (ALPHA - default=false)
ExpandedDNSConfig=true|false (BETA - default=true)
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false)
GRPCContainerProbe=true|false (BETA - default=true)
GracefulNodeShutdown=true|false (BETA - default=true)
GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - default=true)
HPAContainerMetrics=true|false (ALPHA - default=false)
HPAScaleToZero=true|false (ALPHA - default=false)
HonorPVReclaimPolicy=true|false (ALPHA - default=false)
IPTablesOwnershipCleanup=true|false (ALPHA - default=false)
InTreePluginAWSUnregister=true|false (ALPHA - default=false)
InTreePluginAzureDiskUnregister=true|false (ALPHA - default=false)
InTreePluginAzureFileUnregister=true|false (ALPHA - default=false)
InTreePluginGCEUnregister=true|false (ALPHA - default=false)
InTreePluginOpenStackUnregister=true|false (ALPHA - default=false)
InTreePluginPortworxUnregister=true|false (ALPHA - default=false)
InTreePluginRBDUnregister=true|false (ALPHA - default=false)
InTreePluginvSphereUnregister=true|false (ALPHA - default=false)
JobMutableNodeSchedulingDirectives=true|false (BETA - default=true)
JobPodFailurePolicy=true|false (BETA - default=true)
JobReadyPods=true|false (BETA - default=true)
KMSv2=true|false (ALPHA - default=false)
KubeletInUserNamespace=true|false (ALPHA - default=false)
KubeletPodResources=true|false (BETA - default=true)
KubeletPodResourcesGetAllocatable=true|false (BETA - default=true)
KubeletTracing=true|false (ALPHA - default=false)
LegacyServiceAccountTokenTracking=true|false (ALPHA - default=false)
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false)
LogarithmicScaleDown=true|false (BETA - default=true)
LoggingAlphaOptions=true|false (ALPHA - default=false)
LoggingBetaOptions=true|false (BETA - default=true)
MatchLabelKeysInPodTopologySpread=true|false (ALPHA - default=false)
MaxUnavailableStatefulSet=true|false (ALPHA - default=false)
MemoryManager=true|false (BETA - default=true)
MemoryQoS=true|false (ALPHA - default=false)
MinDomainsInPodTopologySpread=true|false (BETA - default=false)
MinimizeIPTablesRestore=true|false (ALPHA - default=false)
MultiCIDRRangeAllocator=true|false (ALPHA - default=false)
NetworkPolicyStatus=true|false (ALPHA - default=false)
NodeInclusionPolicyInPodTopologySpread=true|false (BETA - default=true)
NodeOutOfServiceVolumeDetach=true|false (BETA - default=true)
NodeSwap=true|false (ALPHA - default=false)
OpenAPIEnums=true|false (BETA - default=true)
OpenAPIV3=true|false (BETA - default=true)
PDBUnhealthyPodEvictionPolicy=true|false (ALPHA - default=false)
PodAndContainerStatsFromCRI=true|false (ALPHA - default=false)
PodDeletionCost=true|false (BETA - default=true)
PodDisruptionConditions=true|false (BETA - default=true)
PodHasNetworkCondition=true|false (ALPHA - default=false)
PodSchedulingReadiness=true|false (ALPHA - default=false)
ProbeTerminationGracePeriod=true|false (BETA - default=true)
ProcMountType=true|false (ALPHA - default=false)
ProxyTerminatingEndpoints=true|false (BETA - default=true)
QOSReserved=true|false (ALPHA - default=false)
ReadWriteOncePod=true|false (ALPHA - default=false)
RecoverVolumeExpansionFailure=true|false (ALPHA - default=false)
RemainingItemCount=true|false (BETA - default=true)
RetroactiveDefaultStorageClass=true|false (BETA - default=true)
RotateKubeletServerCertificate=true|false (BETA - default=true)
SELinuxMountReadWriteOncePod=true|false (ALPHA - default=false)
SeccompDefault=true|false (BETA - default=true)
ServerSideFieldValidation=true|false (BETA - default=true)
SizeMemoryBackedVolumes=true|false (BETA - default=true)
StatefulSetAutoDeletePVC=true|false (ALPHA - default=false)
StatefulSetStartOrdinal=true|false (ALPHA - default=false)
StorageVersionAPI=true|false (ALPHA - default=false)
StorageVersionHash=true|false (BETA - default=true)
TopologyAwareHints=true|false (BETA - default=true)
TopologyManager=true|false (BETA - default=true)
TopologyManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
TopologyManagerPolicyBetaOptions=true|false (BETA - default=false)
TopologyManagerPolicyOptions=true|false (ALPHA - default=false)
UserNamespacesStatelessPodsSupport=true|false (ALPHA - default=false)
ValidatingAdmissionPolicy=true|false (ALPHA - default=false)
VolumeCapacityPriority=true|false (ALPHA - default=false)
WinDSR=true|false (ALPHA - default=false)
WinOverlay=true|false (BETA - default=true)
WindowsHostNetwork=true|false (ALPHA - default=true)

+

A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
APIListChunking=true|false (BETA - default=true)
APIPriorityAndFairness=true|false (BETA - default=true)
APIResponseCompression=true|false (BETA - default=true)
APISelfSubjectReview=true|false (BETA - default=true)
APIServerIdentity=true|false (BETA - default=true)
APIServerTracing=true|false (BETA - default=true)
AdmissionWebhookMatchConditions=true|false (ALPHA - default=false)
AggregatedDiscoveryEndpoint=true|false (BETA - default=true)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
AnyVolumeDataSource=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
CPUManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
CSINodeExpandSecret=true|false (BETA - default=true)
CSIVolumeHealth=true|false (ALPHA - default=false)
CloudControllerManagerWebhook=true|false (ALPHA - default=false)
CloudDualStackNodeIPs=true|false (ALPHA - default=false)
ClusterTrustBundle=true|false (ALPHA - default=false)
ComponentSLIs=true|false (BETA - default=true)
ContainerCheckpoint=true|false (ALPHA - default=false)
ContextualLogging=true|false (ALPHA - default=false)
CrossNamespaceVolumeDataSource=true|false (ALPHA - default=false)
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false)
CustomResourceValidationExpressions=true|false (BETA - default=true)
DisableCloudProviders=true|false (ALPHA - default=false)
DisableKubeletCloudCredentialProviders=true|false (ALPHA - default=false)
DynamicResourceAllocation=true|false (ALPHA - default=false)
ElasticIndexedJob=true|false (BETA - default=true)
EventedPLEG=true|false (BETA - default=false)
ExpandedDNSConfig=true|false (BETA - default=true)
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false)
GracefulNodeShutdown=true|false (BETA - default=true)
GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - default=true)
HPAContainerMetrics=true|false (BETA - default=true)
HPAScaleToZero=true|false (ALPHA - default=false)
HonorPVReclaimPolicy=true|false (ALPHA - default=false)
IPTablesOwnershipCleanup=true|false (BETA - default=true)
InPlacePodVerticalScaling=true|false (ALPHA - default=false)
InTreePluginAWSUnregister=true|false (ALPHA - default=false)
InTreePluginAzureDiskUnregister=true|false (ALPHA - default=false)
InTreePluginAzureFileUnregister=true|false (ALPHA - default=false)
InTreePluginGCEUnregister=true|false (ALPHA - default=false)
InTreePluginOpenStackUnregister=true|false (ALPHA - default=false)
InTreePluginPortworxUnregister=true|false (ALPHA - default=false)
InTreePluginRBDUnregister=true|false (ALPHA - default=false)
InTreePluginvSphereUnregister=true|false (ALPHA - default=false)
JobPodFailurePolicy=true|false (BETA - default=true)
JobReadyPods=true|false (BETA - default=true)
KMSv2=true|false (BETA - default=true)
KubeletInUserNamespace=true|false (ALPHA - default=false)
KubeletPodResources=true|false (BETA - default=true)
KubeletPodResourcesDynamicResources=true|false (ALPHA - default=false)
KubeletPodResourcesGet=true|false (ALPHA - default=false)
KubeletPodResourcesGetAllocatable=true|false (BETA - default=true)
KubeletTracing=true|false (BETA - default=true)
LegacyServiceAccountTokenTracking=true|false (BETA - default=true)
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false)
LogarithmicScaleDown=true|false (BETA - default=true)
LoggingAlphaOptions=true|false (ALPHA - default=false)
LoggingBetaOptions=true|false (BETA - default=true)
MatchLabelKeysInPodTopologySpread=true|false (BETA - default=true)
MaxUnavailableStatefulSet=true|false (ALPHA - default=false)
MemoryManager=true|false (BETA - default=true)
MemoryQoS=true|false (ALPHA - default=false)
MinDomainsInPodTopologySpread=true|false (BETA - default=true)
MinimizeIPTablesRestore=true|false (BETA - default=true)
MultiCIDRRangeAllocator=true|false (ALPHA - default=false)
MultiCIDRServiceAllocator=true|false (ALPHA - default=false)
NetworkPolicyStatus=true|false (ALPHA - default=false)
NewVolumeManagerReconstruction=true|false (BETA - default=true)
NodeInclusionPolicyInPodTopologySpread=true|false (BETA - default=true)
NodeLogQuery=true|false (ALPHA - default=false)
NodeOutOfServiceVolumeDetach=true|false (BETA - default=true)
NodeSwap=true|false (ALPHA - default=false)
OpenAPIEnums=true|false (BETA - default=true)
PDBUnhealthyPodEvictionPolicy=true|false (BETA - default=true)
PodAndContainerStatsFromCRI=true|false (ALPHA - default=false)
PodDeletionCost=true|false (BETA - default=true)
PodDisruptionConditions=true|false (BETA - default=true)
PodHasNetworkCondition=true|false (ALPHA - default=false)
PodSchedulingReadiness=true|false (BETA - default=true)
ProbeTerminationGracePeriod=true|false (BETA - default=true)
ProcMountType=true|false (ALPHA - default=false)
ProxyTerminatingEndpoints=true|false (BETA - default=true)
QOSReserved=true|false (ALPHA - default=false)
ReadWriteOncePod=true|false (BETA - default=true)
RecoverVolumeExpansionFailure=true|false (ALPHA - default=false)
RemainingItemCount=true|false (BETA - default=true)
RetroactiveDefaultStorageClass=true|false (BETA - default=true)
RotateKubeletServerCertificate=true|false (BETA - default=true)
SELinuxMountReadWriteOncePod=true|false (BETA - default=true)
SecurityContextDeny=true|false (ALPHA - default=false)
ServiceNodePortStaticSubrange=true|false (ALPHA - default=false)
SizeMemoryBackedVolumes=true|false (BETA - default=true)
StableLoadBalancerNodeSet=true|false (BETA - default=true)
StatefulSetAutoDeletePVC=true|false (BETA - default=true)
StatefulSetStartOrdinal=true|false (BETA - default=true)
StorageVersionAPI=true|false (ALPHA - default=false)
StorageVersionHash=true|false (BETA - default=true)
TopologyAwareHints=true|false (BETA - default=true)
TopologyManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
TopologyManagerPolicyBetaOptions=true|false (BETA - default=false)
TopologyManagerPolicyOptions=true|false (ALPHA - default=false)
UserNamespacesStatelessPodsSupport=true|false (ALPHA - default=false)
ValidatingAdmissionPolicy=true|false (ALPHA - default=false)
VolumeCapacityPriority=true|false (ALPHA - default=false)
WatchList=true|false (ALPHA - default=false)
WinDSR=true|false (ALPHA - default=false)
WinOverlay=true|false (BETA - default=true)
WindowsHostNetwork=true|false (ALPHA - default=true)

@@ -537,7 +537,7 @@ kube-controller-manager [flags] --kubeconfig string -

Path to kubeconfig file with authorization and master location information.

+

Path to kubeconfig file with authorization and master location information (the master location can be overridden by the master flag).

diff --git a/content/en/docs/reference/command-line-tools-reference/kube-proxy.md b/content/en/docs/reference/command-line-tools-reference/kube-proxy.md index 15b1aa9d2f4..34f71db84b9 100644 --- a/content/en/docs/reference/command-line-tools-reference/kube-proxy.md +++ b/content/en/docs/reference/command-line-tools-reference/kube-proxy.md @@ -144,7 +144,7 @@ kube-proxy [flags] --feature-gates <comma-separated 'key=True|False' pairs> -

A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
APIListChunking=true|false (BETA - default=true)
APIPriorityAndFairness=true|false (BETA - default=true)
APIResponseCompression=true|false (BETA - default=true)
APISelfSubjectReview=true|false (ALPHA - default=false)
APIServerIdentity=true|false (BETA - default=true)
APIServerTracing=true|false (ALPHA - default=false)
AggregatedDiscoveryEndpoint=true|false (ALPHA - default=false)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
AnyVolumeDataSource=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
CPUManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
CSINodeExpandSecret=true|false (ALPHA - default=false)
CSIVolumeHealth=true|false (ALPHA - default=false)
ComponentSLIs=true|false (ALPHA - default=false)
ContainerCheckpoint=true|false (ALPHA - default=false)
CronJobTimeZone=true|false (BETA - default=true)
CrossNamespaceVolumeDataSource=true|false (ALPHA - default=false)
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false)
CustomResourceValidationExpressions=true|false (BETA - default=true)
DisableCloudProviders=true|false (ALPHA - default=false)
DisableKubeletCloudCredentialProviders=true|false (ALPHA - default=false)
DownwardAPIHugePages=true|false (BETA - default=true)
DynamicResourceAllocation=true|false (ALPHA - default=false)
EventedPLEG=true|false (ALPHA - default=false)
ExpandedDNSConfig=true|false (BETA - default=true)
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false)
GRPCContainerProbe=true|false (BETA - default=true)
GracefulNodeShutdown=true|false (BETA - default=true)
GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - default=true)
HPAContainerMetrics=true|false (ALPHA - default=false)
HPAScaleToZero=true|false (ALPHA - default=false)
HonorPVReclaimPolicy=true|false (ALPHA - default=false)
IPTablesOwnershipCleanup=true|false (ALPHA - default=false)
InTreePluginAWSUnregister=true|false (ALPHA - default=false)
InTreePluginAzureDiskUnregister=true|false (ALPHA - default=false)
InTreePluginAzureFileUnregister=true|false (ALPHA - default=false)
InTreePluginGCEUnregister=true|false (ALPHA - default=false)
InTreePluginOpenStackUnregister=true|false (ALPHA - default=false)
InTreePluginPortworxUnregister=true|false (ALPHA - default=false)
InTreePluginRBDUnregister=true|false (ALPHA - default=false)
InTreePluginvSphereUnregister=true|false (ALPHA - default=false)
JobMutableNodeSchedulingDirectives=true|false (BETA - default=true)
JobPodFailurePolicy=true|false (BETA - default=true)
JobReadyPods=true|false (BETA - default=true)
KMSv2=true|false (ALPHA - default=false)
KubeletInUserNamespace=true|false (ALPHA - default=false)
KubeletPodResources=true|false (BETA - default=true)
KubeletPodResourcesGetAllocatable=true|false (BETA - default=true)
KubeletTracing=true|false (ALPHA - default=false)
LegacyServiceAccountTokenTracking=true|false (ALPHA - default=false)
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false)
LogarithmicScaleDown=true|false (BETA - default=true)
MatchLabelKeysInPodTopologySpread=true|false (ALPHA - default=false)
MaxUnavailableStatefulSet=true|false (ALPHA - default=false)
MemoryManager=true|false (BETA - default=true)
MemoryQoS=true|false (ALPHA - default=false)
MinDomainsInPodTopologySpread=true|false (BETA - default=false)
MinimizeIPTablesRestore=true|false (ALPHA - default=false)
MultiCIDRRangeAllocator=true|false (ALPHA - default=false)
NetworkPolicyStatus=true|false (ALPHA - default=false)
NodeInclusionPolicyInPodTopologySpread=true|false (BETA - default=true)
NodeOutOfServiceVolumeDetach=true|false (BETA - default=true)
NodeSwap=true|false (ALPHA - default=false)
OpenAPIEnums=true|false (BETA - default=true)
OpenAPIV3=true|false (BETA - default=true)
PDBUnhealthyPodEvictionPolicy=true|false (ALPHA - default=false)
PodAndContainerStatsFromCRI=true|false (ALPHA - default=false)
PodDeletionCost=true|false (BETA - default=true)
PodDisruptionConditions=true|false (BETA - default=true)
PodHasNetworkCondition=true|false (ALPHA - default=false)
PodSchedulingReadiness=true|false (ALPHA - default=false)
ProbeTerminationGracePeriod=true|false (BETA - default=true)
ProcMountType=true|false (ALPHA - default=false)
ProxyTerminatingEndpoints=true|false (BETA - default=true)
QOSReserved=true|false (ALPHA - default=false)
ReadWriteOncePod=true|false (ALPHA - default=false)
RecoverVolumeExpansionFailure=true|false (ALPHA - default=false)
RemainingItemCount=true|false (BETA - default=true)
RetroactiveDefaultStorageClass=true|false (BETA - default=true)
RotateKubeletServerCertificate=true|false (BETA - default=true)
SELinuxMountReadWriteOncePod=true|false (ALPHA - default=false)
SeccompDefault=true|false (BETA - default=true)
ServerSideFieldValidation=true|false (BETA - default=true)
SizeMemoryBackedVolumes=true|false (BETA - default=true)
StatefulSetAutoDeletePVC=true|false (ALPHA - default=false)
StatefulSetStartOrdinal=true|false (ALPHA - default=false)
StorageVersionAPI=true|false (ALPHA - default=false)
StorageVersionHash=true|false (BETA - default=true)
TopologyAwareHints=true|false (BETA - default=true)
TopologyManager=true|false (BETA - default=true)
TopologyManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
TopologyManagerPolicyBetaOptions=true|false (BETA - default=false)
TopologyManagerPolicyOptions=true|false (ALPHA - default=false)
UserNamespacesStatelessPodsSupport=true|false (ALPHA - default=false)
ValidatingAdmissionPolicy=true|false (ALPHA - default=false)
VolumeCapacityPriority=true|false (ALPHA - default=false)
WinDSR=true|false (ALPHA - default=false)
WinOverlay=true|false (BETA - default=true)
WindowsHostNetwork=true|false (ALPHA - default=true)
This parameter is ignored if a config file is specified by --config.

+

A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
APIListChunking=true|false (BETA - default=true)
APIPriorityAndFairness=true|false (BETA - default=true)
APIResponseCompression=true|false (BETA - default=true)
APISelfSubjectReview=true|false (BETA - default=true)
APIServerIdentity=true|false (BETA - default=true)
APIServerTracing=true|false (BETA - default=true)
AdmissionWebhookMatchConditions=true|false (ALPHA - default=false)
AggregatedDiscoveryEndpoint=true|false (BETA - default=true)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
AnyVolumeDataSource=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
CPUManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
CSINodeExpandSecret=true|false (BETA - default=true)
CSIVolumeHealth=true|false (ALPHA - default=false)
CloudControllerManagerWebhook=true|false (ALPHA - default=false)
CloudDualStackNodeIPs=true|false (ALPHA - default=false)
ClusterTrustBundle=true|false (ALPHA - default=false)
ComponentSLIs=true|false (BETA - default=true)
ContainerCheckpoint=true|false (ALPHA - default=false)
ContextualLogging=true|false (ALPHA - default=false)
CrossNamespaceVolumeDataSource=true|false (ALPHA - default=false)
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false)
CustomResourceValidationExpressions=true|false (BETA - default=true)
DisableCloudProviders=true|false (ALPHA - default=false)
DisableKubeletCloudCredentialProviders=true|false (ALPHA - default=false)
DynamicResourceAllocation=true|false (ALPHA - default=false)
ElasticIndexedJob=true|false (BETA - default=true)
EventedPLEG=true|false (BETA - default=false)
ExpandedDNSConfig=true|false (BETA - default=true)
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false)
GracefulNodeShutdown=true|false (BETA - default=true)
GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - default=true)
HPAContainerMetrics=true|false (BETA - default=true)
HPAScaleToZero=true|false (ALPHA - default=false)
HonorPVReclaimPolicy=true|false (ALPHA - default=false)
IPTablesOwnershipCleanup=true|false (BETA - default=true)
InPlacePodVerticalScaling=true|false (ALPHA - default=false)
InTreePluginAWSUnregister=true|false (ALPHA - default=false)
InTreePluginAzureDiskUnregister=true|false (ALPHA - default=false)
InTreePluginAzureFileUnregister=true|false (ALPHA - default=false)
InTreePluginGCEUnregister=true|false (ALPHA - default=false)
InTreePluginOpenStackUnregister=true|false (ALPHA - default=false)
InTreePluginPortworxUnregister=true|false (ALPHA - default=false)
InTreePluginRBDUnregister=true|false (ALPHA - default=false)
InTreePluginvSphereUnregister=true|false (ALPHA - default=false)
JobPodFailurePolicy=true|false (BETA - default=true)
JobReadyPods=true|false (BETA - default=true)
KMSv2=true|false (BETA - default=true)
KubeletInUserNamespace=true|false (ALPHA - default=false)
KubeletPodResources=true|false (BETA - default=true)
KubeletPodResourcesDynamicResources=true|false (ALPHA - default=false)
KubeletPodResourcesGet=true|false (ALPHA - default=false)
KubeletPodResourcesGetAllocatable=true|false (BETA - default=true)
KubeletTracing=true|false (BETA - default=true)
LegacyServiceAccountTokenTracking=true|false (BETA - default=true)
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false)
LogarithmicScaleDown=true|false (BETA - default=true)
LoggingAlphaOptions=true|false (ALPHA - default=false)
LoggingBetaOptions=true|false (BETA - default=true)
MatchLabelKeysInPodTopologySpread=true|false (BETA - default=true)
MaxUnavailableStatefulSet=true|false (ALPHA - default=false)
MemoryManager=true|false (BETA - default=true)
MemoryQoS=true|false (ALPHA - default=false)
MinDomainsInPodTopologySpread=true|false (BETA - default=true)
MinimizeIPTablesRestore=true|false (BETA - default=true)
MultiCIDRRangeAllocator=true|false (ALPHA - default=false)
MultiCIDRServiceAllocator=true|false (ALPHA - default=false)
NetworkPolicyStatus=true|false (ALPHA - default=false)
NewVolumeManagerReconstruction=true|false (BETA - default=true)
NodeInclusionPolicyInPodTopologySpread=true|false (BETA - default=true)
NodeLogQuery=true|false (ALPHA - default=false)
NodeOutOfServiceVolumeDetach=true|false (BETA - default=true)
NodeSwap=true|false (ALPHA - default=false)
OpenAPIEnums=true|false (BETA - default=true)
PDBUnhealthyPodEvictionPolicy=true|false (BETA - default=true)
PodAndContainerStatsFromCRI=true|false (ALPHA - default=false)
PodDeletionCost=true|false (BETA - default=true)
PodDisruptionConditions=true|false (BETA - default=true)
PodHasNetworkCondition=true|false (ALPHA - default=false)
PodSchedulingReadiness=true|false (BETA - default=true)
ProbeTerminationGracePeriod=true|false (BETA - default=true)
ProcMountType=true|false (ALPHA - default=false)
ProxyTerminatingEndpoints=true|false (BETA - default=true)
QOSReserved=true|false (ALPHA - default=false)
ReadWriteOncePod=true|false (BETA - default=true)
RecoverVolumeExpansionFailure=true|false (ALPHA - default=false)
RemainingItemCount=true|false (BETA - default=true)
RetroactiveDefaultStorageClass=true|false (BETA - default=true)
RotateKubeletServerCertificate=true|false (BETA - default=true)
SELinuxMountReadWriteOncePod=true|false (BETA - default=true)
SecurityContextDeny=true|false (ALPHA - default=false)
ServiceNodePortStaticSubrange=true|false (ALPHA - default=false)
SizeMemoryBackedVolumes=true|false (BETA - default=true)
StableLoadBalancerNodeSet=true|false (BETA - default=true)
StatefulSetAutoDeletePVC=true|false (BETA - default=true)
StatefulSetStartOrdinal=true|false (BETA - default=true)
StorageVersionAPI=true|false (ALPHA - default=false)
StorageVersionHash=true|false (BETA - default=true)
TopologyAwareHints=true|false (BETA - default=true)
TopologyManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
TopologyManagerPolicyBetaOptions=true|false (BETA - default=false)
TopologyManagerPolicyOptions=true|false (ALPHA - default=false)
UserNamespacesStatelessPodsSupport=true|false (ALPHA - default=false)
ValidatingAdmissionPolicy=true|false (ALPHA - default=false)
VolumeCapacityPriority=true|false (ALPHA - default=false)
WatchList=true|false (ALPHA - default=false)
WinDSR=true|false (ALPHA - default=false)
WinOverlay=true|false (BETA - default=true)
WindowsHostNetwork=true|false (ALPHA - default=true)
This parameter is ignored if a config file is specified by --config.

diff --git a/content/en/docs/reference/command-line-tools-reference/kube-scheduler.md b/content/en/docs/reference/command-line-tools-reference/kube-scheduler.md index d0032be6a16..7dc952537d4 100644 --- a/content/en/docs/reference/command-line-tools-reference/kube-scheduler.md +++ b/content/en/docs/reference/command-line-tools-reference/kube-scheduler.md @@ -145,7 +145,7 @@ kube-scheduler [flags] --contention-profiling     Default: true -

DEPRECATED: enable lock contention profiling, if profiling is enabled. This parameter is ignored if a config file is specified in --config.

+

DEPRECATED: enable block profiling, if profiling is enabled. This parameter is ignored if a config file is specified in --config.

@@ -159,7 +159,7 @@ kube-scheduler [flags] --feature-gates <comma-separated 'key=True|False' pairs> -

A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
APIListChunking=true|false (BETA - default=true)
APIPriorityAndFairness=true|false (BETA - default=true)
APIResponseCompression=true|false (BETA - default=true)
APISelfSubjectReview=true|false (ALPHA - default=false)
APIServerIdentity=true|false (BETA - default=true)
APIServerTracing=true|false (ALPHA - default=false)
AggregatedDiscoveryEndpoint=true|false (ALPHA - default=false)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
AnyVolumeDataSource=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
CPUManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
CSINodeExpandSecret=true|false (ALPHA - default=false)
CSIVolumeHealth=true|false (ALPHA - default=false)
ComponentSLIs=true|false (ALPHA - default=false)
ContainerCheckpoint=true|false (ALPHA - default=false)
ContextualLogging=true|false (ALPHA - default=false)
CronJobTimeZone=true|false (BETA - default=true)
CrossNamespaceVolumeDataSource=true|false (ALPHA - default=false)
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false)
CustomResourceValidationExpressions=true|false (BETA - default=true)
DisableCloudProviders=true|false (ALPHA - default=false)
DisableKubeletCloudCredentialProviders=true|false (ALPHA - default=false)
DownwardAPIHugePages=true|false (BETA - default=true)
DynamicResourceAllocation=true|false (ALPHA - default=false)
EventedPLEG=true|false (ALPHA - default=false)
ExpandedDNSConfig=true|false (BETA - default=true)
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false)
GRPCContainerProbe=true|false (BETA - default=true)
GracefulNodeShutdown=true|false (BETA - default=true)
GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - default=true)
HPAContainerMetrics=true|false (ALPHA - default=false)
HPAScaleToZero=true|false (ALPHA - default=false)
HonorPVReclaimPolicy=true|false (ALPHA - default=false)
IPTablesOwnershipCleanup=true|false (ALPHA - default=false)
InTreePluginAWSUnregister=true|false (ALPHA - default=false)
InTreePluginAzureDiskUnregister=true|false (ALPHA - default=false)
InTreePluginAzureFileUnregister=true|false (ALPHA - default=false)
InTreePluginGCEUnregister=true|false (ALPHA - default=false)
InTreePluginOpenStackUnregister=true|false (ALPHA - default=false)
InTreePluginPortworxUnregister=true|false (ALPHA - default=false)
InTreePluginRBDUnregister=true|false (ALPHA - default=false)
InTreePluginvSphereUnregister=true|false (ALPHA - default=false)
JobMutableNodeSchedulingDirectives=true|false (BETA - default=true)
JobPodFailurePolicy=true|false (BETA - default=true)
JobReadyPods=true|false (BETA - default=true)
KMSv2=true|false (ALPHA - default=false)
KubeletInUserNamespace=true|false (ALPHA - default=false)
KubeletPodResources=true|false (BETA - default=true)
KubeletPodResourcesGetAllocatable=true|false (BETA - default=true)
KubeletTracing=true|false (ALPHA - default=false)
LegacyServiceAccountTokenTracking=true|false (ALPHA - default=false)
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false)
LogarithmicScaleDown=true|false (BETA - default=true)
LoggingAlphaOptions=true|false (ALPHA - default=false)
LoggingBetaOptions=true|false (BETA - default=true)
MatchLabelKeysInPodTopologySpread=true|false (ALPHA - default=false)
MaxUnavailableStatefulSet=true|false (ALPHA - default=false)
MemoryManager=true|false (BETA - default=true)
MemoryQoS=true|false (ALPHA - default=false)
MinDomainsInPodTopologySpread=true|false (BETA - default=false)
MinimizeIPTablesRestore=true|false (ALPHA - default=false)
MultiCIDRRangeAllocator=true|false (ALPHA - default=false)
NetworkPolicyStatus=true|false (ALPHA - default=false)
NodeInclusionPolicyInPodTopologySpread=true|false (BETA - default=true)
NodeOutOfServiceVolumeDetach=true|false (BETA - default=true)
NodeSwap=true|false (ALPHA - default=false)
OpenAPIEnums=true|false (BETA - default=true)
OpenAPIV3=true|false (BETA - default=true)
PDBUnhealthyPodEvictionPolicy=true|false (ALPHA - default=false)
PodAndContainerStatsFromCRI=true|false (ALPHA - default=false)
PodDeletionCost=true|false (BETA - default=true)
PodDisruptionConditions=true|false (BETA - default=true)
PodHasNetworkCondition=true|false (ALPHA - default=false)
PodSchedulingReadiness=true|false (ALPHA - default=false)
ProbeTerminationGracePeriod=true|false (BETA - default=true)
ProcMountType=true|false (ALPHA - default=false)
ProxyTerminatingEndpoints=true|false (BETA - default=true)
QOSReserved=true|false (ALPHA - default=false)
ReadWriteOncePod=true|false (ALPHA - default=false)
RecoverVolumeExpansionFailure=true|false (ALPHA - default=false)
RemainingItemCount=true|false (BETA - default=true)
RetroactiveDefaultStorageClass=true|false (BETA - default=true)
RotateKubeletServerCertificate=true|false (BETA - default=true)
SELinuxMountReadWriteOncePod=true|false (ALPHA - default=false)
SeccompDefault=true|false (BETA - default=true)
ServerSideFieldValidation=true|false (BETA - default=true)
SizeMemoryBackedVolumes=true|false (BETA - default=true)
StatefulSetAutoDeletePVC=true|false (ALPHA - default=false)
StatefulSetStartOrdinal=true|false (ALPHA - default=false)
StorageVersionAPI=true|false (ALPHA - default=false)
StorageVersionHash=true|false (BETA - default=true)
TopologyAwareHints=true|false (BETA - default=true)
TopologyManager=true|false (BETA - default=true)
TopologyManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
TopologyManagerPolicyBetaOptions=true|false (BETA - default=false)
TopologyManagerPolicyOptions=true|false (ALPHA - default=false)
UserNamespacesStatelessPodsSupport=true|false (ALPHA - default=false)
ValidatingAdmissionPolicy=true|false (ALPHA - default=false)
VolumeCapacityPriority=true|false (ALPHA - default=false)
WinDSR=true|false (ALPHA - default=false)
WinOverlay=true|false (BETA - default=true)
WindowsHostNetwork=true|false (ALPHA - default=true)

+

A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
APIListChunking=true|false (BETA - default=true)
APIPriorityAndFairness=true|false (BETA - default=true)
APIResponseCompression=true|false (BETA - default=true)
APISelfSubjectReview=true|false (BETA - default=true)
APIServerIdentity=true|false (BETA - default=true)
APIServerTracing=true|false (BETA - default=true)
AdmissionWebhookMatchConditions=true|false (ALPHA - default=false)
AggregatedDiscoveryEndpoint=true|false (BETA - default=true)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
AnyVolumeDataSource=true|false (BETA - default=true)
AppArmor=true|false (BETA - default=true)
CPUManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
CSINodeExpandSecret=true|false (BETA - default=true)
CSIVolumeHealth=true|false (ALPHA - default=false)
CloudControllerManagerWebhook=true|false (ALPHA - default=false)
CloudDualStackNodeIPs=true|false (ALPHA - default=false)
ClusterTrustBundle=true|false (ALPHA - default=false)
ComponentSLIs=true|false (BETA - default=true)
ContainerCheckpoint=true|false (ALPHA - default=false)
ContextualLogging=true|false (ALPHA - default=false)
CrossNamespaceVolumeDataSource=true|false (ALPHA - default=false)
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false)
CustomResourceValidationExpressions=true|false (BETA - default=true)
DisableCloudProviders=true|false (ALPHA - default=false)
DisableKubeletCloudCredentialProviders=true|false (ALPHA - default=false)
DynamicResourceAllocation=true|false (ALPHA - default=false)
ElasticIndexedJob=true|false (BETA - default=true)
EventedPLEG=true|false (BETA - default=false)
ExpandedDNSConfig=true|false (BETA - default=true)
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false)
GracefulNodeShutdown=true|false (BETA - default=true)
GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - default=true)
HPAContainerMetrics=true|false (BETA - default=true)
HPAScaleToZero=true|false (ALPHA - default=false)
HonorPVReclaimPolicy=true|false (ALPHA - default=false)
IPTablesOwnershipCleanup=true|false (BETA - default=true)
InPlacePodVerticalScaling=true|false (ALPHA - default=false)
InTreePluginAWSUnregister=true|false (ALPHA - default=false)
InTreePluginAzureDiskUnregister=true|false (ALPHA - default=false)
InTreePluginAzureFileUnregister=true|false (ALPHA - default=false)
InTreePluginGCEUnregister=true|false (ALPHA - default=false)
InTreePluginOpenStackUnregister=true|false (ALPHA - default=false)
InTreePluginPortworxUnregister=true|false (ALPHA - default=false)
InTreePluginRBDUnregister=true|false (ALPHA - default=false)
InTreePluginvSphereUnregister=true|false (ALPHA - default=false)
JobPodFailurePolicy=true|false (BETA - default=true)
JobReadyPods=true|false (BETA - default=true)
KMSv2=true|false (BETA - default=true)
KubeletInUserNamespace=true|false (ALPHA - default=false)
KubeletPodResources=true|false (BETA - default=true)
KubeletPodResourcesDynamicResources=true|false (ALPHA - default=false)
KubeletPodResourcesGet=true|false (ALPHA - default=false)
KubeletPodResourcesGetAllocatable=true|false (BETA - default=true)
KubeletTracing=true|false (BETA - default=true)
LegacyServiceAccountTokenTracking=true|false (BETA - default=true)
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false)
LogarithmicScaleDown=true|false (BETA - default=true)
LoggingAlphaOptions=true|false (ALPHA - default=false)
LoggingBetaOptions=true|false (BETA - default=true)
MatchLabelKeysInPodTopologySpread=true|false (BETA - default=true)
MaxUnavailableStatefulSet=true|false (ALPHA - default=false)
MemoryManager=true|false (BETA - default=true)
MemoryQoS=true|false (ALPHA - default=false)
MinDomainsInPodTopologySpread=true|false (BETA - default=true)
MinimizeIPTablesRestore=true|false (BETA - default=true)
MultiCIDRRangeAllocator=true|false (ALPHA - default=false)
MultiCIDRServiceAllocator=true|false (ALPHA - default=false)
NetworkPolicyStatus=true|false (ALPHA - default=false)
NewVolumeManagerReconstruction=true|false (BETA - default=true)
NodeInclusionPolicyInPodTopologySpread=true|false (BETA - default=true)
NodeLogQuery=true|false (ALPHA - default=false)
NodeOutOfServiceVolumeDetach=true|false (BETA - default=true)
NodeSwap=true|false (ALPHA - default=false)
OpenAPIEnums=true|false (BETA - default=true)
PDBUnhealthyPodEvictionPolicy=true|false (BETA - default=true)
PodAndContainerStatsFromCRI=true|false (ALPHA - default=false)
PodDeletionCost=true|false (BETA - default=true)
PodDisruptionConditions=true|false (BETA - default=true)
PodHasNetworkCondition=true|false (ALPHA - default=false)
PodSchedulingReadiness=true|false (BETA - default=true)
ProbeTerminationGracePeriod=true|false (BETA - default=true)
ProcMountType=true|false (ALPHA - default=false)
ProxyTerminatingEndpoints=true|false (BETA - default=true)
QOSReserved=true|false (ALPHA - default=false)
ReadWriteOncePod=true|false (BETA - default=true)
RecoverVolumeExpansionFailure=true|false (ALPHA - default=false)
RemainingItemCount=true|false (BETA - default=true)
RetroactiveDefaultStorageClass=true|false (BETA - default=true)
RotateKubeletServerCertificate=true|false (BETA - default=true)
SELinuxMountReadWriteOncePod=true|false (BETA - default=true)
SecurityContextDeny=true|false (ALPHA - default=false)
ServiceNodePortStaticSubrange=true|false (ALPHA - default=false)
SizeMemoryBackedVolumes=true|false (BETA - default=true)
StableLoadBalancerNodeSet=true|false (BETA - default=true)
StatefulSetAutoDeletePVC=true|false (BETA - default=true)
StatefulSetStartOrdinal=true|false (BETA - default=true)
StorageVersionAPI=true|false (ALPHA - default=false)
StorageVersionHash=true|false (BETA - default=true)
TopologyAwareHints=true|false (BETA - default=true)
TopologyManagerPolicyAlphaOptions=true|false (ALPHA - default=false)
TopologyManagerPolicyBetaOptions=true|false (BETA - default=false)
TopologyManagerPolicyOptions=true|false (ALPHA - default=false)
UserNamespacesStatelessPodsSupport=true|false (ALPHA - default=false)
ValidatingAdmissionPolicy=true|false (ALPHA - default=false)
VolumeCapacityPriority=true|false (ALPHA - default=false)
WatchList=true|false (ALPHA - default=false)
WinDSR=true|false (ALPHA - default=false)
WinOverlay=true|false (BETA - default=true)
WindowsHostNetwork=true|false (ALPHA - default=true)

diff --git a/content/en/docs/reference/command-line-tools-reference/kubelet.md b/content/en/docs/reference/command-line-tools-reference/kubelet.md index f0ecdb0b7ff..deb186ec5f6 100644 --- a/content/en/docs/reference/command-line-tools-reference/kubelet.md +++ b/content/en/docs/reference/command-line-tools-reference/kubelet.md @@ -381,7 +381,7 @@ CPUManagerPolicyBetaOptions=true|false (BETA - default=true)
CPUManagerPolicyOptions=true|false (BETA - default=true)
CSIMigrationPortworx=true|false (BETA - default=false)
CSIMigrationRBD=true|false (ALPHA - default=false)
-CSINodeExpandSecret=true|false (ALPHA - default=false)
+CSINodeExpandSecret=true|false (BETA - default=true)
CSIVolumeHealth=true|false (ALPHA - default=false)
ComponentSLIs=true|false (ALPHA - default=false)
ContainerCheckpoint=true|false (ALPHA - default=false)
diff --git a/content/en/docs/reference/config-api/apiserver-admission.v1.md b/content/en/docs/reference/config-api/apiserver-admission.v1.md index a4c70ac9f0f..946b011e771 100644 --- a/content/en/docs/reference/config-api/apiserver-admission.v1.md +++ b/content/en/docs/reference/config-api/apiserver-admission.v1.md @@ -72,14 +72,14 @@ It is suitable for correlating log entries between the webhook and apiserver, fo kind [Required]
-meta/v1.GroupVersionKind +meta/v1.GroupVersionKind

Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)

resource [Required]
-meta/v1.GroupVersionResource +meta/v1.GroupVersionResource

Resource is the fully-qualified resource being requested (for example, v1.pods)

@@ -93,7 +93,7 @@ It is suitable for correlating log entries between the webhook and apiserver, fo requestKind
-meta/v1.GroupVersionKind +meta/v1.GroupVersionKind

RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale). @@ -107,7 +107,7 @@ and requestKind: {group:"apps", version:"v1beta1", kin requestResource
-meta/v1.GroupVersionResource +meta/v1.GroupVersionResource

RequestResource is the fully-qualified resource of the original API request (for example, v1.pods). @@ -153,7 +153,7 @@ requested. e.g. a patch can result in either a CREATE or UPDATE Operation.

userInfo [Required]
-authentication/v1.UserInfo +authentication/v1.UserInfo

UserInfo is information about the requesting user

@@ -227,7 +227,7 @@ This must be copied over from the corresponding AdmissionRequest.

status
-meta/v1.Status +meta/v1.Status

Result contains extra details into why an admission request was denied. diff --git a/content/en/docs/reference/config-api/apiserver-audit.v1.md b/content/en/docs/reference/config-api/apiserver-audit.v1.md index ffef0b7f2b0..e89270a91a3 100644 --- a/content/en/docs/reference/config-api/apiserver-audit.v1.md +++ b/content/en/docs/reference/config-api/apiserver-audit.v1.md @@ -72,14 +72,14 @@ For non-resource requests, this is the lower-cased HTTP method.

user [Required]
-authentication/v1.UserInfo +authentication/v1.UserInfo

Authenticated user information.

impersonatedUser
-authentication/v1.UserInfo +authentication/v1.UserInfo

Impersonated user information.

@@ -117,7 +117,7 @@ Does not apply for List-type requests, or non-resource requests.

responseStatus
-meta/v1.Status +meta/v1.Status

The response status, populated even when the ResponseObject is not a Status type. @@ -145,14 +145,14 @@ at Response Level.

requestReceivedTimestamp
-meta/v1.MicroTime +meta/v1.MicroTime

Time the request reached the apiserver.

stageTimestamp
-meta/v1.MicroTime +meta/v1.MicroTime

Time the request reached current audit stage.

@@ -189,7 +189,7 @@ should be short. Annotations are included in the Metadata level.

metadata
-meta/v1.ListMeta +meta/v1.ListMeta No description provided. @@ -224,7 +224,7 @@ categories are logged.

metadata
-meta/v1.ObjectMeta +meta/v1.ObjectMeta

ObjectMeta is included for interoperability with API infrastructure.

@@ -279,7 +279,7 @@ in a rule will override the global default.

metadata
-meta/v1.ListMeta +meta/v1.ListMeta No description provided. diff --git a/content/en/docs/reference/config-api/apiserver-config.v1alpha1.md b/content/en/docs/reference/config-api/apiserver-config.v1alpha1.md index f2dc0bf5950..0c85b397f61 100644 --- a/content/en/docs/reference/config-api/apiserver-config.v1alpha1.md +++ b/content/en/docs/reference/config-api/apiserver-config.v1alpha1.md @@ -81,23 +81,11 @@ auto_generated: true kind
stringTracingConfiguration -endpoint
-string +TracingConfiguration [Required]
+TracingConfiguration - -

Endpoint of the collector that's running on the control-plane node. -The APIServer uses the egressType ControlPlane when sending data to the collector. -The syntax is defined in https://github.com/grpc/grpc/blob/master/doc/naming.md. -Defaults to the otlpgrpc default, localhost:4317 -The connection is insecure, and does not support TLS.

- - -samplingRatePerMillion
-int32 - - -

SamplingRatePerMillion is the number of samples to collect per million spans. -Defaults to 0.

+(Members of TracingConfiguration are embedded into this type.) +

Embed the component config tracing configuration struct

@@ -372,4 +360,45 @@ This does not use a unix:// prefix. (Eg: /etc/srv/kubernetes/konnectivity-server - \ No newline at end of file + + + + +## `TracingConfiguration` {#TracingConfiguration} + + +**Appears in:** + +- [KubeletConfiguration](#kubelet-config-k8s-io-v1beta1-KubeletConfiguration) + +- [TracingConfiguration](#apiserver-k8s-io-v1alpha1-TracingConfiguration) + + +

TracingConfiguration provides versioned configuration for OpenTelemetry tracing clients.

+ + + + + + + + + + + + + + +
FieldDescription
endpoint
+string +		 +

Endpoint of the collector this component will report traces to. +The connection is insecure, and does not currently support TLS. +Recommended is unset, and endpoint is the otlp grpc default, localhost:4317.

+
samplingRatePerMillion
+int32 +		 +

SamplingRatePerMillion is the number of samples to collect per million spans. +Recommended is unset. If unset, sampler respects its parent span's sampling +rate, but otherwise never samples.

+
\ No newline at end of file diff --git a/content/en/docs/reference/config-api/apiserver-config.v1beta1.md b/content/en/docs/reference/config-api/apiserver-config.v1beta1.md index 0ed8e17a44d..6acb3540cd0 100644 --- a/content/en/docs/reference/config-api/apiserver-config.v1beta1.md +++ b/content/en/docs/reference/config-api/apiserver-config.v1beta1.md @@ -11,6 +11,7 @@ auto_generated: true - [EgressSelectorConfiguration](#apiserver-k8s-io-v1beta1-EgressSelectorConfiguration) +- [TracingConfiguration](#apiserver-k8s-io-v1beta1-TracingConfiguration) @@ -39,6 +40,31 @@ auto_generated: true +## `TracingConfiguration` {#apiserver-k8s-io-v1beta1-TracingConfiguration} + + + +

TracingConfiguration provides versioned configuration for tracing clients.

+ + + + + + + + + + + + + + +
FieldDescription
apiVersion
string		apiserver.k8s.io/v1beta1
kind
string		TracingConfiguration
TracingConfiguration [Required]
+TracingConfiguration +		(Members of TracingConfiguration are embedded into this type.) +

Embed the component config tracing configuration struct

+
+ ## `Connection` {#apiserver-k8s-io-v1beta1-Connection} @@ -265,4 +291,47 @@ This does not use a unix:// prefix. (Eg: /etc/srv/kubernetes/konnectivity-server - \ No newline at end of file + + + + +## `TracingConfiguration` {#TracingConfiguration} + + +**Appears in:** + +- [KubeletConfiguration](#kubelet-config-k8s-io-v1beta1-KubeletConfiguration) + +- [TracingConfiguration](#apiserver-k8s-io-v1alpha1-TracingConfiguration) + +- [TracingConfiguration](#apiserver-k8s-io-v1beta1-TracingConfiguration) + + +

TracingConfiguration provides versioned configuration for OpenTelemetry tracing clients.

+ + + + + + + + + + + + + + +
FieldDescription
endpoint
+string +		 +

Endpoint of the collector this component will report traces to. +The connection is insecure, and does not currently support TLS. +Recommended is unset, and endpoint is the otlp grpc default, localhost:4317.

+
samplingRatePerMillion
+int32 +		 +

SamplingRatePerMillion is the number of samples to collect per million spans. +Recommended is unset. If unset, sampler respects its parent span's sampling +rate, but otherwise never samples.

+
\ No newline at end of file diff --git a/content/en/docs/reference/config-api/apiserver-encryption.v1.md b/content/en/docs/reference/config-api/apiserver-encryption.v1.md index bd12284f306..ecc82b7db7c 100644 --- a/content/en/docs/reference/config-api/apiserver-encryption.v1.md +++ b/content/en/docs/reference/config-api/apiserver-encryption.v1.md @@ -18,7 +18,45 @@ auto_generated: true -

EncryptionConfiguration stores the complete configuration for encryption providers.

+

EncryptionConfiguration stores the complete configuration for encryption providers. +It also allows the use of wildcards to specify the resources that should be encrypted. +Use '.' to encrypt all resources within a group or '.' to encrypt all resources. +'.' can be used to encrypt all resource in the core group. '.' will encrypt all +resources, even custom resources that are added after API server start. +Use of wildcards that overlap within the same resource list or across multiple +entries are not allowed since part of the configuration would be ineffective. +Resource lists are processed in order, with earlier lists taking precedence.

+

Example:

+
kind: EncryptionConfiguration
+apiVersion: apiserver.config.k8s.io/v1
+resources:
+- resources:
+  - events
+  providers:
+  - identity: {}  # do not encrypt events even though *.* is specified below
+- resources:
+  - secrets
+  - configmaps
+  - pandas.awesome.bears.example
+  providers:
+  - aescbc:
+      keys:
+      - name: key1
+        secret: c2VjcmV0IGlzIHNlY3VyZQ==
+- resources:
+  - '*.apps'
+  providers:
+  - aescbc:
+      keys:
+      - name: key2
+        secret: c2VjcmV0IGlzIHNlY3VyZSwgb3IgaXMgaXQ/Cg==
+- resources:
+  - '*.*'
+  providers:
+  - aescbc:
+      keys:
+      - name: key3
+        secret: c2VjcmV0IGlzIHNlY3VyZSwgSSB0aGluaw==
@@ -114,7 +152,7 @@ Each key has to be 32 bytes long for AES-CBC and 16, 24 or 32 bytes for AES-GCM. diff --git a/content/en/docs/reference/config-api/client-authentication.v1.md b/content/en/docs/reference/config-api/client-authentication.v1.md index 0a3fab1a5c4..63bbeb00176 100644 --- a/content/en/docs/reference/config-api/client-authentication.v1.md +++ b/content/en/docs/reference/config-api/client-authentication.v1.md @@ -206,7 +206,7 @@ itself should at least be protected via file permissions.

cachesize is the maximum number of secrets which are cached in memory. The default value is 1000. -Set to a negative value to disable caching.

+Set to a negative value to disable caching. This field is only allowed for KMS v1 providers.
endpoint [Required]
@@ -243,7 +281,11 @@ Set to a negative value to disable caching.

[]string 		-

resources is a list of kubernetes resources which have to be encrypted.

+

resources is a list of kubernetes resources which have to be encrypted. The resource names are derived from resource or resource.group of the group/version/resource. +eg: pandas.awesome.bears.example is a custom resource with 'group': awesome.bears.example, 'resource': pandas. +Use '.' to encrypt all resources and '.' to encrypt all resources in a specific group. +eg: '.awesome.bears.example' will encrypt all resources in the group 'awesome.bears.example'. +eg: '*.' will encrypt all resources in the core group (such as pods, configmaps, etc).
providers [Required]
@@ -251,7 +293,7 @@ Set to a negative value to disable caching.

providers is a list of transformers to be used for reading and writing the resources to disk. -eg: aesgcm, aescbc, secretbox, identity.

+eg: aesgcm, aescbc, secretbox, identity, kms.
expirationTimestamp
-meta/v1.Time +meta/v1.Time

ExpirationTimestamp indicates a time when the provided credentials expire.

diff --git a/content/en/docs/reference/config-api/client-authentication.v1beta1.md b/content/en/docs/reference/config-api/client-authentication.v1beta1.md index 09aa4dcc875..f8cab963cdd 100644 --- a/content/en/docs/reference/config-api/client-authentication.v1beta1.md +++ b/content/en/docs/reference/config-api/client-authentication.v1beta1.md @@ -206,7 +206,7 @@ itself should at least be protected via file permissions.

expirationTimestamp
-meta/v1.Time +meta/v1.Time

ExpirationTimestamp indicates a time when the provided credentials expire.

diff --git a/content/en/docs/reference/config-api/imagepolicy.v1alpha1.md b/content/en/docs/reference/config-api/imagepolicy.v1alpha1.md index 0eaa8f14ade..fb55f9a06b5 100644 --- a/content/en/docs/reference/config-api/imagepolicy.v1alpha1.md +++ b/content/en/docs/reference/config-api/imagepolicy.v1alpha1.md @@ -29,7 +29,7 @@ auto_generated: true
metadata
-meta/v1.ObjectMeta +meta/v1.ObjectMeta

Standard object's metadata. diff --git a/content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md b/content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md index 4ec29226a5d..1b4b120abd0 100644 --- a/content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md +++ b/content/en/docs/reference/config-api/kube-controller-manager-config.v1alpha1.md @@ -1,7 +1,7 @@ --- title: kube-controller-manager Configuration (v1alpha1) content_type: tool-reference -package: controllermanager.config.k8s.io/v1alpha1 +package: cloudcontrollermanager.config.k8s.io/v1alpha1 auto_generated: true --- @@ -9,11 +9,358 @@ auto_generated: true ## Resource Types -- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) - [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) +- [LeaderMigrationConfiguration](#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration) +- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) +## `NodeControllerConfiguration` {#NodeControllerConfiguration} + + +**Appears in:** + +- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) + + +

NodeControllerConfiguration contains elements describing NodeController.

+ + + + + + + + + + + +
FieldDescription
ConcurrentNodeSyncs [Required]
+int32 +		 +

ConcurrentNodeSyncs is the number of workers +concurrently synchronizing nodes

+
+ +## `ServiceControllerConfiguration` {#ServiceControllerConfiguration} + + +**Appears in:** + +- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) + +- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) + + +

ServiceControllerConfiguration contains elements describing ServiceController.

+ + + + + + + + + + + +
FieldDescription
ConcurrentServiceSyncs [Required]
+int32 +		 +

concurrentServiceSyncs is the number of services that are +allowed to sync concurrently. Larger number = more responsive service +management, but more CPU (and network) load.

+
+ + + +## `CloudControllerManagerConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration} + + + +

CloudControllerManagerConfiguration contains elements describing cloud-controller manager.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
apiVersion
string		cloudcontrollermanager.config.k8s.io/v1alpha1
kind
string		CloudControllerManagerConfiguration
Generic [Required]
+GenericControllerManagerConfiguration +		 +

Generic holds configuration for a generic controller-manager

+
KubeCloudShared [Required]
+KubeCloudSharedConfiguration +		 +

KubeCloudSharedConfiguration holds configuration for shared related features +both in cloud controller manager and kube-controller manager.

+
NodeController [Required]
+NodeControllerConfiguration +		 +

NodeController holds configuration for node controller +related features.

+
ServiceController [Required]
+ServiceControllerConfiguration +		 +

ServiceControllerConfiguration holds configuration for ServiceController +related features.

+
NodeStatusUpdateFrequency [Required]
+meta/v1.Duration +		 +

NodeStatusUpdateFrequency is the frequency at which the controller updates nodes' status

+
Webhook [Required]
+WebhookConfiguration +		 +

Webhook is the configuration for cloud-controller-manager hosted webhooks

+
+ +## `CloudProviderConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudProviderConfiguration} + + +**Appears in:** + +- [KubeCloudSharedConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-KubeCloudSharedConfiguration) + + +

CloudProviderConfiguration contains basically elements about cloud provider.

+ + + + + + + + + + + + + + +
FieldDescription
Name [Required]
+string +		 +

Name is the provider for cloud services.

+
CloudConfigFile [Required]
+string +		 +

cloudConfigFile is the path to the cloud provider configuration file.

+
+ +## `KubeCloudSharedConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-KubeCloudSharedConfiguration} + + +**Appears in:** + +- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) + +- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) + + +

KubeCloudSharedConfiguration contains elements shared by both kube-controller manager +and cloud-controller manager, but not genericconfig.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
CloudProvider [Required]
+CloudProviderConfiguration +		 +

CloudProviderConfiguration holds configuration for CloudProvider related features.

+
ExternalCloudVolumePlugin [Required]
+string +		 +

externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external". +It is currently used by the in repo cloud providers to handle node and volume control in the KCM.

+
UseServiceAccountCredentials [Required]
+bool +		 +

useServiceAccountCredentials indicates whether controllers should be run with +individual service account credentials.

+
AllowUntaggedCloud [Required]
+bool +		 +

run with untagged cloud instances

+
RouteReconciliationPeriod [Required]
+meta/v1.Duration +		 +

routeReconciliationPeriod is the period for reconciling routes created for Nodes by cloud provider..

+
NodeMonitorPeriod [Required]
+meta/v1.Duration +		 +

nodeMonitorPeriod is the period for syncing NodeStatus in NodeController.

+
ClusterName [Required]
+string +		 +

clusterName is the instance prefix for the cluster.

+
ClusterCIDR [Required]
+string +		 +

clusterCIDR is CIDR Range for Pods in cluster.

+
AllocateNodeCIDRs [Required]
+bool +		 +

AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if +ConfigureCloudRoutes is true, to be set on the cloud provider.

+
CIDRAllocatorType [Required]
+string +		 +

CIDRAllocatorType determines what kind of pod CIDR allocator will be used.

+
ConfigureCloudRoutes [Required]
+bool +		 +

configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs +to be configured on the cloud provider.

+
NodeSyncPeriod [Required]
+meta/v1.Duration +		 +

nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer +periods will result in fewer calls to cloud provider, but may delay addition +of new nodes to cluster.

+
+ +## `WebhookConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-WebhookConfiguration} + + +**Appears in:** + +- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) + + +

WebhookConfiguration contains configuration related to +cloud-controller-manager hosted webhooks

+ + + + + + + + + + + +
FieldDescription
Webhooks [Required]
+[]string +		 +

Webhooks is the list of webhooks to enable or disable +'*' means "all enabled by default webhooks" +'foo' means "enable 'foo'" +'-foo' means "disable 'foo'" +first item for a particular name wins

+
+ + + + +## `LeaderMigrationConfiguration` {#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration} + + +**Appears in:** + +- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration) + + +

LeaderMigrationConfiguration provides versioned configuration for all migrating leader locks.

+ + + + + + + + + + + + + + + + + + + + +
FieldDescription
apiVersion
string		controllermanager.config.k8s.io/v1alpha1
kind
string		LeaderMigrationConfiguration
leaderName [Required]
+string +		 +

LeaderName is the name of the leader election resource that protects the migration +E.g. 1-20-KCM-to-1-21-CCM

+
resourceLock [Required]
+string +		 +

ResourceLock indicates the resource object type that will be used to lock +Should be "leases" or "endpoints"

+
controllerLeaders [Required]
+[]ControllerLeaderConfiguration +		 +

ControllerLeaders contains a list of migrating leader lock configurations

+
+ ## `ControllerLeaderConfiguration` {#controllermanager-config-k8s-io-v1alpha1-ControllerLeaderConfiguration} @@ -146,48 +493,6 @@ first item for a particular name wins
- -## `LeaderMigrationConfiguration` {#controllermanager-config-k8s-io-v1alpha1-LeaderMigrationConfiguration} - - -**Appears in:** - -- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration) - - -

LeaderMigrationConfiguration provides versioned configuration for all migrating leader locks.

- - - - - - - - - - - - - - - - - -
FieldDescription
leaderName [Required]
-string -		 -

LeaderName is the name of the leader election resource that protects the migration -E.g. 1-20-KCM-to-1-21-CCM

-
resourceLock [Required]
-string -		 -

ResourceLock indicates the resource object type that will be used to lock -Should be "leases" or "endpoints"

-
controllerLeaders [Required]
-[]ControllerLeaderConfiguration -		 -

ControllerLeaders contains a list of migrating leader lock configurations

-
@@ -1115,14 +1420,6 @@ allowed to sync concurrently.

-EnableTaintManager [Required]
-bool - - -

If set to true enables NoExecute Taints and will evict all not-tolerating -Pod running on Nodes tainted with this kind of Taints.

- - NodeEvictionRate [Required]
float32 @@ -1582,230 +1879,4 @@ volume plugin should search for additional third party volume plugins

- - - - -## `ServiceControllerConfiguration` {#ServiceControllerConfiguration} - - -**Appears in:** - -- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) - -- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) - - -

ServiceControllerConfiguration contains elements describing ServiceController.

- - - - - - - - - - - -
FieldDescription
ConcurrentServiceSyncs [Required]
-int32 -		 -

concurrentServiceSyncs is the number of services that are -allowed to sync concurrently. Larger number = more responsive service -management, but more CPU (and network) load.

-
- - - -## `CloudControllerManagerConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration} - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		cloudcontrollermanager.config.k8s.io/v1alpha1
kind
string		CloudControllerManagerConfiguration
Generic [Required]
-GenericControllerManagerConfiguration -		 -

Generic holds configuration for a generic controller-manager

-
KubeCloudShared [Required]
-KubeCloudSharedConfiguration -		 -

KubeCloudSharedConfiguration holds configuration for shared related features -both in cloud controller manager and kube-controller manager.

-
ServiceController [Required]
-ServiceControllerConfiguration -		 -

ServiceControllerConfiguration holds configuration for ServiceController -related features.

-
NodeStatusUpdateFrequency [Required]
-meta/v1.Duration -		 -

NodeStatusUpdateFrequency is the frequency at which the controller updates nodes' status

-
- -## `CloudProviderConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudProviderConfiguration} - - -**Appears in:** - -- [KubeCloudSharedConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-KubeCloudSharedConfiguration) - - -

CloudProviderConfiguration contains basically elements about cloud provider.

- - - - - - - - - - - - - - -
FieldDescription
Name [Required]
-string -		 -

Name is the provider for cloud services.

-
CloudConfigFile [Required]
-string -		 -

cloudConfigFile is the path to the cloud provider configuration file.

-
- -## `KubeCloudSharedConfiguration` {#cloudcontrollermanager-config-k8s-io-v1alpha1-KubeCloudSharedConfiguration} - - -**Appears in:** - -- [CloudControllerManagerConfiguration](#cloudcontrollermanager-config-k8s-io-v1alpha1-CloudControllerManagerConfiguration) - -- [KubeControllerManagerConfiguration](#kubecontrollermanager-config-k8s-io-v1alpha1-KubeControllerManagerConfiguration) - - -

KubeCloudSharedConfiguration contains elements shared by both kube-controller manager -and cloud-controller manager, but not genericconfig.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
CloudProvider [Required]
-CloudProviderConfiguration -		 -

CloudProviderConfiguration holds configuration for CloudProvider related features.

-
ExternalCloudVolumePlugin [Required]
-string -		 -

externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external". -It is currently used by the in repo cloud providers to handle node and volume control in the KCM.

-
UseServiceAccountCredentials [Required]
-bool -		 -

useServiceAccountCredentials indicates whether controllers should be run with -individual service account credentials.

-
AllowUntaggedCloud [Required]
-bool -		 -

run with untagged cloud instances

-
RouteReconciliationPeriod [Required]
-meta/v1.Duration -		 -

routeReconciliationPeriod is the period for reconciling routes created for Nodes by cloud provider..

-
NodeMonitorPeriod [Required]
-meta/v1.Duration -		 -

nodeMonitorPeriod is the period for syncing NodeStatus in NodeController.

-
ClusterName [Required]
-string -		 -

clusterName is the instance prefix for the cluster.

-
ClusterCIDR [Required]
-string -		 -

clusterCIDR is CIDR Range for Pods in cluster.

-
AllocateNodeCIDRs [Required]
-bool -		 -

AllocateNodeCIDRs enables CIDRs for Pods to be allocated and, if -ConfigureCloudRoutes is true, to be set on the cloud provider.

-
CIDRAllocatorType [Required]
-string -		 -

CIDRAllocatorType determines what kind of pod CIDR allocator will be used.

-
ConfigureCloudRoutes [Required]
-bool -		 -

configureCloudRoutes enables CIDRs allocated with allocateNodeCIDRs -to be configured on the cloud provider.

-
NodeSyncPeriod [Required]
-meta/v1.Duration -		 -

nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer -periods will result in fewer calls to cloud provider, but may delay addition -of new nodes to cluster.

-
\ No newline at end of file diff --git a/content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md b/content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md index 6dfcb913e9f..96baf232678 100644 --- a/content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md +++ b/content/en/docs/reference/config-api/kube-proxy-config.v1alpha1.md @@ -531,12 +531,12 @@ will exit with an error.

- [KubeProxyConfiguration](#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration) -- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) - - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) +- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) + - [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration) @@ -593,12 +593,12 @@ client.

**Appears in:** -- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) - - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) +- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) + - [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration) @@ -621,7 +621,7 @@ client.

bool -

enableContentionProfiling enables lock contention profiling, if +

enableContentionProfiling enables block profiling, if enableProfiling is true.

diff --git a/content/en/docs/reference/config-api/kube-scheduler-config.v1.md b/content/en/docs/reference/config-api/kube-scheduler-config.v1.md index 876122ef541..1ef0143f311 100644 --- a/content/en/docs/reference/config-api/kube-scheduler-config.v1.md +++ b/content/en/docs/reference/config-api/kube-scheduler-config.v1.md @@ -85,6 +85,14 @@ that play a role in the number of candidates shortlisted. Must be at least matching hard affinity to the incoming pod.

+ignorePreferredTermsOfExistingPods [Required]
+bool + + +

IgnorePreferredTermsOfExistingPods configures the scheduler to ignore existing pods' preferred affinity +rules when scoring candidate nodes, unless the incoming pod has inter-pod affinities.

+ + @@ -202,7 +210,7 @@ with the extender. These extenders are shared by all scheduler profiles.

addedAffinity
-core/v1.NodeAffinity +core/v1.NodeAffinity

AddedAffinity is applied to all Pods additionally to the NodeAffinity @@ -301,7 +309,7 @@ The default strategy is LeastAllocated with an equal "cpu" and "m defaultConstraints
-[]core/v1.TopologySpreadConstraint +[]core/v1.TopologySpreadConstraint

DefaultConstraints defines topology spread constraints to be applied to @@ -1176,7 +1184,7 @@ client.

bool -

enableContentionProfiling enables lock contention profiling, if +

enableContentionProfiling enables block profiling, if enableProfiling is true.

@@ -1188,12 +1196,12 @@ enableProfiling is true.

**Appears in:** +- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration) + - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration) - [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration) -- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta2-KubeSchedulerConfiguration) -

LeaderElectionConfiguration defines the configuration of leader election clients for components that can run with leader election enabled.

diff --git a/content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md b/content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md index edf1071e18a..bcd0377d7ca 100644 --- a/content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md +++ b/content/en/docs/reference/config-api/kube-scheduler-config.v1beta2.md @@ -85,6 +85,14 @@ that play a role in the number of candidates shortlisted. Must be at least matching hard affinity to the incoming pod.

+ignorePreferredTermsOfExistingPods [Required]
+bool + + +

IgnorePreferredTermsOfExistingPods configures the scheduler to ignore existing pods' preferred affinity +rules when scoring candidate nodes, unless the incoming pod has inter-pod affinities.

+ + @@ -218,7 +226,7 @@ with the extender. These extenders are shared by all scheduler profiles.

addedAffinity
-core/v1.NodeAffinity +core/v1.NodeAffinity

AddedAffinity is applied to all Pods additionally to the NodeAffinity @@ -317,7 +325,7 @@ The default strategy is LeastAllocated with an equal "cpu" and "m defaultConstraints
-[]core/v1.TopologySpreadConstraint +[]core/v1.TopologySpreadConstraint

DefaultConstraints defines topology spread constraints to be applied to @@ -1153,7 +1161,7 @@ client.

bool -

enableContentionProfiling enables lock contention profiling, if +

enableContentionProfiling enables block profiling, if enableProfiling is true.

diff --git a/content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md b/content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md index 1f67ffce6c4..278b9637270 100644 --- a/content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md +++ b/content/en/docs/reference/config-api/kube-scheduler-config.v1beta3.md @@ -85,6 +85,14 @@ that play a role in the number of candidates shortlisted. Must be at least matching hard affinity to the incoming pod.

+ignorePreferredTermsOfExistingPods [Required]
+bool + + +

IgnorePreferredTermsOfExistingPods configures the scheduler to ignore existing pods' preferred affinity +rules when scoring candidate nodes, unless the incoming pod has inter-pod affinities.

+ + @@ -202,7 +210,7 @@ with the extender. These extenders are shared by all scheduler profiles.

addedAffinity
-core/v1.NodeAffinity +core/v1.NodeAffinity

AddedAffinity is applied to all Pods additionally to the NodeAffinity @@ -301,7 +309,7 @@ The default strategy is LeastAllocated with an equal "cpu" and "m defaultConstraints
-[]core/v1.TopologySpreadConstraint +[]core/v1.TopologySpreadConstraint

DefaultConstraints defines topology spread constraints to be applied to @@ -1157,7 +1165,7 @@ client.

bool -

enableContentionProfiling enables lock contention profiling, if +

enableContentionProfiling enables block profiling, if enableProfiling is true.

diff --git a/content/en/docs/reference/config-api/kubeadm-config.v1beta2.md b/content/en/docs/reference/config-api/kubeadm-config.v1beta2.md deleted file mode 100644 index dca15f101f9..00000000000 --- a/content/en/docs/reference/config-api/kubeadm-config.v1beta2.md +++ /dev/null @@ -1,1311 +0,0 @@ ---- -title: kubeadm Configuration (v1beta2) -content_type: tool-reference -package: kubeadm.k8s.io/v1beta2 -auto_generated: true ---- -

Overview

-

Package v1beta2 has been DEPRECATED by v1beta3.

-

Package v1beta2 defines the v1beta2 version of the kubeadm configuration file format. -This version improves on the v1beta1 format by fixing some minor issues and adding a few new fields.

-

A list of changes since v1beta1:

-
    -
  • "certificateKey" field is added to InitConfiguration and JoinConfiguration.
    • -
  • "ignorePreflightErrors" field is added to the NodeRegistrationOptions.
    • -
  • The JSON "omitempty" tag is used in a more places where appropriate.
    • -
  • The JSON "omitempty" tag of the "taints" field (inside NodeRegistrationOptions) is removed.
    • -
-

See the Kubernetes 1.15 changelog for further details.

-

Migration from old kubeadm config versions

-

Please convert your v1beta1 configuration files to v1beta2 using the "kubeadm config migrate" command of kubeadm v1.15.x -(conversion from older releases of kubeadm config files requires older release of kubeadm as well e.g.

-
    -
  • kubeadm v1.11 should be used to migrate v1alpha1 to v1alpha2; kubeadm v1.12 should be used to translate v1alpha2 to v1alpha3;
    • -
  • kubeadm v1.13 or v1.14 should be used to translate v1alpha3 to v1beta1)
    • -
-

Nevertheless, kubeadm v1.15.x will support reading from v1beta1 version of the kubeadm config file format.

-

Basics

-

The preferred way to configure kubeadm is to pass an YAML configuration file with the --config option. Some of the -configuration options defined in the kubeadm config file are also available as command line flags, but only -the most common/simple use case are supported with this approach.

-

A kubeadm config file could contain multiple configuration types separated using three dashes (---).

-

kubeadm supports the following configuration types:

-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: InitConfiguration
-
-apiVersion: kubeadm.k8s.io/v1beta2
-kind: ClusterConfiguration
-
-apiVersion: kubelet.config.k8s.io/v1beta1
-kind: KubeletConfiguration
-
-apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
-
-apiVersion: kubeadm.k8s.io/v1beta2
-kind: JoinConfiguration
-

To print the defaults for "init" and "join" actions use the following commands:

-
kubeadm config print init-defaults
-kubeadm config print join-defaults
-

The list of configuration types that must be included in a configuration file depends by the action you are -performing (init or join) and by the configuration options you are going to use (defaults or advanced customization).

-

If some configuration types are not provided, or provided only partially, kubeadm will use default values; defaults -provided by kubeadm includes also enforcing consistency of values across components when required (e.g. ---cluster-cidr flag on controller manager and clusterCIDR on kube-proxy).

-

Users are always allowed to override default values, with the only exception of a small subset of setting with -relevance for security (e.g. enforce authorization-mode Node and RBAC on API server)

-

If the user provides a configuration types that is not expected for the action you are performing, kubeadm will -ignore those types and print a warning.

-

Kubeadm init configuration types

-

When executing kubeadm init with the --config option, the following configuration types could be used: -InitConfiguration, ClusterConfiguration, KubeProxyConfiguration, KubeletConfiguration, but only one -between InitConfiguration and ClusterConfiguration is mandatory.

-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: InitConfiguration
-bootstrapTokens:
-  ...
-nodeRegistration:
-  ...
-

The InitConfiguration type should be used to configure runtime settings, that in case of kubeadm init -are the configuration of the bootstrap token and all the setting which are specific to the node where kubeadm -is executed, including:

-
    -
  • -

    nodeRegistration, that holds fields that relate to registering the new node to the cluster; -use it to customize the node name, the CRI socket to use or any other settings that should apply to this -node only (e.g. the node ip).

    -
    • -
  • -

    localAPIEndpoint, that represents the endpoint of the instance of the API server to be deployed on this node; -use it e.g. to customize the API server advertise address.

    -
    • -
-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: ClusterConfiguration
-networking:
-  ...
-etcd:
-  ...
-apiServer:
-  extraArgs:
-    ...
-  extraVolumes:
-    ...
-...
-

The ClusterConfiguration type should be used to configure cluster-wide settings, -including settings for:

-
    -
  • -

    Networking, that holds configuration for the networking topology of the cluster; use it e.g. to customize -pod subnet or services subnet.

    -
    • -
  • -

    Etcd configurations; use it e.g. to customize the local etcd or to configure the API server -for using an external etcd cluster.

    -
    • -
  • -

    kube-apiserver, kube-scheduler, kube-controller-manager configurations; use it to customize control-plane -components by adding customized setting or overriding kubeadm default settings.

    -
    • -
-
apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
- ...
-

The KubeProxyConfiguration type should be used to change the configuration passed to kube-proxy instances deployed -in the cluster. If this object is not provided or provided only partially, kubeadm applies defaults.

-

See https://kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ or -https://pkg.go.dev/k8s.io/kube-proxy/config/v1alpha1#KubeProxyConfiguration -for kube proxy official documentation.

-
apiVersion: kubelet.config.k8s.io/v1beta1
-kind: KubeletConfiguration
- ...
-

The KubeletConfiguration type should be used to change the configurations that will be passed to all kubelet instances -deployed in the cluster. If this object is not provided or provided only partially, kubeadm applies defaults.

-

See https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/ or -https://pkg.go.dev/k8s.io/kubelet/config/v1beta1#KubeletConfiguration -for kubelet official documentation.

-

Here is a fully populated example of a single YAML file containing multiple -configuration types to be used during a kubeadm init run.

-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: InitConfiguration
-bootstrapTokens:
-  - token: "9a08jv.c0izixklcxtmnze7"
-    description: "kubeadm bootstrap token"
-    ttl: "24h"
-  - token: "783bde.3f89s0fje9f38fhf"
-    description: "another bootstrap token"
-    usages:
-      - authentication
-      - signing
-    groups:
-      - system:bootstrappers:kubeadm:default-node-token
-nodeRegistration:
-  name: "ec2-10-100-0-1"
-  criSocket: "/var/run/dockershim.sock"
-  taints:
-    - key: "kubeadmNode"
-      value: "someValue"
-      effect: "NoSchedule"
-  kubeletExtraArgs:
-    v: 4
-  ignorePreflightErrors:
-    - IsPrivilegedUser
-localAPIEndpoint:
-  advertiseAddress: "10.100.0.1"
-  bindPort: 6443
-certificateKey: "e6a2eb8581237ab72a4f494f30285ec12a9694d750b9785706a83bfcbbbd2204"
----
-apiVersion: kubeadm.k8s.io/v1beta2
-kind: ClusterConfiguration
-etcd:
-  # one of local or external
-  local:
-    imageRepository: "registry.k8s.io"
-    imageTag: "3.2.24"
-    dataDir: "/var/lib/etcd"
-    extraArgs:
-      listen-client-urls: "http://10.100.0.1:2379"
-    serverCertSANs:
-      -  "ec2-10-100-0-1.compute-1.amazonaws.com"
-    peerCertSANs:
-      - "10.100.0.1"
-  # external:
-  #   endpoints:
-  #     - "10.100.0.1:2379"
-  #     - "10.100.0.2:2379"
-  #   caFile: "/etcd/kubernetes/pki/etcd/etcd-ca.crt"
-  #   certFile: "/etcd/kubernetes/pki/etcd/etcd.crt"
-  #   keyFile: "/etcd/kubernetes/pki/etcd/etcd.key"
-networking:
-  serviceSubnet: "10.96.0.0/16"
-  podSubnet: "10.244.0.0/24"
-  dnsDomain: "cluster.local"
-kubernetesVersion: "v1.12.0"
-controlPlaneEndpoint: "10.100.0.1:6443"
-apiServer:
-  extraArgs:
-    authorization-mode: "Node,RBAC"
-  extraVolumes:
-    - name: "some-volume"
-      hostPath: "/etc/some-path"
-      mountPath: "/etc/some-pod-path"
-      readOnly: false
-      pathType: File
-  certSANs:
-    - "10.100.1.1"
-    - "ec2-10-100-0-1.compute-1.amazonaws.com"
-  timeoutForControlPlane: 4m0s
-controllerManager:
-  extraArgs:
-    "node-cidr-mask-size": "20"
-  extraVolumes:
-    - name: "some-volume"
-      hostPath: "/etc/some-path"
-      mountPath: "/etc/some-pod-path"
-      readOnly: false
-      pathType: File
-scheduler:
-  extraArgs:
-    address: "10.100.0.1"
-  extraVolumes:
-    - name: "some-volume"
-      hostPath: "/etc/some-path"
-      mountPath: "/etc/some-pod-path"
-      readOnly: false
-      pathType: File
-certificatesDir: "/etc/kubernetes/pki"
-imageRepository: "registry.k8s.io"
-useHyperKubeImage: false
-clusterName: "example-cluster"
----
-apiVersion: kubelet.config.k8s.io/v1beta1
-kind: KubeletConfiguration
-# kubelet specific options here
----
-apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
-# kube-proxy specific options here
-

Kubeadm join configuration types

-

When executing kubeadm join with the --config option, the JoinConfiguration type should be provided.

-
apiVersion: kubeadm.k8s.io/v1beta2
-kind: JoinConfiguration
- ...
-

The JoinConfiguration type should be used to configure runtime settings, that in case of kubeadm join -are the discovery method used for accessing the cluster info and all the setting which are specific -to the node where kubeadm is executed, including:

-
    -
  • -

    nodeRegistration, that holds fields that relate to registering the new node to the cluster; -use it to customize the node name, the CRI socket to use or any other settings that should apply to this -node only (e.g. the node IP).

    -
    • -
  • -

    apiEndpoint, that represents the endpoint of the instance of the API server to be eventually deployed on this node.

    -
    • -
- - -## Resource Types - - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) -- [ClusterStatus](#kubeadm-k8s-io-v1beta2-ClusterStatus) -- [InitConfiguration](#kubeadm-k8s-io-v1beta2-InitConfiguration) -- [JoinConfiguration](#kubeadm-k8s-io-v1beta2-JoinConfiguration) - - - -## `ClusterConfiguration` {#kubeadm-k8s-io-v1beta2-ClusterConfiguration} - - - -

ClusterConfiguration contains cluster-wide configuration for a kubeadm cluster

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		kubeadm.k8s.io/v1beta2
kind
string		ClusterConfiguration
etcd [Required]
-Etcd -		 -

etcd holds configuration for etcd.

-
networking [Required]
-Networking -		 -

networking holds configuration for the networking topology of the cluster.

-
kubernetesVersion [Required]
-string -		 -

kubernetesVersion is the target version of the control plane.

-
controlPlaneEndpoint [Required]
-string -		 -

controlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it -can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. -In case the controlPlaneEndpoint is not specified, the advertiseAddress + bindPort -are used; in case the controlPlaneEndpoint is specified but without a TCP port, -the bindPort is used. -Possible usages are:

-
    -
  • In a cluster with more than one control plane instances, this field should be -assigned the address of the external load balancer in front of the -control plane instances.
    • -
  • In environments with enforced node recycling, the controlPlaneEndpoint -could be used for assigning a stable DNS to the control plane.
    • -
-
apiServer [Required]
-APIServer -		 -

apiServer contains extra settings for the API server.

-
controllerManager [Required]
-ControlPlaneComponent -		 -

controllerManager contains extra settings for the controller manager.

-
scheduler [Required]
-ControlPlaneComponent -		 -

scheduler contains extra settings for the scheduler.

-
dns [Required]
-DNS -		 -

dns defines the options for the DNS add-on installed in the cluster.

-
certificatesDir [Required]
-string -		 -

certificatesDir specifies where to store or look for all required certificates.

-
imageRepository [Required]
-string -		 -

imageRepository sets the container registry to pull images from. -If empty, registry.k8s.io will be used by default; in case of kubernetes version is -a CI build (kubernetes version starts with ci/) gcr.io/k8s-staging-ci-images -is used as a default for control plane components and for kube-proxy, while -registry.k8s.io will be used for all the other images.

-
useHyperKubeImage [Required]
-bool -		 -

useHyperKubeImage controls if hyperkube should be used for Kubernetes components -instead of their respective separate images. -DEPRECATED: As hyperkube is itself deprecated, this fields is too. It will be -removed in future kubeadm config versions, kubeadm will print multiple warnings -when this set to true, and at some point it may become ignored.

-
featureGates [Required]
-map[string]bool -		 -

featureGates contains the feature gates enabled by the user.

-
clusterName [Required]
-string -		 -

The cluster name.

-
- -## `ClusterStatus` {#kubeadm-k8s-io-v1beta2-ClusterStatus} - - - -

ClusterStatus contains the cluster status. The ClusterStatus will be stored in -the kubeadm-config ConfigMap in the cluster, and then updated by kubeadm when -additional control plane instance joins or leaves the cluster.

- - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		kubeadm.k8s.io/v1beta2
kind
string		ClusterStatus
apiEndpoints [Required]
-map[string]github.com/tengqm/kubeconfig/config/kubeadm/v1beta2.APIEndpoint -		 -

apiEndpoints currently available in the cluster, one for each control -plane/API server instance. -The key of the map is the IP of the host's default interface.

-
- -## `InitConfiguration` {#kubeadm-k8s-io-v1beta2-InitConfiguration} - - - -

InitConfiguration contains a list of elements that is specific "kubeadm init"-only runtime -information.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		kubeadm.k8s.io/v1beta2
kind
string		InitConfiguration
bootstrapTokens [Required]
-[]BootstrapToken -		 -

bootstrapTokens is respected at kubeadm init time and describes a set of bootstrap tokens to create. -This information IS NOT uploaded to the kubeadm cluster ConfigMap, partly because of its sensitive nature.

-
nodeRegistration [Required]
-NodeRegistrationOptions -		 -

nodeRegistration holds fields that relate to registering the new control-plane node to the cluster.

-
localAPIEndpoint [Required]
-APIEndpoint -		 -

localAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node. -In HA setups, this differs from ClusterConfiguration.controlPlaneEndpoint in the sense that ControlPlaneEndpoint -is the global endpoint for the cluster, which then load-balances the requests to each individual API server. This -configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible -on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process -fails you may set the desired value here.

-
certificateKey [Required]
-string -		 -

certificateKey sets the key with which certificates and keys are encrypted prior to being uploaded in -a secret in the cluster during the uploadcerts init phase.

-
- -## `JoinConfiguration` {#kubeadm-k8s-io-v1beta2-JoinConfiguration} - - - -

JoinConfiguration contains elements describing a particular node.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
apiVersion
string		kubeadm.k8s.io/v1beta2
kind
string		JoinConfiguration
nodeRegistration [Required]
-NodeRegistrationOptions -		 -

nodeRegistration holds fields that relate to registering the new -control-plane node to the cluster

-
caCertPath [Required]
-string -		 -

caCertPath is the path to the SSL certificate authority used to -secure comunications between a node and the control-plane. -Defaults to "/etc/kubernetes/pki/ca.crt".

-
discovery [Required]
-Discovery -		 -

discovery specifies the options for the kubelet to use during the TLS -bootstrap process.

-
controlPlane [Required]
-JoinControlPlane -		 -

controlPlane defines the additional control plane instance to be deployed -on the joining node. If nil, no additional control plane instance will be deployed.

-
- -## `APIEndpoint` {#kubeadm-k8s-io-v1beta2-APIEndpoint} - - -**Appears in:** - -- [ClusterStatus](#kubeadm-k8s-io-v1beta2-ClusterStatus) - -- [InitConfiguration](#kubeadm-k8s-io-v1beta2-InitConfiguration) - -- [JoinControlPlane](#kubeadm-k8s-io-v1beta2-JoinControlPlane) - - -

APIEndpoint struct contains elements of API server instance deployed on a node.

- - - - - - - - - - - - - - -
FieldDescription
advertiseAddress [Required]
-string -		 -

advertiseAddress sets the IP address for the API server to advertise.

-
bindPort [Required]
-int32 -		 -

bindPort sets the secure port for the API Server to bind to. -Defaults to 6443.

-
- -## `APIServer` {#kubeadm-k8s-io-v1beta2-APIServer} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - - -

APIServer holds settings necessary for API server deployments in the cluster.

- - - - - - - - - - - - - - - - - -
FieldDescription
ControlPlaneComponent [Required]
-ControlPlaneComponent -		(Members of ControlPlaneComponent are embedded into this type.) - No description provided.
certSANs [Required]
-[]string -		 -

certSANs sets extra Subject Alternative Names (SANs) for the API Server -signing certificate.

-
timeoutForControlPlane [Required]
-meta/v1.Duration -		 -

timeoutForControlPlane controls the timeout that we wait for the API server -to appear.

-
- -## `BootstrapToken` {#kubeadm-k8s-io-v1beta2-BootstrapToken} - - -**Appears in:** - -- [InitConfiguration](#kubeadm-k8s-io-v1beta2-InitConfiguration) - - -

BootstrapToken describes one bootstrap token, stored as a Secret in the cluster

- - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
token [Required]
-BootstrapTokenString -		 -

token is used for establishing bidirectional trust between nodes and control-planes. -Used for joining nodes in the cluster.

-
description [Required]
-string -		 -

description sets a human-friendly message why this token exists and what it's used -for, so other administrators can know its purpose.

-
ttl [Required]
-meta/v1.Duration -		 -

ttl defines the time to live for this token. Defaults to '24h'. -expires and ttl are mutually exclusive.

-
expires [Required]
-meta/v1.Time -		 -

expires specifies the timestamp when this token expires. Defaults to being set -dynamically at runtime based on the ttl. expires and ttl are mutually exclusive.

-
usages [Required]
-[]string -		 -

usages describes the ways in which this token can be used. Can by default be used -for establishing bidirectional trust, but that can be changed here.

-
groups [Required]
-[]string -		 -

groups specifies the extra groups that this token will authenticate as when/if -used for authentication.

-
- -## `BootstrapTokenDiscovery` {#kubeadm-k8s-io-v1beta2-BootstrapTokenDiscovery} - - -**Appears in:** - -- [Discovery](#kubeadm-k8s-io-v1beta2-Discovery) - - -

BootstrapTokenDiscovery is used to set the options for bootstrap token based discovery

- - - - - - - - - - - - - - - - - - - - -
FieldDescription
token [Required]
-string -		 -

token is a token used to validate cluster information fetched from -the control-plane.

-
apiServerEndpoint [Required]
-string -		 -

apiServerEndpoint is an IP or domain name to the API server from which information -will be fetched.

-
caCertHashes [Required]
-[]string -		 -

caCertHashes specifies a set of public key pins to verify when token-based discovery -is used. The root CA found during discovery must match one of these values. -Specifying an empty set disables root CA pinning, which can be unsafe. -Each hash is specified as ":", where the only currently supported type is "sha256". -This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in -DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL.

-
unsafeSkipCAVerification [Required]
-bool -		 -

unsafeSkipCAVerification allows token-based discovery without CA verification via -caCertHashes. This can weaken the security of kubeadm since other nodes can -impersonate the control-plane.

-
- -## `BootstrapTokenString` {#kubeadm-k8s-io-v1beta2-BootstrapTokenString} - - -**Appears in:** - -- [BootstrapToken](#kubeadm-k8s-io-v1beta2-BootstrapToken) - - -

BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used -for both validation of the practically of the API server from a joining node's point -of view and as an authentication method for the node in the bootstrap phase of -"kubeadm join". This token is and should be short-lived

- - - - - - - - - - - - - - -
FieldDescription
- [Required]
-string -		 - No description provided.
- [Required]
-string -		 - No description provided.
- -## `ControlPlaneComponent` {#kubeadm-k8s-io-v1beta2-ControlPlaneComponent} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - -- [APIServer](#kubeadm-k8s-io-v1beta2-APIServer) - - -

ControlPlaneComponent holds settings common to control plane component of the cluster

- - - - - - - - - - - - - - -
FieldDescription
extraArgs [Required]
-map[string]string -		 -

extraArgs is an extra set of flags to pass to a control plane component. -A key in this map is the flag name as it appears on the command line except -without leading dash(es).

-
extraVolumes [Required]
-[]HostPathMount -		 -

extraVolumes is an extra set of host volumes mounted to the control plane -component.

-
- -## `DNS` {#kubeadm-k8s-io-v1beta2-DNS} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - - -

DNS defines the DNS addon that should be used in the cluster

- - - - - - - - - - - - - - -
FieldDescription
type [Required]
-DNSAddOnType -		 -

type defines the DNS add-on to be used.

-
ImageMeta [Required]
-ImageMeta -		(Members of ImageMeta are embedded into this type.) -

ImageMeta allows to customize the image used for the DNS component

-
- -## `DNSAddOnType` {#kubeadm-k8s-io-v1beta2-DNSAddOnType} - -(Alias of `string`) - -**Appears in:** - -- [DNS](#kubeadm-k8s-io-v1beta2-DNS) - - -

DNSAddOnType defines string identifying DNS add-on types.

- - - - -## `Discovery` {#kubeadm-k8s-io-v1beta2-Discovery} - - -**Appears in:** - -- [JoinConfiguration](#kubeadm-k8s-io-v1beta2-JoinConfiguration) - - -

Discovery specifies the options for the kubelet to use during the TLS Bootstrap process

- - - - - - - - - - - - - - - - - - - - -
FieldDescription
bootstrapToken [Required]
-BootstrapTokenDiscovery -		 -

bootstrapToken is used to set the options for bootstrap token based discovery. -bootstrapToken and file are mutually exclusive.

-
file [Required]
-FileDiscovery -		 -

file is used to specify a file or URL to a kubeconfig file from which to load -cluster information. -bootstrapToken and file are mutually exclusive.

-
tlsBootstrapToken [Required]
-string -		 -

tlsBootstrapToken is a token used for TLS bootstrapping. -If bootstrapToken is set, this field is defaulted to .bootstrapToken.token, -but can be overridden. -If file is set, this field must be set in case the KubeConfigFile does not -contain any other authentication information.

-
timeout [Required]
-meta/v1.Duration -		 -

timeout modifies the discovery timeout.

-
- -## `Etcd` {#kubeadm-k8s-io-v1beta2-Etcd} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - - -

Etcd contains elements describing Etcd configuration.

- - - - - - - - - - - - - - -
FieldDescription
local [Required]
-LocalEtcd -		 -

local provides configuration knobs for configuring the local etcd instance. -local and external are mutually exclusive.

-
external [Required]
-ExternalEtcd -		 -

external describes how to connect to an external etcd cluster. -local and external are mutually exclusive.

-
- -## `ExternalEtcd` {#kubeadm-k8s-io-v1beta2-ExternalEtcd} - - -**Appears in:** - -- [Etcd](#kubeadm-k8s-io-v1beta2-Etcd) - - -

ExternalEtcd describes an external etcd cluster. -Kubeadm has no knowledge of where certificate files live and they must be supplied.

- - - - - - - - - - - - - - - - - - - - -
FieldDescription
endpoints [Required]
-[]string -		 -

endpoints of etcd members. Required for external etcd.

-
caFile [Required]
-string -		 -

caFile is an SSL Certificate Authority (CA) file used to secure etcd communication. -Required if using a TLS connection.

-
certFile [Required]
-string -		 -

certFile is an SSL certification file used to secure etcd communication. -Required if using a TLS connection.

-
keyFile [Required]
-string -		 -

keyFile is an SSL key file used to secure etcd communication. -Required if using a TLS connection.

-
- -## `FileDiscovery` {#kubeadm-k8s-io-v1beta2-FileDiscovery} - - -**Appears in:** - -- [Discovery](#kubeadm-k8s-io-v1beta2-Discovery) - - -

FileDiscovery is used to specify a file or URL to a kubeconfig file from which to load cluster information

- - - - - - - - - - - -
FieldDescription
kubeConfigPath [Required]
-string -		 -

kubeConfigPath is used to specify the actual file path or URL to the kubeconfig file -from which to load cluster information.

-
- -## `HostPathMount` {#kubeadm-k8s-io-v1beta2-HostPathMount} - - -**Appears in:** - -- [ControlPlaneComponent](#kubeadm-k8s-io-v1beta2-ControlPlaneComponent) - - -

HostPathMount contains elements describing volumes that are mounted from the host.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
name [Required]
-string -		 -

name of the volume inside the Pod template.

-
hostPath [Required]
-string -		 -

hostPath is the path in the host that will be mounted inside the Pod.

-
mountPath [Required]
-string -		 -

mountPathis the path inside the Pod where hostPath volume will be mounted.

-
readOnly [Required]
-bool -		 -

readOnly controls write access to the volume.

-
pathType [Required]
-core/v1.HostPathType -		 -

pathType is the type of the HostPath.

-
- -## `ImageMeta` {#kubeadm-k8s-io-v1beta2-ImageMeta} - - -**Appears in:** - -- [DNS](#kubeadm-k8s-io-v1beta2-DNS) - -- [LocalEtcd](#kubeadm-k8s-io-v1beta2-LocalEtcd) - - -

ImageMeta allows to customize the image used for components that are not -originated from the Kubernetes/Kubernetes release process

- - - - - - - - - - - - - - -
FieldDescription
imageRepository [Required]
-string -		 -

imageRepository sets the container registry to pull images from. -If not set, the imageRepository defined in ClusterConfiguration will be used.

-
imageTag [Required]
-string -		 -

imageTag allows for specifying a tag for the image. -In case this value is set, kubeadm does not change automatically the -version of the above components during upgrades.

-
- -## `JoinControlPlane` {#kubeadm-k8s-io-v1beta2-JoinControlPlane} - - -**Appears in:** - -- [JoinConfiguration](#kubeadm-k8s-io-v1beta2-JoinConfiguration) - - -

JoinControlPlane contains elements describing an additional control plane instance -to be deployed on the joining node.

- - - - - - - - - - - - - - -
FieldDescription
localAPIEndpoint [Required]
-APIEndpoint -		 -

localAPIEndpoint represents the endpoint of the API server instance -to be deployed on this node.

-
certificateKey [Required]
-string -		 -

certificateKey is the key that is used for decryption of certificates after -they are downloaded from the secret upon joining a new control plane node. -The corresponding encryption key is in the InitConfiguration.

-
- -## `LocalEtcd` {#kubeadm-k8s-io-v1beta2-LocalEtcd} - - -**Appears in:** - -- [Etcd](#kubeadm-k8s-io-v1beta2-Etcd) - - -

LocalEtcd describes that kubeadm should run an etcd cluster locally.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
ImageMeta [Required]
-ImageMeta -		(Members of ImageMeta are embedded into this type.) -

ImageMeta allows to customize the container used for etcd.

-
dataDir [Required]
-string -		 -

dataDir is the directory etcd will place its data. -Defaults to "/var/lib/etcd".

-
extraArgs [Required]
-map[string]string -		 -

extraArgs are extra arguments provided to the etcd binary when run -inside a static pod. -A key in this map is the flag name as it appears on the -command line except without leading dash(es).

-
serverCertSANs [Required]
-[]string -		 -

serverCertSANs sets extra Subject Alternative Names (SANs) for the -etcd server signing certificate.

-
peerCertSANs [Required]
-[]string -		 -

peerCertSANs sets extra Subject Alternative Names (SANs) for the -etcd peer signing certificate.

-
- -## `Networking` {#kubeadm-k8s-io-v1beta2-Networking} - - -**Appears in:** - -- [ClusterConfiguration](#kubeadm-k8s-io-v1beta2-ClusterConfiguration) - - -

Networking contains elements describing cluster's networking configuration

- - - - - - - - - - - - - - - - - -
FieldDescription
serviceSubnet [Required]
-string -		 -

serviceSubnet is the subnet used by kubernetes Services. Defaults to "10.96.0.0/12".

-
podSubnet [Required]
-string -		 -

podSubnet is the subnet used by Pods.

-
dnsDomain [Required]
-string -		 -

dnsDomain is the DNS domain used by kubernetes Services. Defaults to "cluster.local".

-
- -## `NodeRegistrationOptions` {#kubeadm-k8s-io-v1beta2-NodeRegistrationOptions} - - -**Appears in:** - -- [InitConfiguration](#kubeadm-k8s-io-v1beta2-InitConfiguration) - -- [JoinConfiguration](#kubeadm-k8s-io-v1beta2-JoinConfiguration) - - -

NodeRegistrationOptions holds fields that relate to registering a new control-plane -or node to the cluster, either via "kubeadm init" or "kubeadm join".

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
name [Required]
-string -		 -

name is the .Metadata.Name field of the Node API object that will be created -in this kubeadm init or kubeadm join operation. -This field is also used in the CommonName field of the kubelet's client certificate -to the API server. -Defaults to the hostname of the node if not provided.

-
criSocket [Required]
-string -		 -

criSocket is used to retrieve container runtime information. This information will -be annotated to the Node API object, for later re-use.

-
taints [Required]
-[]core/v1.Taint -		 -

taints specifies the taints the Node API object should be registered with. -If this field is unset, i.e. nil, in the kubeadm init process it will be defaulted with -a control-plane taint for control-plane nodes. If you don't want to taint your control-plane -node, set this field to an empty list, i.e. taints: [], in the YAML file. This field is -solely used for Node registration.

-
kubeletExtraArgs [Required]
-map[string]string -		 -

kubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are -passed to the kubelet command line via the environment file kubeadm writes at runtime for -the kubelet to source. This overrides the generic base-level configuration in the -'kubelet-config-1.X' ConfigMap. -Flags have higher priority when parsing. These values are local and specific to the node -kubeadm is executing on. -A key in this map is the flag name as it appears on the command line except without leading dash(es).

-
ignorePreflightErrors [Required]
-[]string -		 -

ignorePreflightErrors provides a list of pre-flight errors to be ignored when the -current node is registered.

-
- \ No newline at end of file diff --git a/content/en/docs/reference/config-api/kubeadm-config.v1beta3.md b/content/en/docs/reference/config-api/kubeadm-config.v1beta3.md index 8abeb61fe35..5504f6070e1 100644 --- a/content/en/docs/reference/config-api/kubeadm-config.v1beta3.md +++ b/content/en/docs/reference/config-api/kubeadm-config.v1beta3.md @@ -30,6 +30,7 @@ the user to configure a directory from which to take patches for components depl
  • kubeadm v1.15.x and newer can be used to migrate from v1beta1 to v1beta2.
  • kubeadm v1.22.x and newer no longer support v1beta1 and older APIs, but can be used to migrate v1beta2 to v1beta3.
    • +
  • kubeadm v1.27.x and newer no longer support v1beta2 and older APIs,

Basics

The preferred way to configure kubeadm is to pass an YAML configuration file with the --config option. Some of the @@ -264,109 +265,6 @@ node only (e.g. the node ip).

-## `BootstrapToken` {#BootstrapToken} - - -**Appears in:** - -- [InitConfiguration](#kubeadm-k8s-io-v1beta3-InitConfiguration) - - -

BootstrapToken describes one bootstrap token, stored as a Secret in the cluster

- - - - - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
token [Required]
-BootstrapTokenString -		 -

token is used for establishing bidirectional trust between nodes and control-planes. -Used for joining nodes in the cluster.

-
description
-string -		 -

description sets a human-friendly message why this token exists and what it's used -for, so other administrators can know its purpose.

-
ttl
-meta/v1.Duration -		 -

ttl defines the time to live for this token. Defaults to 24h. -expires and ttl are mutually exclusive.

-
expires
-meta/v1.Time -		 -

expires specifies the timestamp when this token expires. Defaults to being set -dynamically at runtime based on the ttl. expires and ttl are mutually exclusive.

-
usages
-[]string -		 -

usages describes the ways in which this token can be used. Can by default be used -for establishing bidirectional trust, but that can be changed here.

-
groups
-[]string -		 -

groups specifies the extra groups that this token will authenticate as when/if -used for authentication

-
- -## `BootstrapTokenString` {#BootstrapTokenString} - - -**Appears in:** - -- [BootstrapToken](#BootstrapToken) - - -

BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used -for both validation of the practically of the API server from a joining node's point -of view and as an authentication method for the node in the bootstrap phase of -"kubeadm join". This token is and should be short-lived.

- - - - - - - - - - - - - - -
FieldDescription
- [Required]
-string -		 - No description provided.
- [Required]
-string -		 - No description provided.
- - - ## `ClusterConfiguration` {#kubeadm-k8s-io-v1beta3-ClusterConfiguration} @@ -1036,7 +934,7 @@ file from which to load cluster information.

pathType
-core/v1.HostPathType +core/v1.HostPathType

pathType is the type of the hostPath.

@@ -1259,7 +1157,7 @@ This information will be annotated to the Node API object, for later re-use

taints [Required]
-[]core/v1.Taint +[]core/v1.Taint

taints specifies the taints the Node API object should be registered with. @@ -1290,7 +1188,7 @@ the current node is registered.

imagePullPolicy
-core/v1.PullPolicy +core/v1.PullPolicy

imagePullPolicy specifies the policy for image pulling during kubeadm "init" and @@ -1338,4 +1236,107 @@ first alpha-numerically.

- \ No newline at end of file + + + + +## `BootstrapToken` {#BootstrapToken} + + +**Appears in:** + +- [InitConfiguration](#kubeadm-k8s-io-v1beta3-InitConfiguration) + + +

BootstrapToken describes one bootstrap token, stored as a Secret in the cluster

+ + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
token [Required]
+BootstrapTokenString +		 +

token is used for establishing bidirectional trust between nodes and control-planes. +Used for joining nodes in the cluster.

+
description
+string +		 +

description sets a human-friendly message why this token exists and what it's used +for, so other administrators can know its purpose.

+
ttl
+meta/v1.Duration +		 +

ttl defines the time to live for this token. Defaults to 24h. +expires and ttl are mutually exclusive.

+
expires
+meta/v1.Time +		 +

expires specifies the timestamp when this token expires. Defaults to being set +dynamically at runtime based on the ttl. expires and ttl are mutually exclusive.

+
usages
+[]string +		 +

usages describes the ways in which this token can be used. Can by default be used +for establishing bidirectional trust, but that can be changed here.

+
groups
+[]string +		 +

groups specifies the extra groups that this token will authenticate as when/if +used for authentication

+
+ +## `BootstrapTokenString` {#BootstrapTokenString} + + +**Appears in:** + +- [BootstrapToken](#BootstrapToken) + + +

BootstrapTokenString is a token of the format abcdef.abcdef0123456789 that is used +for both validation of the practically of the API server from a joining node's point +of view and as an authentication method for the node in the bootstrap phase of +"kubeadm join". This token is and should be short-lived.

+ + + + + + + + + + + + + + +
FieldDescription
- [Required]
+string +		 + No description provided.
- [Required]
+string +		 + No description provided.
\ No newline at end of file diff --git a/content/en/docs/reference/config-api/kubelet-config.v1.md b/content/en/docs/reference/config-api/kubelet-config.v1.md index abaf48ec4bb..407ce5f1a9d 100644 --- a/content/en/docs/reference/config-api/kubelet-config.v1.md +++ b/content/en/docs/reference/config-api/kubelet-config.v1.md @@ -169,211 +169,4 @@ credential plugin.

- - - - -## `FormatOptions` {#FormatOptions} - - -**Appears in:** - -- [LoggingConfiguration](#LoggingConfiguration) - - -

FormatOptions contains options for the different logging formats.

- - - - - - - - - - - -
FieldDescription
json [Required]
-JSONOptions -		 -

[Alpha] JSON contains options for logging format "json". -Only available when the LoggingAlphaOptions feature gate is enabled.

-
- -## `JSONOptions` {#JSONOptions} - - -**Appears in:** - -- [FormatOptions](#FormatOptions) - - -

JSONOptions contains options for logging format "json".

- - - - - - - - - - - - - - -
FieldDescription
splitStream [Required]
-bool -		 -

[Alpha] SplitStream redirects error messages to stderr while -info messages go to stdout, with buffering. The default is to write -both to stdout, without buffering. Only available when -the LoggingAlphaOptions feature gate is enabled.

-
infoBufferSize [Required]
-k8s.io/apimachinery/pkg/api/resource.QuantityValue -		 -

[Alpha] InfoBufferSize sets the size of the info stream when -using split streams. The default is zero, which disables buffering. -Only available when the LoggingAlphaOptions feature gate is enabled.

-
- -## `LogFormatFactory` {#LogFormatFactory} - - - -

LogFormatFactory provides support for a certain additional, -non-default log format.

- - - - -## `LoggingConfiguration` {#LoggingConfiguration} - - -**Appears in:** - -- [KubeletConfiguration](#kubelet-config-k8s-io-v1beta1-KubeletConfiguration) - - -

LoggingConfiguration contains logging options.

- - - - - - - - - - - - - - - - - - - - - - - -
FieldDescription
format [Required]
-string -		 -

Format Flag specifies the structure of log messages. -default value of format is text

-
flushFrequency [Required]
-time.Duration -		 -

Maximum number of nanoseconds (i.e. 1s = 1000000000) between log -flushes. Ignored if the selected logging backend writes log -messages without buffering.

-
verbosity [Required]
-VerbosityLevel -		 -

Verbosity is the threshold that determines which log messages are -logged. Default is zero which logs only the most important -messages. Higher values enable additional messages. Error messages -are always logged.

-
vmodule [Required]
-VModuleConfiguration -		 -

VModule overrides the verbosity threshold for individual files. -Only supported for "text" log format.

-
options [Required]
-FormatOptions -		 -

[Alpha] Options holds additional parameters that are specific -to the different logging formats. Only the options for the selected -format get used, but all of them get validated. -Only available when the LoggingAlphaOptions feature gate is enabled.

-
- -## `TracingConfiguration` {#TracingConfiguration} - - -**Appears in:** - -- [KubeletConfiguration](#kubelet-config-k8s-io-v1beta1-KubeletConfiguration) - - -

TracingConfiguration provides versioned configuration for OpenTelemetry tracing clients.

- - - - - - - - - - - - - - -
FieldDescription
endpoint
-string -		 -

Endpoint of the collector this component will report traces to. -The connection is insecure, and does not currently support TLS. -Recommended is unset, and endpoint is the otlp grpc default, localhost:4317.

-
samplingRatePerMillion
-int32 -		 -

SamplingRatePerMillion is the number of samples to collect per million spans. -Recommended is unset. If unset, sampler respects its parent span's sampling -rate, but otherwise never samples.

-
- -## `VModuleConfiguration` {#VModuleConfiguration} - -(Alias of `[]k8s.io/component-base/logs/api/v1.VModuleItem`) - -**Appears in:** - -- [LoggingConfiguration](#LoggingConfiguration) - - -

VModuleConfiguration is a collection of individual file names or patterns -and the corresponding verbosity threshold.

- - - - -## `VerbosityLevel` {#VerbosityLevel} - -(Alias of `uint32`) - -**Appears in:** - -- [LoggingConfiguration](#LoggingConfiguration) - - - -

VerbosityLevel represents a klog or logr verbosity threshold.

- - + \ No newline at end of file diff --git a/content/en/docs/reference/config-api/kubelet-config.v1alpha1.md b/content/en/docs/reference/config-api/kubelet-config.v1alpha1.md index 079c36a9329..6082c2f7ecf 100644 --- a/content/en/docs/reference/config-api/kubelet-config.v1alpha1.md +++ b/content/en/docs/reference/config-api/kubelet-config.v1alpha1.md @@ -169,6 +169,4 @@ credential plugin.

- - - \ No newline at end of file + \ No newline at end of file diff --git a/content/en/docs/reference/config-api/kubelet-config.v1beta1.md b/content/en/docs/reference/config-api/kubelet-config.v1beta1.md index a11c179a58a..b40fb3f5e96 100644 --- a/content/en/docs/reference/config-api/kubelet-config.v1beta1.md +++ b/content/en/docs/reference/config-api/kubelet-config.v1beta1.md @@ -262,7 +262,7 @@ Default: 10

eventRecordQPS is the maximum event creations per second. If 0, there is no limit enforced. The value cannot be a negative number. -Default: 5

+Default: 50

eventBurst
@@ -273,7 +273,7 @@ Default: 5

allows event creations to burst to this number, while still not exceeding eventRecordQPS. This field canot be a negative number and it is only used when eventRecordQPS > 0. -Default: 10

+Default: 100

enableDebuggingHandlers
@@ -290,7 +290,7 @@ Default: true

bool -

enableContentionProfiling enables lock contention profiling, if enableDebuggingHandlers is true. +

enableContentionProfiling enables block profiling, if enableDebuggingHandlers is true. Default: false

@@ -529,8 +529,7 @@ resources;
  • single-numa-node: kubelet only allows pods with a single NUMA alignment of CPU and device resources.
    • -

    Policies other than "none" require the TopologyManager feature gate to be enabled. -Default: "none"

    +

    Default: "none"

    topologyManagerScope
    @@ -543,8 +542,7 @@ that topology manager requests and hint providers generate. Valid values include
  • container: topology policy is applied on a per-container basis.
  • pod: topology policy is applied on a per-pod basis.
    • -

    "pod" scope requires the TopologyManager feature gate to be enabled. -Default: "container"

    +

    Default: "container"

    topologyManagerPolicyOptions
    @@ -692,7 +690,7 @@ Default: "application/vnd.kubernetes.protobuf"

    kubeAPIQPS is the QPS to use while talking with kubernetes apiserver. -Default: 5

    +Default: 50

    kubeAPIBurst
    @@ -701,7 +699,7 @@ Default: 5

    kubeAPIBurst is the burst to allow while talking with kubernetes API server. This field cannot be a negative number. -Default: 10

    +Default: 100

    serializeImagePulls
    @@ -715,6 +713,16 @@ Issue #10959 has more details. Default: true

    +maxParallelImagePulls
    +int32 + + +

    MaxParallelImagePulls sets the maximum number of image pulls in parallel. +This field cannot be set if SerializeImagePulls is true. +Setting it to nil means no limit. +Default: nil

    + + evictionHard
    map[string]string @@ -953,7 +961,7 @@ Default: ""

    systemReservedCgroup helps the kubelet identify absolute name of top level CGroup used to enforce systemReserved compute resource reservation for OS system daemons. -Refer to Node Allocatable +Refer to Node Allocatable doc for more information. Default: ""

    @@ -964,7 +972,7 @@ Default: ""

    kubeReservedCgroup helps the kubelet identify absolute name of top level CGroup used to enforce KubeReserved compute resource reservation for Kubernetes node system daemons. -Refer to Node Allocatable +Refer to Node Allocatable doc for more information. Default: ""

    @@ -980,7 +988,7 @@ If none is specified, no other options may be specified. When system-reserved is in the list, systemReservedCgroup must be specified. When kube-reserved is in the list, kubeReservedCgroup must be specified. This field is supported only when cgroupsPerQOS is set to true. -Refer to Node Allocatable +Refer to Node Allocatable for more information. Default: ["pods"]

    @@ -1042,6 +1050,15 @@ Format: text

    Default: true

    +enableSystemLogQuery
    +bool + + +

    enableSystemLogQuery enables the node log query feature on the /logs endpoint. +EnableSystemLogHandler has to be enabled in addition for this feature to work. +Default: false

    + + shutdownGracePeriod
    meta/v1.Duration @@ -1143,7 +1160,6 @@ Default: true

    SeccompDefault enables the use of RuntimeDefault as the default seccomp profile for all workloads. -This requires the corresponding SeccompDefault feature gate to be enabled as well. Default: false

    @@ -1156,11 +1172,11 @@ when setting the cgroupv2 memory.high value to enforce MemoryQoS. Decreasing this factor will set lower high limit for container cgroups and put heavier reclaim pressure while increasing will put less reclaim pressure. See https://kep.k8s.io/2570 for more details. -Default: 0.8

    +Default: 0.9

    registerWithTaints
    -[]core/v1.Taint +[]core/v1.Taint

    registerWithTaints are an array of taints to add to a node object when @@ -1182,7 +1198,8 @@ Default: true

    Tracing specifies the versioned configuration for OpenTelemetry tracing clients. -See https://kep.k8s.io/2832 for more details.

    +See https://kep.k8s.io/2832 for more details. +Default: nil

    localStorageCapacityIsolation
    @@ -1199,6 +1216,25 @@ disabled. Once disabled, user should not set request/limit for container's ephem Default: true

    +containerRuntimeEndpoint [Required]
    +string + + +

    ContainerRuntimeEndpoint is the endpoint of container runtime. +Unix Domain Sockets are supported on Linux, while npipe and tcp endpoints are supported on Windows. +Examples:'unix:///path/to/runtime.sock', 'npipe:////./pipe/runtime'

    + + +imageServiceEndpoint
    +string + + +

    ImageServiceEndpoint is the endpoint of container image service. +Unix Domain Socket are supported on Linux, while npipe and tcp endpoints are supported on Windows. +Examples:'unix:///path/to/runtime.sock', 'npipe:////./pipe/runtime'. +If not specified, the value in containerRuntimeEndpoint is used.

    + + @@ -1220,7 +1256,7 @@ It exists in the kubeletconfig API group because it is classified as a versioned source
    -core/v1.NodeConfigSource +core/v1.NodeConfigSource

    source is the source that we are serializing.

    @@ -1581,7 +1617,7 @@ and groups corresponding to the Organization in the client certificate.

    No description provided. limits [Required]
    -core/v1.ResourceList +core/v1.ResourceList No description provided. diff --git a/content/en/docs/reference/glossary/etcd.md b/content/en/docs/reference/glossary/etcd.md index 474b923caf1..3689df2b1d7 100644 --- a/content/en/docs/reference/glossary/etcd.md +++ b/content/en/docs/reference/glossary/etcd.md @@ -17,6 +17,6 @@ tags: If your Kubernetes cluster uses etcd as its backing store, make sure you have a [back up](/docs/tasks/administer-cluster/configure-upgrade-etcd/#backing-up-an-etcd-cluster) plan -for those data. +for the data. You can find in-depth information about etcd in the official [documentation](https://etcd.io/docs/). diff --git a/content/en/docs/reference/instrumentation/metrics.md b/content/en/docs/reference/instrumentation/metrics.md index 196c9b97d3e..0cc90d8d78e 100644 --- a/content/en/docs/reference/instrumentation/metrics.md +++ b/content/en/docs/reference/instrumentation/metrics.md @@ -1,18 +1,22 @@ --- title: Kubernetes Metrics Reference content_type: reference +auto_generated: true description: >- Details of the metric data that Kubernetes components export. --- +## Metrics (v1.27) -## Metrics (auto-generated 2022 Nov 01) - + + This page details the metrics that different Kubernetes components export. You can query the metrics endpoint for these components using an HTTP scrape, and fetch the current metrics data in Prometheus format. ### List of Stable Kubernetes Metrics +Stable metrics observe strict API contracts and no labels can be added or removed from stable metrics during their lifetime. + @@ -22,6 +26,7 @@ components using an HTTP scrape, and fetch the current metrics data in Prometheu + @@ -31,126 +36,219 @@ components using an HTTP scrape, and fetch the current metrics data in Prometheu - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + - + + - + - + + - - + + + - + + - - + + + - - + + + - + + - + + - + + + +
    Help Labels Const LabelsDeprecated Version
    Histogram Admission controller latency histogram in seconds, identified by name and broken out for each operation and API resource and type (validate or admit).
    name
    operation
    rejected
    type
    		None
    apiserver_admission_step_admission_duration_seconds STABLE Histogram Admission sub-step latency histogram in seconds, broken out for each operation and API resource and step type (validate or admit).
    operation
    rejected
    type
    		None
    apiserver_admission_webhook_admission_duration_seconds STABLE Histogram Admission webhook latency histogram in seconds, identified by name and broken out for each operation and API resource and type (validate or admit).
    name
    operation
    rejected
    type
    		None
    apiserver_current_inflight_requests STABLE Gauge Maximal number of currently used inflight request limit of this apiserver per request kind in last second.
    request_kind
    		None
    apiserver_longrunning_requests STABLE Gauge Gauge of all active long-running apiserver requests broken out by verb, group, version, resource, scope and component. Not all requests are tracked this way.
    component
    group
    resource
    scope
    subresource
    verb
    version
    		None
    apiserver_request_duration_seconds STABLE Histogram Response latency distribution in seconds for each verb, dry run value, group, version, resource, subresource, scope and component.
    component
    dry_run
    group
    resource
    scope
    subresource
    verb
    version
    		None
    apiserver_request_total STABLE Counter Counter of apiserver requests broken out for each verb, dry run value, group, version, resource, scope, component, and HTTP response code.
    code
    component
    dry_run
    group
    resource
    scope
    subresource
    verb
    version
    		None
    apiserver_requested_deprecated_apis STABLE Gauge Gauge of deprecated APIs that have been requested, broken out by API group, version, resource, subresource, and removed_release.
    group
    removed_release
    resource
    subresource
    version
    		None
    apiserver_response_sizes STABLE Histogram Response size distribution in bytes for each group, version, verb, resource, subresource, scope and component.
    component
    group
    resource
    scope
    subresource
    verb
    version
    		None
    apiserver_storage_objects STABLE Gauge Number of stored objects at the time of last check split by kind.
    resource
    		None
    cronjob_controller_job_creation_skew_duration_secondsSTABLEHistogramTime between when a cronjob is scheduled to be run, and when the corresponding job is created
    job_controller_job_pods_finished_totalSTABLECounterThe number of finished Pods that are fully tracked
    completion_mode
    result
    job_controller_job_sync_duration_secondsSTABLEHistogramThe time it took to sync a job
    action
    completion_mode
    result
    job_controller_job_syncs_totalSTABLECounterThe number of job syncs
    action
    completion_mode
    result
    job_controller_jobs_finished_totalSTABLECounterThe number of finished jobs
    completion_mode
    reason
    result
    kube_pod_resource_limitSTABLECustomResources limit for workloads on the cluster, broken down by pod. This shows the resource usage the scheduler and kubelet expect per pod for resources along with the unit for the resource if any.
    namespace
    pod
    node
    scheduler
    priority
    resource
    unit
    kube_pod_resource_requestSTABLECustomResources requested by workloads on the cluster, broken down by pod. This shows the resource usage the scheduler and kubelet expect per pod for resources along with the unit for the resource if any.
    namespace
    pod
    node
    scheduler
    priority
    resource
    unit
    node_collector_evictions_total STABLE Counter Number of Node evictions that happened since current instance of NodeController started.
    zone
    		None
    scheduler_framework_extension_point_duration_seconds STABLE Histogram Latency for running all plugins of a specific extension point.
    extension_point
    profile
    status
    		None
    scheduler_pending_pods STABLE GaugeNumber of pending pods, by the queue type. 'active' means number of pods in activeQ; 'backoff' means number of pods in backoffQ; 'unschedulable' means number of pods in unschedulablePods.Number of pending pods, by the queue type. 'active' means number of pods in activeQ; 'backoff' means number of pods in backoffQ; 'unschedulable' means number of pods in unschedulablePods that the scheduler attempted to schedule and failed; 'gated' is the number of unschedulable pods that the scheduler never attempted to schedule because they are gated.
    queue
    		None
    scheduler_pod_scheduling_attempts STABLE Histogram Number of attempts to successfully schedule a pod.NoneNone
    scheduler_pod_scheduling_duration_seconds STABLE Histogram E2e latency for a pod being scheduled which may include multiple scheduling attempts.
    attempts
    		None
    scheduler_preemption_attempts_total STABLE Counter Total preemption attempts in the cluster till nowNoneNone
    scheduler_preemption_victims STABLE Histogram Number of selected preemption victimsNoneNone
    scheduler_queue_incoming_pods_total STABLE Counter Number of pods added to scheduling queues by event and queue type.
    event
    queue
    		None
    scheduler_schedule_attempts_total STABLE Counter Number of attempts to schedule pods, by the result. 'unschedulable' means a pod could not be scheduled, while 'error' means an internal scheduler problem.
    profile
    result
    		None
    scheduler_scheduling_attempt_duration_seconds STABLE Histogram Scheduling attempt latency in seconds (scheduling algorithm + binding)
    profile
    result
    		None
    + +### List of Beta Kubernetes Metrics + +Beta metrics observe a looser API contract than its stable counterparts. No labels can be removed from beta metrics during their lifetime, however, labels can be added while the metric is in the beta stage. This offers the assurance that beta metrics will honor existing dashboards and alerts, while allowing for amendments in the future. + + + + + + + + + + + + + + + +
    NameStability LevelTypeHelpLabelsConst LabelsDeprecated Version
    ### List of Alpha Kubernetes Metrics +Alpha metrics do not have any API guarantees. These metrics must be used at your own risk, subsequent versions of Kubernetes may remove these metrics altogether, or mutate the API in such a way that breaks existing dashboards and alerts. + @@ -160,1887 +258,2600 @@ components using an HTTP scrape, and fetch the current metrics data in Prometheu + + + + + + + + - + + - + + - + + - + + - + + - + + + + + + + + + - + + - + + - + + - + + - + + - - + + + - + + - - + + + - + + - + + - + + - - - + + + + - - - + + + + - + + - + + - - + + + - + + - + + - + + - + + - + + - + + - + + - + + + + + + + + + - - + + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + - + + + + + + + + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + - + + - + + - + + + + + + + + + - + + - + + + + + + + + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + + + + + + + + + + + + + + + + + + + + + + - + + - + + - + + - - + + + - - + + + - + + - + + - + + - + + + + + + + + + - + - + + - + + - + + - + + - - + + + - - + + + - + + + + + + + + + - - + + + + + + + + + + - + + - + + - + + - + + - - + + + - + + - + + - - + + + - - - + + + + - - - + + + + - + + - + + + + + + + + + - + + - + + - + + - - + + + - - + + + - - + + + - + + - + + - + + - + + - + + - + + - + + - - + + + - - - - + + + + + - - - - - - - - - + + + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - - - - - - - + + - + + - + + - - + + + - - + + + - - + + + - - + + + - + + - - + + + - + + - - + + + - + + - - + + + - - + + + - - + + + - - + + + - - + + + - - + + + - - + + + - - + + + - - + + + - + + - - + + + - + + - + + - - - + + + + + + + + + + + + + + + + + + - - + + + - - + + + - - - - - - - - - - - - - - - + + + + - - - - + + + + + - - - + + + + + + + + + + + + + + + + + + - + + - + + - + + - + + - + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - + + + - - + + + - - - - - - - - - - + + + + + - - + + + - - + + + - - + + + - - + + + - + + - + + - - + + + - - + + + - - + + + + + + + + + + + + + + + + + + + + + + + + - + + - + + + + + + + + + + + + + + + + + + + + + + + - + + - + + - - + + + - - + + + - + + - + + - - - - - - - - - - - - - + + - - + + + - - - + + + + + + + + + + + - + + + + + + + + + + + + + + + + + + + + + + + - - + + + - - + + + - - + + + - - + + + + + + + + + + - + + - + + + + + + + + + - + + - + + - + + - - + + + + + + + + + + - - + + + - + + - - + + + - + + + + + + + + + - + + - + + - + + - - + + + - + + - + + - + + - - + + + - + + - + + - + + - + + - - + + + - - + + + + + + + + + + + + + + + + + + + + + + + + - + + - + + - + + - + + - + + - + + - + + - + + + + + + + + + - - + + + - - + + + - - + + + - - + + + + + + + + + + - - + + + - + + - - + + + - - + + + - + + - - + + + - - + + + - + + - + + - + + - + + - + + - - - - - - - + + - + + + + + + + + + + + + + + + + - + + - + + - - + + + - + + - + + - + + - + + + + + + + + + - + + - + + - + + - + + + + + + + + + - - + + + - + + - + + - + + + + + + + + + + + + + + + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + + + + + + + + + + + + + + + - - + + + + + + + + + + + + + + + + + - + + - - + + + - - + + + - + + - + + + + + + + + + - + + - + + - + + - - + + + - - + + + - + + - + + - - - - - - - + + - + + - + + + + + + + + + - + + - + + - + + - - + + + - + + - + + - + + - - + + + + + + + + + + + + + + + + + - - + + + - - + + + - - + + + - - + + + - - + + + - + + - + + - - + + + - - + + + - - + + + - - + + + - - + + + - - + + + - - + + + - - + + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + + - + +
    Help Labels Const LabelsDeprecated Version
    aggregator_discovery_aggregation_count_totalALPHACounterCounter of number of times discovery was aggregated
    aggregator_openapi_v2_regeneration_count ALPHA Counter Counter of OpenAPI v2 spec regeneration count broken down by causing APIService name and reason.
    apiservice
    reason
    		None
    aggregator_openapi_v2_regeneration_duration ALPHA Gauge Gauge of OpenAPI v2 spec regeneration duration in seconds.
    reason
    		None
    aggregator_unavailable_apiservice ALPHA Custom Gauge of APIServices which are marked as unavailable broken down by APIService name.
    name
    		None
    aggregator_unavailable_apiservice_total ALPHA Counter Counter of APIServices which are marked as unavailable broken down by APIService name and reason.
    name
    reason
    		None
    apiextensions_openapi_v2_regeneration_count ALPHA Counter Counter of OpenAPI v2 spec regeneration count broken down by causing CRD name and reason.
    crd
    reason
    		None
    apiextensions_openapi_v3_regeneration_count ALPHA Counter Counter of OpenAPI v3 spec regeneration count broken down by group, version, causing CRD and reason.
    crd
    group
    reason
    version
    		None
    apiserver_admission_admission_match_condition_evaluation_errors_totalALPHACounterAdmission match condition evaluation errors count, identified by name of resource containing the match condition and broken out for each admission type (validating or mutating).
    name
    type
    apiserver_admission_step_admission_duration_seconds_summary ALPHA Summary Admission sub-step latency summary in seconds, broken out for each operation and API resource and step type (validate or admit).
    operation
    rejected
    type
    		None
    apiserver_admission_webhook_fail_open_count ALPHA Counter Admission webhook fail open count, identified by name and broken out for each admission type (validating or mutating).
    name
    type
    		None
    apiserver_admission_webhook_rejection_count ALPHA Counter Admission webhook rejection count, identified by name and broken out for each admission type (validating or admit) and operation. Additional labels specify an error type (calling_webhook_error or apiserver_internal_error if an error occurred; no_error otherwise) and optionally a non-zero rejection code if the webhook rejects the request with an HTTP status code (honored by the apiserver when the code is greater or equal to 400). Codes greater than 600 are truncated to 600, to keep the metrics cardinality bounded.
    error_type
    name
    operation
    rejection_code
    type
    		None
    apiserver_admission_webhook_request_total ALPHA Counter Admission webhook request total, identified by name and broken out for each admission type (validating or mutating) and operation. Additional labels specify whether the request was rejected or not and an HTTP status code. Codes greater than 600 are truncated to 600, to keep the metrics cardinality bounded.
    code
    name
    operation
    rejected
    type
    		None
    apiserver_audit_error_total ALPHA Counter Counter of audit events that failed to be audited properly. Plugin identifies the plugin affected by the error.
    plugin
    		None
    apiserver_audit_event_total ALPHA Counter Counter of audit events generated and sent to the audit backend.NoneNone
    apiserver_audit_level_total ALPHA Counter Counter of policy levels for audit events (1 per request).
    level
    		None
    apiserver_audit_requests_rejected_total ALPHA Counter Counter of apiserver requests rejected due to an error in audit logging backend.NoneNone
    apiserver_cache_list_fetched_objects_total ALPHA Counter Number of objects read from watch cache in the course of serving a LIST request
    index
    resource_prefix
    		None
    apiserver_cache_list_returned_objects_total ALPHA Counter Number of objects returned for a LIST request from watch cache
    resource_prefix
    		None
    apiserver_cache_list_total ALPHA Counter Number of LIST requests served from watch cache
    index
    resource_prefix
    		None
    apiserver_cel_compilation_duration_seconds ALPHA HistogramNoneNone
    CEL compilation time in seconds.
    apiserver_cel_evaluation_duration_seconds ALPHA HistogramNoneNone
    CEL evaluation time in seconds.
    apiserver_certificates_registry_csr_honored_duration_total ALPHA Counter Total number of issued CSRs with a requested duration that was honored, sliced by signer (only kubernetes.io signer names are specifically identified)
    signerName
    		None
    apiserver_certificates_registry_csr_requested_duration_total ALPHA Counter Total number of issued CSRs with a requested duration, sliced by signer (only kubernetes.io signer names are specifically identified)
    signerName
    		None
    apiserver_client_certificate_expiration_seconds ALPHA Histogram Distribution of the remaining lifetime on the certificate used to authenticate a request.NoneNone
    apiserver_crd_webhook_conversion_duration_seconds ALPHA Histogram CRD webhook conversion duration in seconds
    crd_name
    from_version
    succeeded
    to_version
    		None
    apiserver_current_inqueue_requests ALPHA Gauge Maximal number of queued requests in this apiserver per request kind in last second.
    request_kind
    		None
    apiserver_delegated_authn_request_duration_seconds ALPHA Histogram Request latency in seconds. Broken down by status code.
    code
    		None
    apiserver_delegated_authn_request_total ALPHA Counter Number of HTTP requests partitioned by status code.
    code
    		None
    apiserver_delegated_authz_request_duration_seconds ALPHA Histogram Request latency in seconds. Broken down by status code.
    code
    		None
    apiserver_delegated_authz_request_total ALPHA Counter Number of HTTP requests partitioned by status code.
    code
    		None
    apiserver_egress_dialer_dial_duration_seconds ALPHA Histogram Dial latency histogram in seconds, labeled by the protocol (http-connect or grpc), transport (tcp or uds)
    protocol
    transport
    		None
    apiserver_egress_dialer_dial_failure_count ALPHA Counter Dial failure count, labeled by the protocol (http-connect or grpc), transport (tcp or uds), and stage (connect or proxy). The stage indicates at which stage the dial failed
    protocol
    stage
    transport
    		None
    apiserver_egress_dialer_dial_start_totalALPHACounterDial starts, labeled by the protocol (http-connect or grpc) and transport (tcp or uds).
    protocol
    transport
    apiserver_envelope_encryption_dek_cache_fill_percent ALPHA Gauge Percent of the cache slots currently occupied by cached DEKs.NoneNone
    apiserver_envelope_encryption_dek_cache_inter_arrival_time_seconds ALPHA Histogram Time (in seconds) of inter arrival of transformation requests.
    transformation_type
    		None
    apiserver_envelope_encryption_invalid_key_id_from_status_totalALPHACounterNumber of times an invalid keyID is returned by the Status RPC call split by error.
    error
    provider_name
    apiserver_envelope_encryption_key_id_hash_last_timestamp_secondsALPHAGaugeThe last time in seconds when a keyID was used.
    key_id_hash
    provider_name
    transformation_type
    apiserver_envelope_encryption_key_id_hash_status_last_timestamp_secondsALPHAGaugeThe last time in seconds when a keyID was returned by the Status RPC call.
    key_id_hash
    provider_name
    apiserver_envelope_encryption_key_id_hash_totalALPHACounterNumber of times a keyID is used split by transformation type and provider.
    key_id_hash
    provider_name
    transformation_type
    apiserver_envelope_encryption_kms_operations_latency_secondsALPHAHistogramKMS operation duration with gRPC error code status total.
    grpc_status_code
    method_name
    provider_name
    apiserver_flowcontrol_current_executing_requests ALPHA Gauge Number of requests in initial (for a WATCH) or any (for a non-WATCH) execution stage in the API Priority and Fairness subsystem
    flow_schema
    priority_level
    		None
    apiserver_flowcontrol_current_inqueue_requests ALPHA Gauge Number of requests currently pending in queues of the API Priority and Fairness subsystem
    flow_schema
    priority_level
    		None
    apiserver_flowcontrol_current_limit_seatsALPHAGaugecurrent derived number of execution seats available to each priority level
    priority_level
    apiserver_flowcontrol_current_r ALPHA Gauge R(time of last change)
    priority_level
    		None
    apiserver_flowcontrol_demand_seatsALPHATimingRatioHistogramObservations, at the end of every nanosecond, of (the number of seats each priority level could use) / (nominal number of seats for that level)
    priority_level
    apiserver_flowcontrol_demand_seats_averageALPHAGaugeTime-weighted average, over last adjustment period, of demand_seats
    priority_level
    apiserver_flowcontrol_demand_seats_high_watermarkALPHAGaugeHigh watermark, over last adjustment period, of demand_seats
    priority_level
    apiserver_flowcontrol_demand_seats_smoothedALPHAGaugeSmoothed seat demands
    priority_level
    apiserver_flowcontrol_demand_seats_stdevALPHAGaugeTime-weighted standard deviation, over last adjustment period, of demand_seats
    priority_level
    apiserver_flowcontrol_dispatch_r ALPHA Gauge R(time of last dispatch)
    priority_level
    		None
    apiserver_flowcontrol_dispatched_requests_total ALPHA Counter Number of requests executed by API Priority and Fairness subsystem
    flow_schema
    priority_level
    		None
    apiserver_flowcontrol_epoch_advance_total ALPHA Counter Number of times the queueset's progress meter jumped backward
    priority_level
    success
    		None
    apiserver_flowcontrol_latest_s ALPHA Gauge S(most recently dispatched request)
    priority_level
    		None
    apiserver_flowcontrol_lower_limit_seatsALPHAGaugeConfigured lower bound on number of execution seats available to each priority level
    priority_level
    apiserver_flowcontrol_next_discounted_s_bounds ALPHA Gauge min and max, over queues, of S(oldest waiting request in queue) - estimated work in progress
    bound
    priority_level
    		None
    apiserver_flowcontrol_next_s_bounds ALPHA Gauge min and max, over queues, of S(oldest waiting request in queue)
    bound
    priority_level
    		None
    apiserver_flowcontrol_nominal_limit_seatsALPHAGaugeNominal number of execution seats configured for each priority level
    priority_level
    apiserver_flowcontrol_priority_level_request_utilization ALPHA TimingRatioHistogram Observations, at the end of every nanosecond, of number of requests (as a fraction of the relevant limit) waiting or in any stage of execution (but only initial stage for WATCHes)
    phase
    priority_level
    		None
    apiserver_flowcontrol_priority_level_seat_utilization ALPHA TimingRatioHistogram Observations, at the end of every nanosecond, of utilization of seats for any stage of execution (but only initial stage for WATCHes)
    priority_level
    		map[phase:executing]
    phase:executing
    apiserver_flowcontrol_read_vs_write_current_requests ALPHA TimingRatioHistogram Observations, at the end of every nanosecond, of the number of requests (as a fraction of the relevant limit) waiting or in regular stage of execution
    phase
    request_kind
    		None
    apiserver_flowcontrol_rejected_requests_total ALPHA Counter Number of requests rejected by API Priority and Fairness subsystem
    flow_schema
    priority_level
    reason
    		None
    apiserver_flowcontrol_request_concurrency_in_use ALPHA Gauge Concurrency (number of seats) occupied by the currently executing (initial stage for a WATCH, any stage otherwise) requests in the API Priority and Fairness subsystem
    flow_schema
    priority_level
    		None
    apiserver_flowcontrol_request_concurrency_limit ALPHA Gauge Shared concurrency limit in the API Priority and Fairness subsystem
    priority_level
    		None
    apiserver_flowcontrol_request_dispatch_no_accommodation_total ALPHA Counter Number of times a dispatch attempt resulted in a non accommodation due to lack of available seats
    flow_schema
    priority_level
    		None
    apiserver_flowcontrol_request_execution_seconds ALPHA Histogram Duration of initial stage (for a WATCH) or any (for a non-WATCH) stage of request execution in the API Priority and Fairness subsystem
    flow_schema
    priority_level
    type
    		None
    apiserver_flowcontrol_request_queue_length_after_enqueue ALPHA Histogram Length of queue in the API Priority and Fairness subsystem, as seen by each request after it is enqueued
    flow_schema
    priority_level
    		None
    apiserver_flowcontrol_request_wait_duration_seconds ALPHA Histogram Length of time a request spent waiting in its queue
    execute
    flow_schema
    priority_level
    		None
    apiserver_flowcontrol_seat_fair_fracALPHAGaugeFair fraction of server's concurrency to allocate to each priority level that can use it
    apiserver_flowcontrol_target_seatsALPHAGaugeSeat allocation targets
    priority_level
    apiserver_flowcontrol_upper_limit_seatsALPHAGaugeConfigured upper bound on number of execution seats available to each priority level
    priority_level
    apiserver_flowcontrol_watch_count_samples ALPHA Histogram count of watchers for mutating requests in API Priority and Fairness
    flow_schema
    priority_level
    		None
    apiserver_flowcontrol_work_estimated_seats ALPHA Histogram Number of estimated seats (maximum of initial and final seats) associated with requests in API Priority and Fairness
    flow_schema
    priority_level
    		None
    apiserver_init_events_total ALPHA Counter Counter of init events processed in watch cache broken by resource type.
    resource
    		None
    apiserver_kube_aggregator_x509_insecure_sha1_total ALPHA Counter Counts the number of requests to servers with insecure SHA1 signatures in their serving certificate OR the number of connection failures due to the insecure SHA1 signatures (either/or, based on the runtime environment)NoneNone
    apiserver_kube_aggregator_x509_missing_san_total ALPHA Counter Counts the number of requests to servers missing SAN extension in their serving certificate OR the number of connection failures due to the lack of x509 certificate SAN extension missing (either/or, based on the runtime environment)NoneNone
    apiserver_request_aborts_total ALPHA Counter Number of requests which apiserver aborted possibly due to a timeout, for each group, version, verb, resource, subresource and scope
    group
    resource
    scope
    subresource
    verb
    version
    		None
    apiserver_request_body_sizes ALPHA Histogram Apiserver request body sizes broken out by size.
    resource
    verb
    		None
    apiserver_request_filter_duration_seconds ALPHA Histogram Request filter latency distribution in seconds, for each filter type
    filter
    		None
    apiserver_request_post_timeout_total ALPHA Counter Tracks the activity of the request handlers after the associated requests have been timed out by the apiserver
    source
    status
    		None
    apiserver_request_sli_duration_secondsALPHAHistogramResponse latency distribution (not counting webhook duration and priority & fairness queue wait times) in seconds for each verb, group, version, resource, subresource, scope and component.
    component
    group
    resource
    scope
    subresource
    verb
    version
    apiserver_request_slo_duration_seconds ALPHA HistogramResponse latency distribution (not counting webhook duration) in seconds for each verb, group, version, resource, subresource, scope and component.Response latency distribution (not counting webhook duration and priority & fairness queue wait times) in seconds for each verb, group, version, resource, subresource, scope and component.
    component
    group
    resource
    scope
    subresource
    verb
    version
    		None
    1.27.0
    apiserver_request_terminations_total ALPHA Counter Number of requests which apiserver terminated in self-defense.
    code
    component
    group
    resource
    scope
    subresource
    verb
    version
    		None
    apiserver_request_timestamp_comparison_time ALPHA Histogram Time taken for comparison of old vs new objects in UPDATE or PATCH requests
    code_path
    		None
    apiserver_selfrequest_total ALPHA Counter Counter of apiserver self-requests broken out for each verb, API resource and subresource.
    resource
    subresource
    verb
    		None
    apiserver_storage_data_key_generation_duration_seconds ALPHA Histogram Latencies in seconds of data encryption key(DEK) generation operations.NoneNone
    apiserver_storage_data_key_generation_failures_total ALPHA Counter Total number of failed data encryption key(DEK) generation operations.NoneNone
    apiserver_storage_db_total_size_in_bytes ALPHA Gauge Total size of the storage database file physically allocated in bytes.
    endpoint
    		None
    apiserver_storage_decode_errors_totalALPHACounterNumber of stored object decode errors split by object type
    resource
    apiserver_storage_envelope_transformation_cache_misses_total ALPHA Counter Total number of cache misses while accessing key decryption key(KEK).NoneNone
    apiserver_storage_events_received_totalALPHACounterNumber of etcd events received split by kind.
    resource
    apiserver_storage_list_evaluated_objects_total ALPHA Counter Number of objects tested in the course of serving a LIST request from storage
    resource
    		None
    apiserver_storage_list_fetched_objects_total ALPHA Counter Number of objects read from storage in the course of serving a LIST request
    resource
    		None
    apiserver_storage_list_returned_objects_total ALPHA Counter Number of objects returned for a LIST request from storage
    resource
    		None
    apiserver_storage_list_total ALPHA Counter Number of LIST requests served from storage
    resource
    		None
    apiserver_storage_transformation_duration_seconds ALPHA Histogram Latencies in seconds of value transformation operations.
    transformation_type
    		None
    transformation_type
    transformer_prefix
    apiserver_storage_transformation_operations_total ALPHA Counter Total number of transformations.
    status
    transformation_type
    transformer_prefix
    		None
    apiserver_terminated_watchers_total ALPHA Counter Counter of watchers closed due to unresponsiveness broken by resource type.
    resource
    		None
    apiserver_tls_handshake_errors_total ALPHA Counter Number of requests dropped with 'TLS handshake error from' errorNoneNone
    apiserver_validating_admission_policy_check_duration_seconds ALPHA HistogramValidation admission latency for individual validation expressions in seconds, labeled by policy and param resource, further including binding, state and enforcement action taken.
    enforcement_action
    params
    policy
    policy_binding
    state
    validation_expression
    		None
    Validation admission latency for individual validation expressions in seconds, labeled by policy and further including binding, state and enforcement action taken.
    enforcement_action
    policy
    policy_binding
    state
    apiserver_validating_admission_policy_check_total ALPHA CounterValidation admission policy check total, labeled by policy and param resource, and further identified by binding, validation expression, enforcement action taken, and state.
    enforcement_action
    params
    policy
    policy_binding
    state
    validation_expression
    		None
    Validation admission policy check total, labeled by policy and further identified by binding, enforcement action taken, and state.
    enforcement_action
    policy
    policy_binding
    state
    apiserver_validating_admission_policy_definition_total ALPHA Counter Validation admission policy count total, labeled by state and enforcement action.
    enforcement_action
    state
    		None
    apiserver_watch_cache_events_dispatched_total ALPHA Counter Counter of events dispatched in watch cache broken by resource type.
    resource
    		None
    apiserver_watch_cache_events_received_totalALPHACounterCounter of events received in watch cache broken by resource type.
    resource
    apiserver_watch_cache_initializations_total ALPHA Counter Counter of watch cache initializations broken by resource type.
    resource
    		None
    apiserver_watch_events_sizes ALPHA Histogram Watch event size distribution in bytes
    group
    kind
    version
    		None
    apiserver_watch_events_total ALPHA Counter Number of events sent in watch clients
    group
    kind
    version
    		None
    apiserver_webhooks_x509_insecure_sha1_total ALPHA Counter Counts the number of requests to servers with insecure SHA1 signatures in their serving certificate OR the number of connection failures due to the insecure SHA1 signatures (either/or, based on the runtime environment)NoneNone
    apiserver_webhooks_x509_missing_san_total ALPHA Counter Counts the number of requests to servers missing SAN extension in their serving certificate OR the number of connection failures due to the lack of x509 certificate SAN extension missing (either/or, based on the runtime environment)NoneNone
    attachdetach_controller_forced_detaches ALPHA Counter Number of times the A/D Controller performed a forced detachNoneNone
    attachdetach_controller_total_volumes ALPHA Custom Number of volumes in A/D Controller
    plugin_name
    state
    		None
    authenticated_user_requests ALPHA Counter Counter of authenticated requests broken out by username.
    username
    		None
    authentication_attempts ALPHA Counter Counter of authenticated attempts.
    result
    		None
    authentication_duration_seconds ALPHA Histogram Authentication duration in seconds broken out by result.
    result
    		None
    authentication_token_cache_active_fetch_count ALPHA Gauge
    status
    		None
    authentication_token_cache_fetch_total ALPHA Counter
    status
    		None
    authentication_token_cache_request_duration_seconds ALPHA Histogram
    status
    		None
    authentication_token_cache_request_total ALPHA Counter
    status
    		None
    cloudprovider_aws_api_request_duration_seconds
    cloud_provider_webhook_request_duration_seconds ALPHA HistogramLatency of AWS API calls
    request
    		None
    cloudprovider_aws_api_request_errorsRequest latency in seconds. Broken down by status code.
    code
    webhook
    cloud_provider_webhook_request_total ALPHA CounterAWS API errors
    request
    		None
    cloudprovider_aws_api_throttled_requests_totalALPHACounterAWS API throttled requests
    operation_name
    		None
    Number of HTTP requests partitioned by status code.
    code
    webhook
    cloudprovider_azure_api_request_duration_seconds ALPHA Histogram Latency of an Azure API call
    request
    resource_group
    source
    subscription_id
    		None
    cloudprovider_azure_api_request_errors ALPHA Counter Number of errors for an Azure API call
    request
    resource_group
    source
    subscription_id
    		None
    cloudprovider_azure_api_request_ratelimited_count ALPHA Counter Number of rate limited Azure API calls
    request
    resource_group
    source
    subscription_id
    		None
    cloudprovider_azure_api_request_throttled_count ALPHA Counter Number of throttled Azure API calls
    request
    resource_group
    source
    subscription_id
    		None
    cloudprovider_azure_op_duration_seconds ALPHA Histogram Latency of an Azure service operation
    request
    resource_group
    source
    subscription_id
    		None
    cloudprovider_azure_op_failure_count ALPHA Counter Number of failed Azure service operations
    request
    resource_group
    source
    subscription_id
    		None
    cloudprovider_gce_api_request_duration_seconds ALPHA Histogram Latency of a GCE API call
    region
    request
    version
    zone
    		None
    cloudprovider_gce_api_request_errors ALPHA Counter Number of errors for an API call
    region
    request
    version
    zone
    		None
    cloudprovider_vsphere_api_request_duration_seconds ALPHA Histogram Latency of vsphere api call
    request
    		None
    cloudprovider_vsphere_api_request_errors ALPHA Counter vsphere Api errors
    request
    		None
    cloudprovider_vsphere_operation_duration_seconds ALPHA Histogram Latency of vsphere operation call
    operation
    		None
    cloudprovider_vsphere_operation_errors ALPHA Counter vsphere operation errors
    operation
    		None
    cloudprovider_vsphere_vcenter_versions ALPHA Custom Versions for connected vSphere vCenters
    hostname
    version
    build
    		None
    container_cpu_usage_seconds_total ALPHA Custom Cumulative cpu time consumed by the container in core-seconds
    container
    pod
    namespace
    		None
    container_memory_working_set_bytes ALPHA Custom Current working set of the container in bytes
    container
    pod
    namespace
    		None
    container_start_time_seconds ALPHA Custom Start time of the container since unix epoch in seconds
    container
    pod
    namespace
    		None
    cronjob_controller_cronjob_job_creation_skew_duration_secondsALPHAHistogramTime between when a cronjob is scheduled to be run, and when the corresponding job is createdNoneNone
    csi_operations_seconds ALPHA Histogram Container Storage Interface operation duration with gRPC error code status total
    driver_name
    grpc_status_code
    method_name
    migrated
    		None
    endpoint_slice_controller_changes ALPHA Counter Number of EndpointSlice changes
    operation
    		None
    endpoint_slice_controller_desired_endpoint_slices ALPHA Gauge Number of EndpointSlices that would exist with perfect endpoint allocationNoneNone
    endpoint_slice_controller_endpoints_added_per_sync ALPHA Histogram Number of endpoints added on each Service syncNoneNone
    endpoint_slice_controller_endpoints_desired ALPHA Gauge Number of endpoints desiredNoneNone
    endpoint_slice_controller_endpoints_removed_per_sync ALPHA Histogram Number of endpoints removed on each Service syncNoneNone
    endpoint_slice_controller_endpointslices_changed_per_sync ALPHA Histogram Number of EndpointSlices changed on each Service sync
    topology
    		None
    endpoint_slice_controller_num_endpoint_slices ALPHA Gauge Number of EndpointSlicesNoneNone
    endpoint_slice_controller_syncs ALPHA Counter Number of EndpointSlice syncs
    result
    		None
    endpoint_slice_mirroring_controller_addresses_skipped_per_sync ALPHA Histogram Number of addresses skipped on each Endpoints sync due to being invalid or exceeding MaxEndpointsPerSubsetNoneNone
    endpoint_slice_mirroring_controller_changes ALPHA Counter Number of EndpointSlice changes
    operation
    		None
    endpoint_slice_mirroring_controller_desired_endpoint_slices ALPHA Gauge Number of EndpointSlices that would exist with perfect endpoint allocationNoneNone
    endpoint_slice_mirroring_controller_endpoints_added_per_sync ALPHA Histogram Number of endpoints added on each Endpoints syncNoneNone
    endpoint_slice_mirroring_controller_endpoints_desired ALPHA Gauge Number of endpoints desiredNoneNone
    endpoint_slice_mirroring_controller_endpoints_removed_per_sync ALPHA Histogram Number of endpoints removed on each Endpoints syncNoneNone
    endpoint_slice_mirroring_controller_endpoints_sync_duration ALPHA Histogram Duration of syncEndpoints() in secondsNoneNone
    endpoint_slice_mirroring_controller_endpoints_updated_per_sync ALPHA Histogram Number of endpoints updated on each Endpoints syncNoneNone
    endpoint_slice_mirroring_controller_num_endpoint_slices ALPHA Gauge Number of EndpointSlicesNoneNone
    ephemeral_volume_controller_create_failures_total ALPHA Counter Number of PersistenVolumeClaims creation requestsNoneNone
    ephemeral_volume_controller_create_total ALPHA Counter Number of PersistenVolumeClaims creation requestsNoneNone
    etcd_bookmark_counts ALPHA Gauge Number of etcd bookmarks (progress notify events) split by kind.
    resource
    		None
    etcd_lease_object_counts ALPHA Histogram Number of objects attached to a single etcd lease.NoneNone
    etcd_request_duration_seconds ALPHA Histogram Etcd request latency in seconds for each operation and object type.
    operation
    type
    		None
    etcd_version_info ALPHA Gauge Etcd server's binary version
    binary_version
    		None
    field_validation_request_duration_seconds ALPHA HistogramResponse latency distribution in seconds for each field validation value and whether field validation is enabled or not
    enabled
    field_validation
    		None
    Response latency distribution in seconds for each field validation value
    field_validation
    force_cleaned_failed_volume_operation_errors_totalALPHACounterThe number of volumes that failed force cleanup after their reconstruction failed during kubelet startup.
    force_cleaned_failed_volume_operations_totalALPHACounterThe number of volumes that were force cleaned after their reconstruction failed during kubelet startup. This includes both successful and failed cleanups.
    garbagecollector_controller_resources_sync_error_total ALPHA Counter Number of garbage collector resources sync errorsNoneNone
    get_token_count ALPHA Counter Counter of total Token() requests to the alternate token sourceNoneNone
    get_token_fail_count ALPHA Counter Counter of failed Token() requests to the alternate token sourceNoneNone
    job_controller_job_finished_totalALPHACounterThe number of finished job
    completion_mode
    reason
    result
    		None
    job_controller_job_pods_finished_totalALPHACounterThe number of finished Pods that are fully tracked
    completion_mode
    result
    		None
    job_controller_job_sync_duration_seconds
    horizontal_pod_autoscaler_controller_metric_computation_duration_seconds ALPHA HistogramThe time it took to sync a job
    action
    completion_mode
    result
    		None
    job_controller_job_sync_totalThe time(seconds) that the HPA controller takes to calculate one metric. The label 'action' should be either 'scale_down', 'scale_up', or 'none'. The label 'error' should be either 'spec', 'internal', or 'none'. The label 'metric_type' corresponds to HPA.spec.metrics[*].type
    action
    error
    metric_type
    horizontal_pod_autoscaler_controller_metric_computation_total ALPHA CounterThe number of job syncs
    action
    completion_mode
    result
    		None
    Number of metric computations. The label 'action' should be either 'scale_down', 'scale_up', or 'none'. Also, the label 'error' should be either 'spec', 'internal', or 'none'. The label 'metric_type' corresponds to HPA.spec.metrics[*].type
    action
    error
    metric_type
    horizontal_pod_autoscaler_controller_reconciliation_duration_secondsALPHAHistogramThe time(seconds) that the HPA controller takes to reconcile once. The label 'action' should be either 'scale_down', 'scale_up', or 'none'. Also, the label 'error' should be either 'spec', 'internal', or 'none'. Note that if both spec and internal errors happen during a reconciliation, the first one to occur is reported in `error` label.
    action
    error
    horizontal_pod_autoscaler_controller_reconciliations_totalALPHACounterNumber of reconciliations of HPA controller. The label 'action' should be either 'scale_down', 'scale_up', or 'none'. Also, the label 'error' should be either 'spec', 'internal', or 'none'. Note that if both spec and internal errors happen during a reconciliation, the first one to occur is reported in `error` label.
    action
    error
    job_controller_pod_failures_handled_by_failure_policy_total ALPHA Counter `The number of failed Pods handled by failure policy with, respect to the failure policy action applied based on the matched, rule. Possible values of the action label correspond to the, possible values for the failure policy rule action, which are:, "FailJob", "Ignore" and "Count".`
    action
    		None
    job_controller_terminated_pods_tracking_finalizer_total ALPHA Counter `The number of terminated pods (phase=Failed|Succeeded), that have the finalizer batch.kubernetes.io/job-tracking, The event label can be "add" or "delete".`
    event
    		None
    kube_apiserver_clusterip_allocator_allocated_ips ALPHA Gauge Gauge measuring the number of allocated IPs for Services
    cidr
    		None
    kube_apiserver_clusterip_allocator_allocation_errors_total ALPHA Counter Number of errors trying to allocate Cluster IPs
    cidr
    scope
    		None
    kube_apiserver_clusterip_allocator_allocation_total ALPHA Counter Number of Cluster IPs allocations
    cidr
    scope
    		None
    kube_apiserver_clusterip_allocator_available_ips ALPHA Gauge Gauge measuring the number of available IPs for Services
    cidr
    		None
    kube_apiserver_nodeport_allocator_allocated_portsALPHAGaugeGauge measuring the number of allocated NodePorts for Services
    kube_apiserver_nodeport_allocator_allocation_errors_totalALPHACounterNumber of errors trying to allocate NodePort
    scope
    kube_apiserver_nodeport_allocator_allocation_totalALPHACounterNumber of NodePort allocations
    scope
    kube_apiserver_nodeport_allocator_available_portsALPHAGaugeGauge measuring the number of available NodePorts for Services
    kube_apiserver_pod_logs_backend_tls_failure_totalALPHACounterTotal number of requests for pods/logs that failed due to kubelet server TLS verification
    kube_apiserver_pod_logs_insecure_backend_totalALPHACounterTotal number of requests for pods/logs sliced by usage type: enforce_tls, skip_tls_allowed, skip_tls_denied
    usage
    kube_apiserver_pod_logs_pods_logs_backend_tls_failure_total ALPHA Counter Total number of requests for pods/logs that failed due to kubelet server TLS verificationNoneNone
    1.27.0
    kube_apiserver_pod_logs_pods_logs_insecure_backend_total ALPHA Counter Total number of requests for pods/logs sliced by usage type: enforce_tls, skip_tls_allowed, skip_tls_denied
    usage
    		None
    kube_pod_resource_limit1.27.0
    kubelet_active_pods ALPHACustomResources limit for workloads on the cluster, broken down by pod. This shows the resource usage the scheduler and kubelet expect per pod for resources along with the unit for the resource if any.
    namespace
    pod
    node
    scheduler
    priority
    resource
    unit
    		None
    kube_pod_resource_requestALPHACustomResources requested by workloads on the cluster, broken down by pod. This shows the resource usage the scheduler and kubelet expect per pod for resources along with the unit for the resource if any.
    namespace
    pod
    node
    scheduler
    priority
    resource
    unit
    		None
    GaugeThe number of pods the kubelet considers active and which are being considered when admitting new pods. static is true if the pod is not from the apiserver.
    static
    kubelet_certificate_manager_client_expiration_renew_errors ALPHA Counter Counter of certificate renewal errors.NoneNone
    kubelet_certificate_manager_client_ttl_seconds ALPHA Gauge Gauge of the TTL (time-to-live) of the Kubelet's client certificate. The value is in seconds until certificate expiry (negative if already expired). If client certificate is invalid or unused, the value will be +INF.NoneNone
    kubelet_certificate_manager_server_rotation_seconds ALPHA Histogram Histogram of the number of seconds the previous certificate lived before being rotated.NoneNone
    kubelet_certificate_manager_server_ttl_seconds ALPHA Gauge Gauge of the shortest TTL (time-to-live) of the Kubelet's serving certificate. The value is in seconds until certificate expiry (negative if already expired). If serving certificate is invalid or unused, the value will be +INF.NoneNone
    kubelet_cgroup_manager_duration_seconds ALPHA Histogram Duration in seconds for cgroup manager operations. Broken down by method.
    operation_type
    		None
    kubelet_container_log_filesystem_used_bytes ALPHA Custom Bytes used by the container's logs on the filesystem.
    uid
    namespace
    pod
    container
    		None
    kubelet_containers_per_pod_count ALPHA Histogram The number of containers per pod.NoneNone
    kubelet_cpu_manager_pinning_errors_total ALPHA Counter The number of cpu core allocations which required pinning failed.NoneNone
    kubelet_cpu_manager_pinning_requests_total ALPHA Counter The number of cpu core allocations which required pinning.NoneNone
    kubelet_credential_provider_plugin_durationALPHAHistogramDuration of execution in seconds for credential provider plugin
    plugin_name
    kubelet_credential_provider_plugin_errorsALPHACounterNumber of errors from credential provider plugin
    plugin_name
    kubelet_desired_podsALPHAGaugeThe number of pods the kubelet is being instructed to run. static is true if the pod is not from the apiserver.
    static
    kubelet_device_plugin_alloc_duration_seconds ALPHA Histogram Duration in seconds to serve a device plugin Allocation request. Broken down by resource name.
    resource_name
    		None
    kubelet_device_plugin_registration_total ALPHA Counter Cumulative number of device plugin registrations. Broken down by resource name.
    resource_name
    		None
    kubelet_evented_pleg_connection_error_countALPHACounterThe number of errors encountered during the establishment of streaming connection with the CRI runtime.
    kubelet_evented_pleg_connection_latency_secondsALPHAHistogramThe latency of streaming connection with the CRI runtime, measured in seconds.
    kubelet_evented_pleg_connection_success_countALPHACounterThe number of times a streaming client was obtained to receive CRI Events.
    kubelet_eviction_stats_age_seconds ALPHA Histogram Time between when stats are collected, and when pod is evicted based on those stats by eviction signal
    eviction_signal
    		None
    kubelet_evictions ALPHA Counter Cumulative number of pod evictions by eviction signal
    eviction_signal
    		None
    kubelet_graceful_shutdown_end_time_seconds ALPHA Gauge Last graceful shutdown start time since unix epoch in secondsNoneNone
    kubelet_graceful_shutdown_start_time_seconds ALPHA Gauge Last graceful shutdown start time since unix epoch in secondsNoneNone
    kubelet_http_inflight_requests ALPHA Gauge Number of the inflight http requests
    long_running
    method
    path
    server_type
    		None
    kubelet_http_requests_duration_seconds ALPHA Histogram Duration in seconds to serve http requests
    long_running
    method
    path
    server_type
    		None
    kubelet_http_requests_total ALPHA Counter Number of the http requests received since the server started
    long_running
    method
    path
    server_type
    		None
    kubelet_kubelet_credential_provider_plugin_durationALPHAHistogramDuration of execution in seconds for credential provider plugin
    plugin_name
    		None
    kubelet_kubelet_credential_provider_plugin_errorsALPHACounterNumber of errors from credential provider plugin
    plugin_name
    		None
    kubelet_lifecycle_handler_http_fallbacks_total ALPHA Counter The number of times lifecycle handlers successfully fell back to http from https.NoneNone
    kubelet_managed_ephemeral_containers ALPHA GaugeCurrent number of ephemeral containers in pods managed by this kubelet. Ephemeral containers will be ignored if disabled by the EphemeralContainers feature gate, and this number will be 0.NoneNone
    Current number of ephemeral containers in pods managed by this kubelet.
    kubelet_mirror_podsALPHAGaugeThe number of mirror pods the kubelet will try to create (one per admitted static pod)
    kubelet_node_name ALPHA Gauge The node's name. The count is always 1.
    node
    		None
    kubelet_orphan_pod_cleaned_volumesALPHAGaugeThe total number of orphaned Pods whose volumes were cleaned in the last periodic sweep.
    kubelet_orphan_pod_cleaned_volumes_errorsALPHAGaugeThe number of orphaned Pods whose volumes failed to be cleaned in the last periodic sweep.
    kubelet_orphaned_runtime_pods_totalALPHACounterNumber of pods that have been detected in the container runtime without being already known to the pod worker. This typically indicates the kubelet was restarted while a pod was force deleted in the API or in the local configuration, which is unusual.
    kubelet_pleg_discard_events ALPHA Counter The number of discard events in PLEG.NoneNone
    kubelet_pleg_last_seen_seconds ALPHA Gauge Timestamp in seconds when PLEG was last seen active.NoneNone
    kubelet_pleg_relist_duration_seconds ALPHA Histogram Duration in seconds for relisting pods in PLEG.NoneNone
    kubelet_pleg_relist_interval_seconds ALPHA Histogram Interval in seconds between relisting in PLEG.NoneNone
    kubelet_pod_resources_endpoint_errors_getALPHACounterNumber of requests to the PodResource Get endpoint which returned error. Broken down by server api version.
    server_api_version
    kubelet_pod_resources_endpoint_errors_get_allocatable ALPHA Counter Number of requests to the PodResource GetAllocatableResources endpoint which returned error. Broken down by server api version.
    server_api_version
    		None
    kubelet_pod_resources_endpoint_errors_list ALPHA Counter Number of requests to the PodResource List endpoint which returned error. Broken down by server api version.
    server_api_version
    		None
    kubelet_pod_resources_endpoint_requests_getALPHACounterNumber of requests to the PodResource Get endpoint. Broken down by server api version.
    server_api_version
    kubelet_pod_resources_endpoint_requests_get_allocatable ALPHA Counter Number of requests to the PodResource GetAllocatableResources endpoint. Broken down by server api version.
    server_api_version
    		None
    kubelet_pod_resources_endpoint_requests_list ALPHA Counter Number of requests to the PodResource List endpoint. Broken down by server api version.
    server_api_version
    		None
    kubelet_pod_resources_endpoint_requests_total ALPHA Counter Cumulative number of requests to the PodResource endpoint. Broken down by server api version.
    server_api_version
    		None
    kubelet_pod_start_duration_seconds ALPHA Histogram Duration in seconds from kubelet seeing a pod for the first time to the pod starting to runNoneNone
    kubelet_pod_start_sli_duration_secondsALPHAHistogramDuration in seconds to start a pod, excluding time to pull images and run init containers, measured from pod creation timestamp to when all its containers are reported as started and observed via watch
    kubelet_pod_status_sync_duration_seconds ALPHA Histogram Duration in seconds to sync a pod status update. Measures time from detection of a change to pod status until the API is successfully updated for that pod, even if multiple intevening changes to pod status occur.NoneNone
    kubelet_pod_worker_duration_seconds ALPHA Histogram Duration in seconds to sync a single pod. Broken down by operation type: create, update, or sync
    operation_type
    		None
    kubelet_pod_worker_start_duration_seconds ALPHA Histogram Duration in seconds from kubelet seeing a pod to starting a worker.NoneNone
    kubelet_preemptions ALPHA Counter Cumulative number of pod preemptions by preemption resource
    preemption_signal
    		None
    kubelet_restarted_pods_totalALPHACounterNumber of pods that have been restarted because they were deleted and recreated with the same UID while the kubelet was watching them (common for static pods, extremely uncommon for API pods)
    static
    kubelet_run_podsandbox_duration_seconds ALPHA Histogram Duration in seconds of the run_podsandbox operations. Broken down by RuntimeClass.Handler.
    runtime_handler
    		None
    kubelet_run_podsandbox_errors_total ALPHA Counter Cumulative number of the run_podsandbox operation errors by RuntimeClass.Handler.
    runtime_handler
    		None
    kubelet_running_containers ALPHA Gauge Number of containers currently running
    container_state
    		None
    kubelet_running_pods ALPHA Gauge Number of pods that have a running pod sandboxNoneNone
    kubelet_runtime_operations_duration_seconds ALPHA Histogram Duration in seconds of runtime operations. Broken down by operation type.
    operation_type
    		None
    kubelet_runtime_operations_errors_total ALPHA Counter Cumulative number of runtime operation errors by operation type.
    operation_type
    		None
    kubelet_runtime_operations_total ALPHA Counter Cumulative number of runtime operations by operation type.
    operation_type
    		None
    kubelet_server_expiration_renew_errors ALPHA Counter Counter of certificate renewal errors.NoneNone
    kubelet_started_containers_errors_total ALPHA Counter Cumulative number of errors when starting containers
    code
    container_type
    		None
    kubelet_started_containers_total ALPHA Counter Cumulative number of containers started
    container_type
    		None
    kubelet_started_host_process_containers_errors_total ALPHA Counter Cumulative number of errors when starting hostprocess containers. This metric will only be collected on Windows and requires WindowsHostProcessContainers feature gate to be enabled.
    code
    container_type
    		None
    kubelet_started_host_process_containers_total ALPHA Counter Cumulative number of hostprocess containers started. This metric will only be collected on Windows and requires WindowsHostProcessContainers feature gate to be enabled.
    container_type
    		None
    kubelet_started_pods_errors_total ALPHA Counter Cumulative number of errors when starting podsNoneNone
    kubelet_started_pods_total ALPHA Counter Cumulative number of pods startedNoneNone
    kubelet_topology_manager_admission_duration_msALPHAHistogramDuration in milliseconds to serve a pod admission request.
    kubelet_topology_manager_admission_errors_totalALPHACounterThe number of admission request failures where resources could not be aligned.
    kubelet_topology_manager_admission_requests_totalALPHACounterThe number of admission requests where resources have to be aligned.
    kubelet_volume_metric_collection_duration_seconds ALPHA Histogram Duration in seconds to calculate volume stats
    metric_source
    		None
    kubelet_volume_stats_available_bytes ALPHA Custom Number of available bytes in the volume
    namespace
    persistentvolumeclaim
    		None
    kubelet_volume_stats_capacity_bytes ALPHA Custom Capacity in bytes of the volume
    namespace
    persistentvolumeclaim
    		None
    kubelet_volume_stats_health_status_abnormal ALPHA Custom Abnormal volume health status. The count is either 1 or 0. 1 indicates the volume is unhealthy, 0 indicates volume is healthy
    namespace
    persistentvolumeclaim
    		None
    kubelet_volume_stats_inodes ALPHA Custom Maximum number of inodes in the volume
    namespace
    persistentvolumeclaim
    		None
    kubelet_volume_stats_inodes_free ALPHA Custom Number of free inodes in the volume
    namespace
    persistentvolumeclaim
    		None
    kubelet_volume_stats_inodes_used ALPHA Custom Number of used inodes in the volume
    namespace
    persistentvolumeclaim
    		None
    kubelet_volume_stats_used_bytes ALPHA Custom Number of used bytes in the volume
    namespace
    persistentvolumeclaim
    		None
    kubelet_working_podsALPHAGaugeNumber of pods the kubelet is actually running, broken down by lifecycle phase, whether the pod is desired, orphaned, or runtime only (also orphaned), and whether the pod is static. An orphaned pod has been removed from local configuration or force deleted in the API and consumes resources that are not otherwise visible.
    config
    lifecycle
    static
    kubeproxy_network_programming_duration_seconds ALPHA Histogram In Cluster Network Programming Latency in secondsNoneNone
    kubeproxy_sync_proxy_rules_duration_seconds ALPHA Histogram SyncProxyRules latency in secondsNoneNone
    kubeproxy_sync_proxy_rules_endpoint_changes_pending ALPHA Gauge Pending proxy rules Endpoint changesNoneNone
    kubeproxy_sync_proxy_rules_endpoint_changes_total ALPHA Counter Cumulative proxy rules Endpoint changesNoneNone
    kubeproxy_sync_proxy_rules_iptables_partial_restore_failures_totalALPHACounterCumulative proxy iptables partial restore failures
    kubeproxy_sync_proxy_rules_iptables_restore_failures_total ALPHA Counter Cumulative proxy iptables restore failuresNoneNone
    kubeproxy_sync_proxy_rules_iptables_total ALPHA Gauge Number of proxy iptables rules programmed
    table
    		None
    kubeproxy_sync_proxy_rules_last_queued_timestamp_seconds ALPHA Gauge The last time a sync of proxy rules was queuedNoneNone
    kubeproxy_sync_proxy_rules_last_timestamp_seconds ALPHA Gauge The last time proxy rules were successfully syncedNoneNone
    kubeproxy_sync_proxy_rules_no_local_endpoints_total ALPHA Gauge Number of services with a Local traffic policy and no endpoints
    traffic_policy
    		None
    kubeproxy_sync_proxy_rules_service_changes_pending ALPHA Gauge Pending proxy rules Service changesNoneNone
    kubeproxy_sync_proxy_rules_service_changes_total ALPHA Counter Cumulative proxy rules Service changesNoneNone
    kubernetes_build_info ALPHA Gauge A metric with a constant '1' value labeled by major, minor, git version, git commit, git tree state, build date, Go version, and compiler from which Kubernetes was built, and platform on which it is running.
    build_date
    compiler
    git_commit
    git_tree_state
    git_version
    go_version
    major
    minor
    platform
    		None
    kubernetes_feature_enabled ALPHA Gauge This metric records the data about the stage and enablement of a k8s feature.
    name
    stage
    		None
    kubernetes_healthcheck ALPHA Gauge This metric records the result of a single healthcheck.
    name
    type
    		None
    kubernetes_healthchecks_total ALPHA Counter This metric records the results of all healthcheck.
    name
    status
    type
    		None
    leader_election_master_status ALPHA Gauge Gauge of if the reporting system is master of the relevant lease, 0 indicates backup, 1 indicates master. 'name' is the string used to identify the lease. Please make sure to group by name.
    name
    		None
    node_authorizer_graph_actions_duration_seconds ALPHA Histogram Histogram of duration of graph actions in node authorizer.
    operation
    		None
    node_collector_evictions_numberALPHACounterNumber of Node evictions that happened since current instance of NodeController started, This metric is replaced by node_collector_evictions_total.
    zone
    		None
    node_collector_unhealthy_nodes_in_zone ALPHA Gauge Gauge measuring number of not Ready Nodes per zones.
    zone
    		None
    node_collector_update_all_nodes_health_duration_secondsALPHAHistogramDuration in seconds for NodeController to update the health of all nodes.
    node_collector_update_node_health_duration_secondsALPHAHistogramDuration in seconds for NodeController to update the health of a single node.
    node_collector_zone_health ALPHA Gauge Gauge measuring percentage of healthy nodes per zone.
    zone
    		None
    node_collector_zone_size ALPHA Gauge Gauge measuring number of registered Nodes per zones.
    zone
    		None
    node_cpu_usage_seconds_total ALPHA Custom Cumulative cpu time consumed by the node in core-secondsNoneNone
    node_ipam_controller_cidrset_allocation_tries_per_request ALPHA Histogram Number of endpoints added on each Service sync
    clusterCIDR
    		None
    node_ipam_controller_cidrset_cidrs_allocations_total ALPHA Counter Counter measuring total number of CIDR allocations.
    clusterCIDR
    		None
    node_ipam_controller_cidrset_cidrs_releases_total ALPHA Counter Counter measuring total number of CIDR releases.
    clusterCIDR
    		None
    node_ipam_controller_cidrset_usage_cidrs ALPHA Gauge Gauge measuring percentage of allocated CIDRs.
    clusterCIDR
    		None
    node_ipam_controller_cirdset_max_cidrsALPHAGaugeMaximum number of CIDRs that can be allocated.
    clusterCIDR
    node_ipam_controller_multicidrset_allocation_tries_per_request ALPHA Histogram Histogram measuring CIDR allocation tries per request.
    clusterCIDR
    		None
    node_ipam_controller_multicidrset_cidrs_allocations_total ALPHA Counter Counter measuring total number of CIDR allocations.
    clusterCIDR
    		None
    node_ipam_controller_multicidrset_cidrs_releases_total ALPHA Counter Counter measuring total number of CIDR releases.
    clusterCIDR
    		None
    node_ipam_controller_multicidrset_usage_cidrs ALPHA Gauge Gauge measuring percentage of allocated CIDRs.
    clusterCIDR
    		None
    node_ipam_controller_multicirdset_max_cidrsALPHAGaugeMaximum number of CIDRs that can be allocated.
    clusterCIDR
    node_memory_working_set_bytes ALPHA Custom Current working set of the node in bytesNoneNone
    number_of_l4_ilbs ALPHA Gauge Number of L4 ILBs
    feature
    		None
    plugin_manager_total_plugins ALPHA Custom Number of plugins in Plugin Manager
    socket_path
    state
    		None
    pod_cpu_usage_seconds_total ALPHA Custom Cumulative cpu time consumed by the pod in core-seconds
    pod
    namespace
    		None
    pod_gc_collector_force_delete_pod_errors_totalALPHACounterNumber of errors encountered when forcefully deleting the pods since the Pod GC Controller started.
    pod_gc_collector_force_delete_pods_totalALPHACounterNumber of pods that are being forcefully deleted since the Pod GC Controller started.
    pod_memory_working_set_bytes ALPHA Custom Current working set of the pod in bytes
    pod
    namespace
    		None
    pod_security_errors_total ALPHA Counter Number of errors preventing normal evaluation. Non-fatal errors may result in the latest restricted profile being used for evaluation.
    fatal
    request_operation
    resource
    subresource
    		None
    pod_security_evaluations_total ALPHA Counter Number of policy evaluations that occurred, not counting ignored or exempt requests.
    decision
    mode
    policy_level
    policy_version
    request_operation
    resource
    subresource
    		None
    pod_security_exemptions_total ALPHA Counter Number of exempt requests, not counting ignored or out of scope requests.
    request_operation
    resource
    subresource
    		None
    prober_probe_duration_seconds ALPHA Histogram Duration in seconds for a probe response.
    container
    namespace
    pod
    probe_type
    		None
    prober_probe_total ALPHA Counter Cumulative number of a liveness, readiness or startup probe for a container by result.
    container
    namespace
    pod
    pod_uid
    probe_type
    result
    		None
    pv_collector_bound_pv_count ALPHA Custom Gauge measuring number of persistent volume currently bound
    storage_class
    		None
    pv_collector_bound_pvc_count ALPHA Custom Gauge measuring number of persistent volume claim currently bound
    namespace
    		None
    pv_collector_total_pv_count ALPHA Custom Gauge measuring total number of persistent volumes
    plugin_name
    volume_mode
    		None
    pv_collector_unbound_pv_count ALPHA Custom Gauge measuring number of persistent volume currently unbound
    storage_class
    		None
    pv_collector_unbound_pvc_count ALPHA Custom Gauge measuring number of persistent volume claim currently unbound
    namespace
    		None
    reconstruct_volume_operations_errors_totalALPHACounterThe number of volumes that failed reconstruction from the operating system during kubelet startup.
    reconstruct_volume_operations_totalALPHACounterThe number of volumes that were attempted to be reconstructed from the operating system during kubelet startup. This includes both successful and failed reconstruction.
    replicaset_controller_sorting_deletion_age_ratio ALPHA Histogram The ratio of chosen deleted pod's ages to the current youngest pod's age (at the time). Should be <2.The intent of this metric is to measure the rough efficacy of the LogarithmicScaleDown feature gate's effect onthe sorting (and deletion) of pods when a replicaset scales down. This only considers Ready pods when calculating and reporting.NoneNone
    resourceclaim_controller_create_attempts_totalALPHACounterNumber of ResourceClaims creation requests
    resourceclaim_controller_create_failures_totalALPHACounterNumber of ResourceClaims creation request failures
    rest_client_exec_plugin_call_total ALPHA Counter Number of calls to an exec plugin, partitioned by the type of event encountered (no_error, plugin_execution_error, plugin_not_found_error, client_internal_error) and an optional exit code. The exit code will be set to 0 if and only if the plugin call was successful.
    call_status
    code
    		None
    rest_client_exec_plugin_certificate_rotation_age ALPHA Histogram Histogram of the number of seconds the last auth exec plugin client certificate lived before being rotated. If auth exec plugin client certificates are unused, histogram will contain no data.NoneNone
    rest_client_exec_plugin_ttl_seconds ALPHA Gauge Gauge of the shortest TTL (time-to-live) of the client certificate(s) managed by the auth exec plugin. The value is in seconds until certificate expiry (negative if already expired). If auth exec plugins are unused or manage no TLS certificates, the value will be +INF.NoneNone
    rest_client_rate_limiter_duration_seconds ALPHA Histogram Client side rate limiter latency in seconds. Broken down by verb, and host.
    host
    verb
    		None
    rest_client_request_duration_seconds ALPHA Histogram Request latency in seconds. Broken down by verb, and host.
    host
    verb
    		None
    rest_client_request_retries_totalALPHACounterNumber of request retries, partitioned by status code, verb, and host.
    code
    host
    verb
    rest_client_request_size_bytes ALPHA Histogram Request size in bytes. Broken down by verb and host.
    host
    verb
    		None
    rest_client_requests_total ALPHA Counter Number of HTTP requests, partitioned by status code, method, and host.
    code
    host
    method
    		None
    rest_client_response_size_bytes ALPHA Histogram Response size in bytes. Broken down by verb and host.
    host
    verb
    		None
    retroactive_storageclass_errors_total ALPHA Counter Total number of failed retroactive StorageClass assignments to persistent volume claimNoneNone
    retroactive_storageclass_total ALPHA Counter Total number of retroactive StorageClass assignments to persistent volume claimNoneNone
    root_ca_cert_publisher_sync_duration_seconds ALPHA Histogram Number of namespace syncs happened in root ca cert publisher.
    code
    		None
    root_ca_cert_publisher_sync_total ALPHA Counter Number of namespace syncs happened in root ca cert publisher.
    code
    		None
    running_managed_controllers ALPHA Gauge Indicates where instances of a controller are currently running
    manager
    name
    		None
    scheduler_e2e_scheduling_duration_secondsALPHAHistogramE2e scheduling latency in seconds (scheduling algorithm + binding). This metric is replaced by scheduling_attempt_duration_seconds.
    profile
    result
    		None
    scheduler_goroutines ALPHA Gauge Number of running goroutines split by the work they do such as binding.
    operation
    		None
    scheduler_permit_wait_duration_seconds ALPHA Histogram Duration of waiting on permit.
    result
    		None
    scheduler_plugin_evaluation_totalALPHACounterNumber of attempts to schedule pods by each plugin and the extension point (available only in PreFilter and Filter.).
    extension_point
    plugin
    profile
    scheduler_plugin_execution_duration_seconds ALPHA Histogram Duration for running a plugin at a specific extension point.
    extension_point
    plugin
    status
    		None
    scheduler_scheduler_cache_size ALPHA Gauge Number of nodes, pods, and assumed (bound) pods in the scheduler cache.
    type
    		None
    scheduler_scheduler_goroutines ALPHA Gauge Number of running goroutines split by the work they do such as binding. This metric is replaced by the \"goroutines\" metric.
    work
    		None
    1.26.0
    scheduler_scheduling_algorithm_duration_seconds ALPHA Histogram Scheduling algorithm latency in secondsNoneNone
    scheduler_unschedulable_pods ALPHA Gauge The number of unschedulable pods broken down by plugin name. A pod will increment the gauge for all plugins that caused it to not schedule and so this metric have meaning only when broken down by plugin.
    plugin
    profile
    		None
    scheduler_volume_binder_cache_requests_total ALPHA Counter Total number for request volume binding cache
    operation
    		None
    scheduler_volume_scheduling_stage_error_total ALPHA Counter Volume scheduling stage error count
    operation
    		None
    scrape_error ALPHA Custom 1 if there was an error while getting container metrics, 0 otherwiseNoneNone
    service_controller_loadbalancer_sync_totalALPHACounterA metric counting the amount of times any load balancer has been configured, as an effect of service/node changes on the cluster
    service_controller_nodesync_error_totalALPHACounterA metric counting the amount of times any load balancer has been configured and errored, as an effect of node changes on the cluster
    service_controller_nodesync_latency_seconds ALPHA Histogram A metric measuring the latency for nodesync which updates loadbalancer hosts on cluster node updates.NoneNone
    service_controller_update_loadbalancer_host_latency_seconds ALPHA Histogram A metric measuring the latency for updating each load balancer hosts.NoneNone
    serviceaccount_legacy_tokens_total ALPHA Counter Cumulative legacy service account tokens usedNoneNone
    serviceaccount_stale_tokens_total ALPHA Counter Cumulative stale projected service account tokens usedNoneNone
    serviceaccount_valid_tokens_total ALPHA Counter Cumulative valid projected service account tokens usedNoneNone
    storage_count_attachable_volumes_in_use ALPHA Custom Measure number of volumes in use
    node
    volume_plugin
    		None
    storage_operation_duration_seconds ALPHA Histogram Storage operation duration
    migrated
    operation_name
    status
    volume_plugin
    		None
    ttl_after_finished_controller_job_deletion_duration_seconds ALPHA Histogram The time it took to delete the job since it became eligible for deletionNoneNone
    volume_manager_selinux_container_errors_total ALPHA Gauge Number of errors when kubelet cannot compute SELinux context for a container. Kubelet can't start such a Pod then and it will retry, therefore value of this metric may not represent the actual nr. of containers.NoneNone
    volume_manager_selinux_container_warnings_total ALPHA Gauge Number of errors when kubelet cannot compute SELinux context for a container that are ignored. They will become real errors when SELinuxMountReadWriteOncePod feature is expanded to all volume access modes.NoneNone
    volume_manager_selinux_pod_context_mismatch_errors_total ALPHA Gauge Number of errors when a Pod defines different SELinux contexts for its containers that use the same volume. Kubelet can't start such a Pod then and it will retry, therefore value of this metric may not represent the actual nr. of Pods.NoneNone
    volume_manager_selinux_pod_context_mismatch_warnings_total ALPHA Gauge Number of errors when a Pod defines different SELinux contexts for its containers that use the same volume. They are not errors yet, but they will become real errors when SELinuxMountReadWriteOncePod feature is expanded to all volume access modes.NoneNone
    volume_manager_selinux_volume_context_mismatch_errors_total ALPHA Gauge Number of errors when a Pod uses a volume that is already mounted with a different SELinux context than the Pod needs. Kubelet can't start such a Pod then and it will retry, therefore value of this metric may not represent the actual nr. of Pods.NoneNone
    volume_manager_selinux_volume_context_mismatch_warnings_total ALPHA Gauge Number of errors when a Pod uses a volume that is already mounted with a different SELinux context than the Pod needs. They are not errors yet, but they will become real errors when SELinuxMountReadWriteOncePod feature is expanded to all volume access modes.NoneNone
    volume_manager_selinux_volumes_admitted_total ALPHA Gauge Number of volumes whose SELinux context was fine and will be mounted with mount -o context option.NoneNone
    volume_manager_total_volumes ALPHA Custom Number of volumes in Volume Manager
    plugin_name
    state
    		None
    volume_operation_total_errors ALPHA Counter Total volume operation errors
    operation_name
    plugin_name
    		None
    volume_operation_total_seconds ALPHA Histogram Storage operation end to end duration in seconds
    operation_name
    plugin_name
    		None
    watch_cache_capacity ALPHA Gauge Total capacity of watch cache broken by resource type.
    resource
    		None
    watch_cache_capacity_decrease_total ALPHA Counter Total number of watch cache capacity decrease events broken by resource type.
    resource
    		None
    watch_cache_capacity_increase_total ALPHA Counter Total number of watch cache capacity increase events broken by resource type.
    resource
    		None
    workqueue_adds_total ALPHA Counter Total number of adds handled by workqueue
    name
    		None
    workqueue_depth ALPHA Gauge Current depth of workqueue
    name
    		None
    workqueue_longest_running_processor_seconds ALPHA Gauge How many seconds has the longest running processor for workqueue been running.
    name
    		None
    workqueue_queue_duration_seconds ALPHA Histogram How long in seconds an item stays in workqueue before being requested.
    name
    		None
    workqueue_retries_total ALPHA Counter Total number of retries handled by workqueue
    name
    		None
    workqueue_unfinished_work_seconds ALPHA Gauge How many seconds of work has done that is in progress and hasn't been observed by work_duration. Large values indicate stuck threads. One can deduce the number of stuck threads by observing the rate at which this increases.
    name
    		None
    workqueue_work_duration_seconds ALPHA Histogram How long in seconds processing an item from workqueue takes.
    name
    		None
    diff --git a/content/en/docs/reference/instrumentation/slis.md b/content/en/docs/reference/instrumentation/slis.md index 744df09336e..3b559a398c9 100644 --- a/content/en/docs/reference/instrumentation/slis.md +++ b/content/en/docs/reference/instrumentation/slis.md @@ -9,13 +9,13 @@ weight: 20 -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} -As an alpha feature, Kubernetes lets you configure Service Level Indicator (SLI) metrics +By default, Kubernetes {{< skew currentVersion >}} publishes Service Level Indicator (SLI) metrics for each Kubernetes component binary. This metric endpoint is exposed on the serving -HTTPS port of each component, at the path `/metrics/slis`. You must enable the +HTTPS port of each component, at the path `/metrics/slis`. The `ComponentSLIs` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) -for every component from which you want to scrape SLI metrics. +defaults to enabled for each Kubernetes component as of v1.27. diff --git a/content/en/docs/reference/issues-security/official-cve-feed.md b/content/en/docs/reference/issues-security/official-cve-feed.md index 11eb4edee1d..70497a1adfe 100644 --- a/content/en/docs/reference/issues-security/official-cve-feed.md +++ b/content/en/docs/reference/issues-security/official-cve-feed.md @@ -9,7 +9,7 @@ outputs: layout: cve-feed --- -{{< feature-state for_k8s_version="v1.25" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} This is a community maintained list of official CVEs announced by the Kubernetes Security Response Committee. See diff --git a/content/en/docs/reference/kubectl/conventions.md b/content/en/docs/reference/kubectl/conventions.md index 2b2cb34ceca..0aaf4ef3daf 100644 --- a/content/en/docs/reference/kubectl/conventions.md +++ b/content/en/docs/reference/kubectl/conventions.md @@ -22,9 +22,11 @@ For a stable output in a script: ## Subresources -* You can use the `--subresource` alpha flag for kubectl commands like `get`, `patch`, +* You can use the `--subresource` beta flag for kubectl commands like `get`, `patch`, `edit` and `replace` to fetch and update subresources for all resources that support them. Currently, only the `status` and `scale` subresources are supported. + * For `kubectl edit`, the `scale` subresource is not supported. If you use `--subresource` with + `kubectl edit` and specify `scale` as the subresource, the command will error out. * The API contract against a subresource is identical to a full resource. While updating the `status` subresource to a new value, keep in mind that the subresource could be potentially reconciled by a controller to a different value. diff --git a/content/en/docs/reference/kubectl/kubectl.md b/content/en/docs/reference/kubectl/kubectl.md index 00314826750..aa92d9f9685 100644 --- a/content/en/docs/reference/kubectl/kubectl.md +++ b/content/en/docs/reference/kubectl/kubectl.md @@ -361,6 +361,14 @@ kubectl [flags] + +KUBECTL_ENABLE_CMD_SHADOW + + +When set to true, external plugins can be used as subcommands for builtin commands if subcommand does not exist. In alpha stage, this feature can only be used for create command(e.g. kubectl create networkpolicy). + + + diff --git a/content/en/docs/reference/kubernetes-api/authentication-resources/certificate-signing-request-v1.md b/content/en/docs/reference/kubernetes-api/authentication-resources/certificate-signing-request-v1.md index 6d262358596..e462d8ad876 100644 --- a/content/en/docs/reference/kubernetes-api/authentication-resources/certificate-signing-request-v1.md +++ b/content/en/docs/reference/kubernetes-api/authentication-resources/certificate-signing-request-v1.md @@ -404,6 +404,11 @@ GET /apis/certificates.k8s.io/v1/certificatesigningrequests }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -899,6 +904,11 @@ DELETE /apis/certificates.k8s.io/v1/certificatesigningrequests }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/authentication-resources/cluster-trust-bundle-v1alpha1.md b/content/en/docs/reference/kubernetes-api/authentication-resources/cluster-trust-bundle-v1alpha1.md new file mode 100644 index 00000000000..97449346323 --- /dev/null +++ b/content/en/docs/reference/kubernetes-api/authentication-resources/cluster-trust-bundle-v1alpha1.md @@ -0,0 +1,506 @@ +--- +api_metadata: + apiVersion: "certificates.k8s.io/v1alpha1" + import: "k8s.io/api/certificates/v1alpha1" + kind: "ClusterTrustBundle" +content_type: "api_reference" +description: "ClusterTrustBundle is a cluster-scoped container for X." +title: "ClusterTrustBundle v1alpha1" +weight: 5 +auto_generated: true +--- + + + +`apiVersion: certificates.k8s.io/v1alpha1` + +`import "k8s.io/api/certificates/v1alpha1"` + + +## ClusterTrustBundle {#ClusterTrustBundle} + +ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates). + +ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to. + +It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle. + +
    + +- **apiVersion**: certificates.k8s.io/v1alpha1 + + +- **kind**: ClusterTrustBundle + + +- **metadata** (}}">ObjectMeta) + + metadata contains the object metadata. + +- **spec** (}}">ClusterTrustBundleSpec), required + + spec contains the signer (if any) and trust anchors. + + + + + +## ClusterTrustBundleSpec {#ClusterTrustBundleSpec} + +ClusterTrustBundleSpec contains the signer and trust anchors. + +
    + +- **trustBundle** (string), required + + trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates. + + The data must consist only of PEM certificate blocks that parse as valid X.509 certificates. Each certificate must include a basic constraints extension with the CA bit set. The API server will reject objects that contain duplicate certificates, or that use PEM block headers. + + Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data. + +- **signerName** (string) + + signerName indicates the associated signer, if any. + + In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=\ verb=attest. + + If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`. + + If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix. + + List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector. + + + + + +## ClusterTrustBundleList {#ClusterTrustBundleList} + +ClusterTrustBundleList is a collection of ClusterTrustBundle objects + +
    + +- **apiVersion**: certificates.k8s.io/v1alpha1 + + +- **kind**: ClusterTrustBundleList + + +- **metadata** (}}">ListMeta) + + metadata contains the list metadata. + +- **items** ([]}}">ClusterTrustBundle), required + + items is a collection of ClusterTrustBundle objects + + + + + +## Operations {#Operations} + + + +
    + + + + + + +### `get` read the specified ClusterTrustBundle + +#### HTTP Request + +GET /apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name} + +#### Parameters + + +- **name** (*in path*): string, required + + name of the ClusterTrustBundle + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">ClusterTrustBundle): OK + +401: Unauthorized + + +### `list` list or watch objects of kind ClusterTrustBundle + +#### HTTP Request + +GET /apis/certificates.k8s.io/v1alpha1/clustertrustbundles + +#### Parameters + + +- **allowWatchBookmarks** (*in query*): boolean + + }}">allowWatchBookmarks + + +- **continue** (*in query*): string + + }}">continue + + +- **fieldSelector** (*in query*): string + + }}">fieldSelector + + +- **labelSelector** (*in query*): string + + }}">labelSelector + + +- **limit** (*in query*): integer + + }}">limit + + +- **pretty** (*in query*): string + + }}">pretty + + +- **resourceVersion** (*in query*): string + + }}">resourceVersion + + +- **resourceVersionMatch** (*in query*): string + + }}">resourceVersionMatch + + +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + +- **timeoutSeconds** (*in query*): integer + + }}">timeoutSeconds + + +- **watch** (*in query*): boolean + + }}">watch + + + +#### Response + + +200 (}}">ClusterTrustBundleList): OK + +401: Unauthorized + + +### `create` create a ClusterTrustBundle + +#### HTTP Request + +POST /apis/certificates.k8s.io/v1alpha1/clustertrustbundles + +#### Parameters + + +- **body**: }}">ClusterTrustBundle, required + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">ClusterTrustBundle): OK + +201 (}}">ClusterTrustBundle): Created + +202 (}}">ClusterTrustBundle): Accepted + +401: Unauthorized + + +### `update` replace the specified ClusterTrustBundle + +#### HTTP Request + +PUT /apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name} + +#### Parameters + + +- **name** (*in path*): string, required + + name of the ClusterTrustBundle + + +- **body**: }}">ClusterTrustBundle, required + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">ClusterTrustBundle): OK + +201 (}}">ClusterTrustBundle): Created + +401: Unauthorized + + +### `patch` partially update the specified ClusterTrustBundle + +#### HTTP Request + +PATCH /apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name} + +#### Parameters + + +- **name** (*in path*): string, required + + name of the ClusterTrustBundle + + +- **body**: }}">Patch, required + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **force** (*in query*): boolean + + }}">force + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">ClusterTrustBundle): OK + +201 (}}">ClusterTrustBundle): Created + +401: Unauthorized + + +### `delete` delete a ClusterTrustBundle + +#### HTTP Request + +DELETE /apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name} + +#### Parameters + + +- **name** (*in path*): string, required + + name of the ClusterTrustBundle + + +- **body**: }}">DeleteOptions + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **gracePeriodSeconds** (*in query*): integer + + }}">gracePeriodSeconds + + +- **pretty** (*in query*): string + + }}">pretty + + +- **propagationPolicy** (*in query*): string + + }}">propagationPolicy + + + +#### Response + + +200 (}}">Status): OK + +202 (}}">Status): Accepted + +401: Unauthorized + + +### `deletecollection` delete collection of ClusterTrustBundle + +#### HTTP Request + +DELETE /apis/certificates.k8s.io/v1alpha1/clustertrustbundles + +#### Parameters + + +- **body**: }}">DeleteOptions + + + + +- **continue** (*in query*): string + + }}">continue + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldSelector** (*in query*): string + + }}">fieldSelector + + +- **gracePeriodSeconds** (*in query*): integer + + }}">gracePeriodSeconds + + +- **labelSelector** (*in query*): string + + }}">labelSelector + + +- **limit** (*in query*): integer + + }}">limit + + +- **pretty** (*in query*): string + + }}">pretty + + +- **propagationPolicy** (*in query*): string + + }}">propagationPolicy + + +- **resourceVersion** (*in query*): string + + }}">resourceVersion + + +- **resourceVersionMatch** (*in query*): string + + }}">resourceVersionMatch + + +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + +- **timeoutSeconds** (*in query*): integer + + }}">timeoutSeconds + + + +#### Response + + +200 (}}">Status): OK + +401: Unauthorized + diff --git a/content/en/docs/reference/kubernetes-api/authentication-resources/self-subject-review-v1beta1.md b/content/en/docs/reference/kubernetes-api/authentication-resources/self-subject-review-v1beta1.md new file mode 100644 index 00000000000..064d3f8f027 --- /dev/null +++ b/content/en/docs/reference/kubernetes-api/authentication-resources/self-subject-review-v1beta1.md @@ -0,0 +1,142 @@ +--- +api_metadata: + apiVersion: "authentication.k8s.io/v1beta1" + import: "k8s.io/api/authentication/v1beta1" + kind: "SelfSubjectReview" +content_type: "api_reference" +description: "SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request." +title: "SelfSubjectReview v1beta1" +weight: 6 +auto_generated: true +--- + + + +`apiVersion: authentication.k8s.io/v1beta1` + +`import "k8s.io/api/authentication/v1beta1"` + + +## SelfSubjectReview {#SelfSubjectReview} + +SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. When using impersonation, users will receive the user info of the user being impersonated. If impersonation or request header authentication is used, any extra keys will have their case ignored and returned as lowercase. + +
    + +- **apiVersion**: authentication.k8s.io/v1beta1 + + +- **kind**: SelfSubjectReview + + +- **metadata** (}}">ObjectMeta) + + Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + +- **status** (}}">SelfSubjectReviewStatus) + + Status is filled in by the server with the user attributes. + + + + + +## SelfSubjectReviewStatus {#SelfSubjectReviewStatus} + +SelfSubjectReviewStatus is filled by the kube-apiserver and sent back to a user. + +
    + +- **userInfo** (UserInfo) + + User attributes of the user making this request. + + + *UserInfo holds the information about the user needed to implement the user.Info interface.* + + - **userInfo.extra** (map[string][]string) + + Any additional information provided by the authenticator. + + - **userInfo.groups** ([]string) + + The names of groups this user is a part of. + + - **userInfo.uid** (string) + + A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs. + + - **userInfo.username** (string) + + The name that uniquely identifies this user among all active users. + + + + + +## Operations {#Operations} + + + +
    + + + + + + +### `create` create a SelfSubjectReview + +#### HTTP Request + +POST /apis/authentication.k8s.io/v1beta1/selfsubjectreviews + +#### Parameters + + +- **body**: }}">SelfSubjectReview, required + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">SelfSubjectReview): OK + +201 (}}">SelfSubjectReview): Created + +202 (}}">SelfSubjectReview): Accepted + +401: Unauthorized + diff --git a/content/en/docs/reference/kubernetes-api/authentication-resources/service-account-v1.md b/content/en/docs/reference/kubernetes-api/authentication-resources/service-account-v1.md index f68e674c67e..589f0b923c7 100644 --- a/content/en/docs/reference/kubernetes-api/authentication-resources/service-account-v1.md +++ b/content/en/docs/reference/kubernetes-api/authentication-resources/service-account-v1.md @@ -182,6 +182,11 @@ GET /api/v1/namespaces/{namespace}/serviceaccounts }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -250,6 +255,11 @@ GET /api/v1/serviceaccounts }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -560,6 +570,11 @@ DELETE /api/v1/namespaces/{namespace}/serviceaccounts }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/authorization-resources/cluster-role-binding-v1.md b/content/en/docs/reference/kubernetes-api/authorization-resources/cluster-role-binding-v1.md index a99b970be9b..f84ba0fcf6c 100644 --- a/content/en/docs/reference/kubernetes-api/authorization-resources/cluster-role-binding-v1.md +++ b/content/en/docs/reference/kubernetes-api/authorization-resources/cluster-role-binding-v1.md @@ -200,6 +200,11 @@ GET /apis/rbac.authorization.k8s.io/v1/clusterrolebindings }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -485,6 +490,11 @@ DELETE /apis/rbac.authorization.k8s.io/v1/clusterrolebindings }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/authorization-resources/cluster-role-v1.md b/content/en/docs/reference/kubernetes-api/authorization-resources/cluster-role-v1.md index 387737af3b5..b7e87bf0cca 100644 --- a/content/en/docs/reference/kubernetes-api/authorization-resources/cluster-role-v1.md +++ b/content/en/docs/reference/kubernetes-api/authorization-resources/cluster-role-v1.md @@ -196,6 +196,11 @@ GET /apis/rbac.authorization.k8s.io/v1/clusterroles }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -481,6 +486,11 @@ DELETE /apis/rbac.authorization.k8s.io/v1/clusterroles }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/authorization-resources/role-binding-v1.md b/content/en/docs/reference/kubernetes-api/authorization-resources/role-binding-v1.md index 6f2ad19fa6c..75d4d5f0f84 100644 --- a/content/en/docs/reference/kubernetes-api/authorization-resources/role-binding-v1.md +++ b/content/en/docs/reference/kubernetes-api/authorization-resources/role-binding-v1.md @@ -210,6 +210,11 @@ GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -278,6 +283,11 @@ GET /apis/rbac.authorization.k8s.io/v1/rolebindings }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -588,6 +598,11 @@ DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/authorization-resources/role-v1.md b/content/en/docs/reference/kubernetes-api/authorization-resources/role-v1.md index ab854e246a8..6b378be7caf 100644 --- a/content/en/docs/reference/kubernetes-api/authorization-resources/role-v1.md +++ b/content/en/docs/reference/kubernetes-api/authorization-resources/role-v1.md @@ -195,6 +195,11 @@ GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -263,6 +268,11 @@ GET /apis/rbac.authorization.k8s.io/v1/roles }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -573,6 +583,11 @@ DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/authorization-resources/self-subject-review-v1alpha1.md b/content/en/docs/reference/kubernetes-api/authorization-resources/self-subject-review-v1alpha1.md index ace01dcaf55..a8ed8464f21 100644 --- a/content/en/docs/reference/kubernetes-api/authorization-resources/self-subject-review-v1alpha1.md +++ b/content/en/docs/reference/kubernetes-api/authorization-resources/self-subject-review-v1alpha1.md @@ -28,7 +28,7 @@ guide. You can file document formatting bugs against the ## SelfSubjectReview {#SelfSubjectReview} -SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. When using impersonation, users will receive the user info of the user being impersonated. +SelfSubjectReview contains the user information that the kube-apiserver has about the user making this request. When using impersonation, users will receive the user info of the user being impersonated. If impersonation or request header authentication is used, any extra keys will have their case ignored and returned as lowercase.
    diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/api-service-v1.md b/content/en/docs/reference/kubernetes-api/cluster-resources/api-service-v1.md index 81a7620d084..59df5a5e0e6 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/api-service-v1.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/api-service-v1.md @@ -293,6 +293,11 @@ GET /apis/apiregistration.k8s.io/v1/apiservices }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -683,6 +688,11 @@ DELETE /apis/apiregistration.k8s.io/v1/apiservices }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1.md b/content/en/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1.md index 82f8eb92288..4fdf307e974 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1.md @@ -44,7 +44,7 @@ ClusterCIDR represents a single configuration for per-Node Pod CIDR allocations - **spec** (}}">ClusterCIDRSpec) - Spec is the desired state of the ClusterCIDR. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + spec is the desired state of the ClusterCIDR. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status @@ -58,19 +58,19 @@ ClusterCIDRSpec defines the desired state of ClusterCIDR. - **perNodeHostBits** (int32), required - PerNodeHostBits defines the number of host bits to be configured per node. A subnet mask determines how much of the address is used for network bits and host bits. For example an IPv4 address of 192.168.0.0/24, splits the address into 24 bits for the network portion and 8 bits for the host portion. To allocate 256 IPs, set this field to 8 (a /24 mask for IPv4 or a /120 for IPv6). Minimum value is 4 (16 IPs). This field is immutable. + perNodeHostBits defines the number of host bits to be configured per node. A subnet mask determines how much of the address is used for network bits and host bits. For example an IPv4 address of 192.168.0.0/24, splits the address into 24 bits for the network portion and 8 bits for the host portion. To allocate 256 IPs, set this field to 8 (a /24 mask for IPv4 or a /120 for IPv6). Minimum value is 4 (16 IPs). This field is immutable. - **ipv4** (string) - IPv4 defines an IPv4 IP block in CIDR notation(e.g. "10.0.0.0/8"). At least one of IPv4 and IPv6 must be specified. This field is immutable. + ipv4 defines an IPv4 IP block in CIDR notation(e.g. "10.0.0.0/8"). At least one of ipv4 and ipv6 must be specified. This field is immutable. - **ipv6** (string) - IPv6 defines an IPv6 IP block in CIDR notation(e.g. "2001:db8::/64"). At least one of IPv4 and IPv6 must be specified. This field is immutable. + ipv6 defines an IPv6 IP block in CIDR notation(e.g. "2001:db8::/64"). At least one of ipv4 and ipv6 must be specified. This field is immutable. - **nodeSelector** (NodeSelector) - NodeSelector defines which nodes the config is applicable to. An empty or nil NodeSelector selects all nodes. This field is immutable. + nodeSelector defines which nodes the config is applicable to. An empty or nil nodeSelector selects all nodes. This field is immutable. *A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.* @@ -112,7 +112,7 @@ ClusterCIDRList contains a list of ClusterCIDR. - **items** ([]}}">ClusterCIDR), required - Items is the list of ClusterCIDRs. + items is the list of ClusterCIDRs. @@ -206,6 +206,11 @@ GET /apis/networking.k8s.io/v1alpha1/clustercidrs }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -491,6 +496,11 @@ DELETE /apis/networking.k8s.io/v1alpha1/clustercidrs }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/component-status-v1.md b/content/en/docs/reference/kubernetes-api/cluster-resources/component-status-v1.md index 0542fedfbd7..f1bcf3b0654 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/component-status-v1.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/component-status-v1.md @@ -183,6 +183,11 @@ GET /api/v1/componentstatuses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/event-v1.md b/content/en/docs/reference/kubernetes-api/cluster-resources/event-v1.md index 20ed36b1abd..fcdec600ee7 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/event-v1.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/event-v1.md @@ -258,6 +258,11 @@ GET /apis/events.k8s.io/v1/namespaces/{namespace}/events }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -326,6 +331,11 @@ GET /apis/events.k8s.io/v1/events }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -636,6 +646,11 @@ DELETE /apis/events.k8s.io/v1/namespaces/{namespace}/events }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/flow-schema-v1beta3.md b/content/en/docs/reference/kubernetes-api/cluster-resources/flow-schema-v1beta3.md index e325b3d7777..94957e33ba2 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/flow-schema-v1beta3.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/flow-schema-v1beta3.md @@ -397,6 +397,11 @@ GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -787,6 +792,11 @@ DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/lease-v1.md b/content/en/docs/reference/kubernetes-api/cluster-resources/lease-v1.md index b33e8ee19a7..c88ee6d7e4d 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/lease-v1.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/lease-v1.md @@ -44,7 +44,7 @@ Lease defines a lease concept. - **spec** (}}">LeaseSpec) - Specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + spec contains the specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status @@ -69,7 +69,7 @@ LeaseSpec is a specification of a Lease. - **leaseDurationSeconds** (int32) - leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime. + leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed renewTime. - **leaseTransitions** (int32) @@ -104,7 +104,7 @@ LeaseList is a list of Lease objects. - **items** ([]}}">Lease), required - Items is a list of schema objects. + items is a list of schema objects. @@ -208,6 +208,11 @@ GET /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -276,6 +281,11 @@ GET /apis/coordination.k8s.io/v1/leases }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -586,6 +596,11 @@ DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/namespace-v1.md b/content/en/docs/reference/kubernetes-api/cluster-resources/namespace-v1.md index 0871c397d3a..6388d7126e4 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/namespace-v1.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/namespace-v1.md @@ -106,8 +106,6 @@ NamespaceStatus is information about the current status of a Namespace. - **phase** (string) Phase is the current lifecycle phase of the namespace. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/ - - @@ -253,6 +251,11 @@ GET /api/v1/namespaces }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/node-v1.md b/content/en/docs/reference/kubernetes-api/cluster-resources/node-v1.md index a6317d1dc98..0a73ea2cb2d 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/node-v1.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/node-v1.md @@ -120,8 +120,6 @@ NodeSpec describes the attributes that a node is created with. - **taints.effect** (string), required Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. - - - **taints.key** (string), required @@ -156,7 +154,7 @@ NodeStatus is information about the current status of a node. *Patch strategy: merge on key `type`* - List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. + List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP). *NodeAddress contains information for the node's address.* @@ -412,8 +410,6 @@ NodeStatus is information about the current status of a node. - **phase** (string) NodePhase is the recently observed lifecycle phase of the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#phase The field is never populated, and now is deprecated. - - - **volumesAttached** ([]AttachedVolume) @@ -578,6 +574,11 @@ GET /api/v1/nodes }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -968,6 +969,11 @@ DELETE /api/v1/nodes }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/priority-level-configuration-v1beta3.md b/content/en/docs/reference/kubernetes-api/cluster-resources/priority-level-configuration-v1beta3.md index 5a17134f65d..420699dfaf0 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/priority-level-configuration-v1beta3.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/priority-level-configuration-v1beta3.md @@ -313,6 +313,11 @@ GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -703,6 +708,11 @@ DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/cluster-resources/runtime-class-v1.md b/content/en/docs/reference/kubernetes-api/cluster-resources/runtime-class-v1.md index 4f8bb7571de..0fade3be57e 100644 --- a/content/en/docs/reference/kubernetes-api/cluster-resources/runtime-class-v1.md +++ b/content/en/docs/reference/kubernetes-api/cluster-resources/runtime-class-v1.md @@ -44,11 +44,11 @@ RuntimeClass defines a class of container runtime supported in the cluster. The - **handler** (string), required - Handler specifies the underlying runtime and configuration that the CRI implementation will use to handle pods of this class. The possible values are specific to the node & CRI configuration. It is assumed that all handlers are available on every node, and handlers of the same name are equivalent on every node. For example, a handler called "runc" might specify that the runc OCI runtime (using native Linux containers) will be used to run the containers in a pod. The Handler must be lowercase, conform to the DNS Label (RFC 1123) requirements, and is immutable. + handler specifies the underlying runtime and configuration that the CRI implementation will use to handle pods of this class. The possible values are specific to the node & CRI configuration. It is assumed that all handlers are available on every node, and handlers of the same name are equivalent on every node. For example, a handler called "runc" might specify that the runc OCI runtime (using native Linux containers) will be used to run the containers in a pod. The Handler must be lowercase, conform to the DNS Label (RFC 1123) requirements, and is immutable. - **overhead** (Overhead) - Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. For more details, see + overhead represents the resource overhead associated with running a pod for a given RuntimeClass. For more details, see https://kubernetes.io/docs/concepts/scheduling-eviction/pod-overhead/ @@ -56,11 +56,11 @@ RuntimeClass defines a class of container runtime supported in the cluster. The - **overhead.podFixed** (map[string]}}">Quantity) - PodFixed represents the fixed resource overhead associated with running a pod. + podFixed represents the fixed resource overhead associated with running a pod. - **scheduling** (Scheduling) - Scheduling holds the scheduling constraints to ensure that pods running with this RuntimeClass are scheduled to nodes that support it. If scheduling is nil, this RuntimeClass is assumed to be supported by all nodes. + scheduling holds the scheduling constraints to ensure that pods running with this RuntimeClass are scheduled to nodes that support it. If scheduling is nil, this RuntimeClass is assumed to be supported by all nodes. *Scheduling specifies the scheduling constraints for nodes supporting a RuntimeClass.* @@ -85,8 +85,6 @@ RuntimeClass defines a class of container runtime supported in the cluster. The - **scheduling.tolerations.operator** (string) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. - - - **scheduling.tolerations.value** (string) @@ -95,8 +93,6 @@ RuntimeClass defines a class of container runtime supported in the cluster. The - **scheduling.tolerations.effect** (string) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - - - **scheduling.tolerations.tolerationSeconds** (int64) @@ -124,7 +120,7 @@ RuntimeClassList is a list of RuntimeClass objects. - **items** ([]}}">RuntimeClass), required - Items is a list of schema objects. + items is a list of schema objects. @@ -218,6 +214,11 @@ GET /apis/node.k8s.io/v1/runtimeclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -503,6 +504,11 @@ DELETE /apis/node.k8s.io/v1/runtimeclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/common-definitions/node-selector-requirement.md b/content/en/docs/reference/kubernetes-api/common-definitions/node-selector-requirement.md index 4cbdb7881d8..33af2e88e30 100644 --- a/content/en/docs/reference/kubernetes-api/common-definitions/node-selector-requirement.md +++ b/content/en/docs/reference/kubernetes-api/common-definitions/node-selector-requirement.md @@ -36,9 +36,7 @@ A node selector requirement is a selector that contains values, a key, and an op - **operator** (string), required - Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist, Gt, and Lt. - - + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - **values** ([]string) diff --git a/content/en/docs/reference/kubernetes-api/common-definitions/object-meta.md b/content/en/docs/reference/kubernetes-api/common-definitions/object-meta.md index 199d4ff7d70..9386baeb83e 100644 --- a/content/en/docs/reference/kubernetes-api/common-definitions/object-meta.md +++ b/content/en/docs/reference/kubernetes-api/common-definitions/object-meta.md @@ -32,7 +32,7 @@ ObjectMeta is metadata that all persisted resources must have, which includes al - **name** (string) - Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names + Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - **generateName** (string) @@ -46,15 +46,15 @@ ObjectMeta is metadata that all persisted resources must have, which includes al Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. - Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + Must be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces - **labels** (map[string]string) - Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels + Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels - **annotations** (map[string]string) - Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations + Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations @@ -129,11 +129,11 @@ ObjectMeta is metadata that all persisted resources must have, which includes al - **ownerReferences.name** (string), required - Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names - **ownerReferences.uid** (string), required - UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids - **ownerReferences.blockOwnerDeletion** (boolean) @@ -186,7 +186,7 @@ ObjectMeta is metadata that all persisted resources must have, which includes al UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. - Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids diff --git a/content/en/docs/reference/kubernetes-api/common-definitions/status.md b/content/en/docs/reference/kubernetes-api/common-definitions/status.md index d40a22d6dae..9688eebe5ff 100644 --- a/content/en/docs/reference/kubernetes-api/common-definitions/status.md +++ b/content/en/docs/reference/kubernetes-api/common-definitions/status.md @@ -86,7 +86,7 @@ Status is a return value for calls that don't return other objects. - **details.uid** (string) - UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids + UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids - **kind** (string) diff --git a/content/en/docs/reference/kubernetes-api/common-parameters/common-parameters.md b/content/en/docs/reference/kubernetes-api/common-parameters/common-parameters.md index 1b290a716b7..95a8f5dd37c 100644 --- a/content/en/docs/reference/kubernetes-api/common-parameters/common-parameters.md +++ b/content/en/docs/reference/kubernetes-api/common-parameters/common-parameters.md @@ -80,7 +80,7 @@ A selector to restrict the list of returned objects by their fields. Defaults to ## fieldValidation {#fieldValidation} -fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered. +fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    @@ -184,6 +184,28 @@ Defaults to unset +## sendInitialEvents {#sendInitialEvents} + +`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched. + +When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan + is interpreted as "data at least as new as the provided `resourceVersion`" + and the bookmark event is send when the state is synced + to a `resourceVersion` at least as fresh as the one provided by the ListOptions. + If `resourceVersion` is unset, this is interpreted as "consistent read" and the + bookmark event is send when the state is synced at least to the moment + when request started being processed. +- `resourceVersionMatch` set to any other value or unset + Invalid error is returned. + +Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise. + +
    + + + + + ## timeoutSeconds {#timeoutSeconds} Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity. diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/config-map-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/config-map-v1.md index c0619358ab2..78318e2a089 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/config-map-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/config-map-v1.md @@ -180,6 +180,11 @@ GET /api/v1/namespaces/{namespace}/configmaps }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -248,6 +253,11 @@ GET /api/v1/configmaps }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -558,6 +568,11 @@ DELETE /api/v1/namespaces/{namespace}/configmaps }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1.md index 911ef8e77e5..8f331c62bd0 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1.md @@ -44,7 +44,7 @@ CSIDriver captures information about a Container Storage Interface (CSI) volume - **spec** (}}">CSIDriverSpec), required - Specification of the CSI Driver. + spec represents the specification of the CSI Driver. @@ -64,7 +64,7 @@ CSIDriverSpec is the specification of a CSIDriver. - **fsGroupPolicy** (string) - Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details. + fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details. This field is immutable. @@ -72,7 +72,11 @@ CSIDriverSpec is the specification of a CSIDriver. - **podInfoOnMount** (boolean) - If set to true, podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations. If set to false, pod information will not be passed on mount. Default is false. The CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext. The following VolumeConext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. "csi.storage.k8s.io/pod.name": pod.Name "csi.storage.k8s.io/pod.namespace": pod.Namespace "csi.storage.k8s.io/pod.uid": string(pod.UID) "csi.storage.k8s.io/ephemeral": "true" if the volume is an ephemeral inline volume + podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false. + + The CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext. + + The following VolumeConext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. "csi.storage.k8s.io/pod.name": pod.Name "csi.storage.k8s.io/pod.namespace": pod.Namespace "csi.storage.k8s.io/pod.uid": string(pod.UID) "csi.storage.k8s.io/ephemeral": "true" if the volume is an ephemeral inline volume defined by a CSIVolumeSource, otherwise "false" "csi.storage.k8s.io/ephemeral" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the "Persistent" and "Ephemeral" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver. @@ -81,13 +85,13 @@ CSIDriverSpec is the specification of a CSIDriver. - **requiresRepublish** (boolean) - RequiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false. + requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false. Note: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container. - **seLinuxMount** (boolean) - SELinuxMount specifies if the CSI driver supports "-o context" mount option. + seLinuxMount specifies if the CSI driver supports "-o context" mount option. When "true", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with "-o context=xyz" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context. @@ -97,7 +101,7 @@ CSIDriverSpec is the specification of a CSIDriver. - **storageCapacity** (boolean) - If set to true, storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information. + storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true. The check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object. @@ -109,7 +113,7 @@ CSIDriverSpec is the specification of a CSIDriver. *Atomic: will be replaced during a merge* - TokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: "csi.storage.k8s.io/serviceAccount.tokens": { + tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: "csi.storage.k8s.io/serviceAccount.tokens": { "\": { "token": \, "expirationTimestamp": \, @@ -124,19 +128,23 @@ CSIDriverSpec is the specification of a CSIDriver. - **tokenRequests.audience** (string), required - Audience is the intended audience of the token in "TokenRequestSpec". It will default to the audiences of kube apiserver. + audience is the intended audience of the token in "TokenRequestSpec". It will default to the audiences of kube apiserver. - **tokenRequests.expirationSeconds** (int64) - ExpirationSeconds is the duration of validity of the token in "TokenRequestSpec". It has the same default value of "ExpirationSeconds" in "TokenRequestSpec". + expirationSeconds is the duration of validity of the token in "TokenRequestSpec". It has the same default value of "ExpirationSeconds" in "TokenRequestSpec". - **volumeLifecycleModes** ([]string) *Set: unique values will be kept during a merge* - volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is "Persistent", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism. The other mode is "Ephemeral". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume. For more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future. This field is beta. + volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is "Persistent", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism. - This field is immutable. + The other mode is "Ephemeral". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume. + + For more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future. + + This field is beta. This field is immutable. @@ -254,6 +262,11 @@ GET /apis/storage.k8s.io/v1/csidrivers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -539,6 +552,11 @@ DELETE /apis/storage.k8s.io/v1/csidrivers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-node-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-node-v1.md index cfaf156fa51..2315e13a76d 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-node-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-node-v1.md @@ -40,7 +40,7 @@ CSINode holds information about all CSI drivers installed on a node. CSI drivers - **metadata** (}}">ObjectMeta) - metadata.name must be the Kubernetes node name. + Standard object's metadata. metadata.name must be the Kubernetes node name. - **spec** (}}">CSINodeSpec), required @@ -67,7 +67,7 @@ CSINodeSpec holds information about the specification of all CSI drivers install - **drivers.name** (string), required - This is the name of the CSI driver that this object refers to. This MUST be the same name returned by the CSI GetPluginName() call for that driver. + name represents the name of the CSI driver that this object refers to. This MUST be the same name returned by the CSI GetPluginName() call for that driver. - **drivers.nodeID** (string), required @@ -82,7 +82,7 @@ CSINodeSpec holds information about the specification of all CSI drivers install - **drivers.allocatable.count** (int32) - Maximum number of unique volumes managed by the CSI driver that can be used on a node. A volume that is both attached and mounted on a node is considered to be used once, not twice. The same rule applies for a unique volume that is shared among multiple pods on the same node. If this field is not specified, then the supported number of volumes on this node is unbounded. + count indicates the maximum number of unique volumes managed by the CSI driver that can be used on a node. A volume that is both attached and mounted on a node is considered to be used once, not twice. The same rule applies for a unique volume that is shared among multiple pods on the same node. If this field is not specified, then the supported number of volumes on this node is unbounded. - **drivers.topologyKeys** ([]string) @@ -204,6 +204,11 @@ GET /apis/storage.k8s.io/v1/csinodes }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -489,6 +494,11 @@ DELETE /apis/storage.k8s.io/v1/csinodes }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-storage-capacity-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-storage-capacity-v1.md index cf4df4befe4..a1414630a81 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-storage-capacity-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/csi-storage-capacity-v1.md @@ -48,7 +48,7 @@ They are consumed by the kube-scheduler when a CSI driver opts into capacity-awa - **metadata** (}}">ObjectMeta) - Standard object's metadata. The name has no particular meaning. It must be be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-\, a generated name, or a reverse-domain name which ends with the unique CSI driver name. + Standard object's metadata. The name has no particular meaning. It must be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-\, a generated name, or a reverse-domain name which ends with the unique CSI driver name. Objects are namespaced. @@ -56,23 +56,23 @@ They are consumed by the kube-scheduler when a CSI driver opts into capacity-awa - **storageClassName** (string), required - The name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable. + storageClassName represents the name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable. - **capacity** (}}">Quantity) - Capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields. + capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields. The semantic is currently (CSI spec 1.2) defined as: The available capacity, in bytes, of the storage that can be used to provision volumes. If not set, that information is currently unavailable. - **maximumVolumeSize** (}}">Quantity) - MaximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields. + maximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields. This is defined since CSI spec 1.4.0 as the largest size that may be used in a CreateVolumeRequest.capacity_range.required_bytes field to create a volume with the same parameters as those in GetCapacityRequest. The corresponding value in the Kubernetes API is ResourceRequirements.Requests in a volume claim. - **nodeTopology** (}}">LabelSelector) - NodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable. + nodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable. @@ -98,7 +98,7 @@ CSIStorageCapacityList is a collection of CSIStorageCapacity objects. *Map: unique values on key name will be kept during a merge* - Items is the list of CSIStorageCapacity objects. + items is the list of CSIStorageCapacity objects. @@ -202,6 +202,11 @@ GET /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -270,6 +275,11 @@ GET /apis/storage.k8s.io/v1/csistoragecapacities }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -580,6 +590,11 @@ DELETE /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1.md index 3d6a889221f..4fc8f3aa65b 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1.md @@ -77,13 +77,13 @@ PersistentVolumeClaimSpec describes the common attributes of storage devices and - **resources.claims** ([]ResourceClaim) - *Set: unique values will be kept during a merge* + *Map: unique values on key name will be kept during a merge* Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. + This field is immutable. It can only be set for containers. *ResourceClaim references one entry in PodSpec.ResourceClaims.* @@ -98,7 +98,7 @@ PersistentVolumeClaimSpec describes the common attributes of storage devices and - **resources.requests** (map[string]}}">Quantity) - Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - **volumeName** (string) @@ -178,7 +178,7 @@ PersistentVolumeClaimStatus is the current status of a persistent volume claim. conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'. - *PersistentVolumeClaimCondition contails details about state of pvc* + *PersistentVolumeClaimCondition contains details about state of pvc* - **conditions.status** (string), required @@ -211,8 +211,6 @@ PersistentVolumeClaimStatus is the current status of a persistent volume claim. - **phase** (string) phase represents the current phase of PersistentVolumeClaim. - - - **resizeStatus** (string) @@ -377,6 +375,11 @@ GET /api/v1/namespaces/{namespace}/persistentvolumeclaims }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -445,6 +448,11 @@ GET /api/v1/persistentvolumeclaims }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -870,6 +878,11 @@ DELETE /api/v1/namespaces/{namespace}/persistentvolumeclaims }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-v1.md index 0aa9021a429..3c300883401 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-v1.md @@ -108,8 +108,6 @@ PersistentVolumeSpec is the specification of a persistent volume. - **persistentVolumeReclaimPolicy** (string) persistentVolumeReclaimPolicy defines what happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming - - - **storageClassName** (string) @@ -329,7 +327,7 @@ PersistentVolumeSpec is the specification of a persistent volume. - **csi.controllerExpandSecretRef** (SecretReference) - controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This is an beta field and requires enabling ExpandCSIVolumes feature gate. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed. + controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed. *SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace* @@ -363,7 +361,7 @@ PersistentVolumeSpec is the specification of a persistent volume. - **csi.nodeExpandSecretRef** (SecretReference) - nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is an alpha field and requires enabling CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed. + nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed. *SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace* @@ -519,6 +517,29 @@ PersistentVolumeSpec is the specification of a persistent volume. readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- **glusterfs** (GlusterfsPersistentVolumeSource) + + glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md + + + *Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.* + + - **glusterfs.endpoints** (string), required + + endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + + - **glusterfs.path** (string), required + + path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + + - **glusterfs.endpointsNamespace** (string) + + endpointsNamespace is the namespace that contains Glusterfs endpoint. If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + + - **glusterfs.readOnly** (boolean) + + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + - **iscsi** (ISCSIPersistentVolumeSource) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. @@ -838,8 +859,6 @@ PersistentVolumeStatus is the current status of a persistent volume. - **phase** (string) phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase - - - **reason** (string) @@ -989,6 +1008,11 @@ GET /api/v1/persistentvolumes }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -1379,6 +1403,11 @@ DELETE /api/v1/persistentvolumes }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1.md index 5310484d56c..3bc2a6b6505 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1.md @@ -184,6 +184,11 @@ GET /api/v1/namespaces/{namespace}/secrets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -252,6 +257,11 @@ GET /api/v1/secrets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -562,6 +572,11 @@ DELETE /api/v1/namespaces/{namespace}/secrets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/storage-class-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/storage-class-v1.md index 6c9126f4c6b..9998f631b34 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/storage-class-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/storage-class-v1.md @@ -46,17 +46,17 @@ StorageClasses are non-namespaced; the name of the storage class according to et - **provisioner** (string), required - Provisioner indicates the type of the provisioner. + provisioner indicates the type of the provisioner. - **allowVolumeExpansion** (boolean) - AllowVolumeExpansion shows whether the storage class allow volume expand + allowVolumeExpansion shows whether the storage class allow volume expand. - **allowedTopologies** ([]TopologySelectorTerm) *Atomic: will be replaced during a merge* - Restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature. + allowedTopologies restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature. *A topology selector term represents the result of label queries. A null or empty topology selector term matches no objects. The requirements of them are ANDed. It provides a subset of functionality as NodeSelectorTerm. This is an alpha feature and may change in the future.* @@ -78,19 +78,19 @@ StorageClasses are non-namespaced; the name of the storage class according to et - **mountOptions** ([]string) - Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. ["ro", "soft"]. Not validated - mount of the PVs will simply fail if one is invalid. + mountOptions controls the mountOptions for dynamically provisioned PersistentVolumes of this storage class. e.g. ["ro", "soft"]. Not validated - mount of the PVs will simply fail if one is invalid. - **parameters** (map[string]string) - Parameters holds the parameters for the provisioner that should create volumes of this storage class. + parameters holds the parameters for the provisioner that should create volumes of this storage class. - **reclaimPolicy** (string) - Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete. + reclaimPolicy controls the reclaimPolicy for dynamically provisioned PersistentVolumes of this storage class. Defaults to Delete. - **volumeBindingMode** (string) - VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature. + volumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature. @@ -114,7 +114,7 @@ StorageClassList is a collection of storage classes. - **items** ([]}}">StorageClass), required - Items is the list of StorageClasses + items is the list of StorageClasses @@ -208,6 +208,11 @@ GET /apis/storage.k8s.io/v1/storageclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -493,6 +498,11 @@ DELETE /apis/storage.k8s.io/v1/storageclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/volume-attachment-v1.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/volume-attachment-v1.md index a0ac08f96b4..bc8d3629dcb 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/volume-attachment-v1.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/volume-attachment-v1.md @@ -46,11 +46,11 @@ VolumeAttachment objects are non-namespaced. - **spec** (}}">VolumeAttachmentSpec), required - Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system. + spec represents specification of the desired attach/detach volume behavior. Populated by the Kubernetes system. - **status** (}}">VolumeAttachmentStatus) - Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher. + status represents status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher. @@ -64,15 +64,15 @@ VolumeAttachmentSpec is the specification of a VolumeAttachment request. - **attacher** (string), required - Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName(). + attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName(). - **nodeName** (string), required - The node that the volume should be attached to. + nodeName represents the node that the volume should be attached to. - **source** (VolumeAttachmentSource), required - Source represents the volume that should be attached. + source represents the volume that should be attached. *VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.* @@ -83,7 +83,7 @@ VolumeAttachmentSpec is the specification of a VolumeAttachment request. - **source.persistentVolumeName** (string) - Name of the persistent volume to attach. + persistentVolumeName represents the name of the persistent volume to attach. @@ -97,44 +97,44 @@ VolumeAttachmentStatus is the status of a VolumeAttachment request. - **attached** (boolean), required - Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher. + attached indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher. - **attachError** (VolumeError) - The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher. + attachError represents the last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher. *VolumeError captures an error encountered during a volume operation.* - **attachError.message** (string) - String detailing the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information. + message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information. - **attachError.time** (Time) - Time the error was encountered. + time represents the time the error was encountered. *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - **attachmentMetadata** (map[string]string) - Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher. + attachmentMetadata is populated with any information returned by the attach operation, upon successful attach, that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher. - **detachError** (VolumeError) - The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher. + detachError represents the last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher. *VolumeError captures an error encountered during a volume operation.* - **detachError.message** (string) - String detailing the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information. + message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information. - **detachError.time** (Time) - Time the error was encountered. + time represents the time the error was encountered. *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* @@ -161,7 +161,7 @@ VolumeAttachmentList is a collection of VolumeAttachment objects. - **items** ([]}}">VolumeAttachment), required - Items is the list of VolumeAttachments + items is the list of VolumeAttachments @@ -283,6 +283,11 @@ GET /apis/storage.k8s.io/v1/volumeattachments }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -673,6 +678,11 @@ DELETE /apis/storage.k8s.io/v1/volumeattachments }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/volume.md b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/volume.md index 1586c8cdd4b..b81f55944d5 100644 --- a/content/en/docs/reference/kubernetes-api/config-and-storage-resources/volume.md +++ b/content/en/docs/reference/kubernetes-api/config-and-storage-resources/volume.md @@ -230,7 +230,7 @@ Volume represents a named volume in a pod that may be accessed by any container - **emptyDir.sizeLimit** (}}">Quantity) - sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir + sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - **hostPath** (HostPathVolumeSource) @@ -541,6 +541,25 @@ Volume represents a named volume in a pod that may be accessed by any container readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +- **glusterfs** (GlusterfsVolumeSource) + + glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + + + *Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.* + + - **glusterfs.endpoints** (string), required + + endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + + - **glusterfs.path** (string), required + + path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + + - **glusterfs.readOnly** (boolean) + + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + - **iscsi** (ISCSIVolumeSource) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md diff --git a/content/en/docs/reference/kubernetes-api/extend-resources/custom-resource-definition-v1.md b/content/en/docs/reference/kubernetes-api/extend-resources/custom-resource-definition-v1.md index 945538d7671..a40e0f70f07 100644 --- a/content/en/docs/reference/kubernetes-api/extend-resources/custom-resource-definition-v1.md +++ b/content/en/docs/reference/kubernetes-api/extend-resources/custom-resource-definition-v1.md @@ -210,12 +210,12 @@ CustomResourceDefinitionSpec describes how a user wants their resource to appear - **conversion.strategy** (string), required - strategy specifies how custom resources are converted between versions. Allowed values are: - `None`: The converter only change the apiVersion and would not touch any other field in the custom resource. - `Webhook`: API Server will call to an external webhook to do the conversion. Additional information + strategy specifies how custom resources are converted between versions. Allowed values are: - `"None"`: The converter only change the apiVersion and would not touch any other field in the custom resource. - `"Webhook"`: API Server will call to an external webhook to do the conversion. Additional information is needed for this option. This requires spec.preserveUnknownFields to be false, and spec.conversion.webhook to be set. - **conversion.webhook** (WebhookConversion) - webhook describes how to call the conversion webhook. Required when `strategy` is set to `Webhook`. + webhook describes how to call the conversion webhook. Required when `strategy` is set to `"Webhook"`. *WebhookConversion describes how to call a conversion webhook* @@ -533,6 +533,10 @@ JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-sc Message represents the message displayed when validation fails. The message is required if the Rule contains line breaks. The message must not contain line breaks. If unset, the message is "failed rule: {Rule}". e.g. "must be a URL with the host matching spec.host" + - **x-kubernetes-validations.messageExpression** (string) + + MessageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. Since messageExpression is used as a failure message, it must evaluate to a string. If both message and messageExpression are present on a rule, then messageExpression will be used if validation fails. If messageExpression results in a runtime error, the runtime error is logged, and the validation failure message is produced as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset, and the fact that messageExpression produced an empty string/string with only spaces/string with line breaks will be logged. messageExpression has access to all the same variables as the rule; the only difference is the return type. Example: "x must be less than max ("+string(self.max)+")" + @@ -756,6 +760,11 @@ GET /apis/apiextensions.k8s.io/v1/customresourcedefinitions }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -1146,6 +1155,11 @@ DELETE /apis/apiextensions.k8s.io/v1/customresourcedefinitions }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/extend-resources/mutating-webhook-configuration-v1.md b/content/en/docs/reference/kubernetes-api/extend-resources/mutating-webhook-configuration-v1.md index fba255e7f76..41cc4de3422 100644 --- a/content/en/docs/reference/kubernetes-api/extend-resources/mutating-webhook-configuration-v1.md +++ b/content/en/docs/reference/kubernetes-api/extend-resources/mutating-webhook-configuration-v1.md @@ -117,6 +117,44 @@ MutatingWebhookConfiguration describes the configuration of and admission webhoo FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail. + - **webhooks.matchConditions** ([]MatchCondition) + + *Patch strategy: merge on key `name`* + + *Map: unique values on key name will be kept during a merge* + + MatchConditions is a list of conditions that must be met for a request to be sent to this webhook. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed. + + The exact matching logic is (in order): + 1. If ANY matchCondition evaluates to FALSE, the webhook is skipped. + 2. If ALL matchConditions evaluate to TRUE, the webhook is called. + 3. If any matchCondition evaluates to an error (but none are FALSE): + - If failurePolicy=Fail, reject the request + - If failurePolicy=Ignore, the error is ignored and the webhook is skipped + + This is an alpha feature and managed by the AdmissionWebhookMatchConditions feature gate. + + + *MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook.* + + - **webhooks.matchConditions.expression** (string), required + + Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. CEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables: + + 'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest). 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request. + See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz + 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the + request resource. + Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + + Required. + + - **webhooks.matchConditions.name** (string), required + + Name is an identifier for this match condition, used for strategic merging of MatchConditions, as well as providing an identifier for logging purposes. A good name should be descriptive of the associated expression. Name must be a qualified name consisting of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyName', or 'my.name', or '123-abc', regex used for validation is '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]') with an optional DNS subdomain prefix and '/' (e.g. 'example.com/MyName') + + Required. + - **webhooks.matchPolicy** (string) matchPolicy defines how the "rules" list is used to match incoming requests. Allowed values are "Exact" or "Equivalent". @@ -336,6 +374,11 @@ GET /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -621,6 +664,11 @@ DELETE /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/extend-resources/validating-admission-policy-v1alpha1.md b/content/en/docs/reference/kubernetes-api/extend-resources/validating-admission-policy-v1alpha1.md index 36e0feb4a6e..a6d3d72d3e4 100644 --- a/content/en/docs/reference/kubernetes-api/extend-resources/validating-admission-policy-v1alpha1.md +++ b/content/en/docs/reference/kubernetes-api/extend-resources/validating-admission-policy-v1alpha1.md @@ -49,50 +49,82 @@ ValidatingAdmissionPolicy describes the definition of an admission validation po *ValidatingAdmissionPolicySpec is the specification of the desired behavior of the AdmissionPolicy.* - - **spec.validations** ([]Validation), required + - **spec.auditAnnotations** ([]AuditAnnotation) *Atomic: will be replaced during a merge* - Validations contain CEL expressions which is used to apply the validation. A minimum of one validation is required for a policy definition. Required. + auditAnnotations contains CEL expressions which are used to produce audit annotations for the audit event of the API request. validations and auditAnnotations may not both be empty; a least one of validations or auditAnnotations is required. - - *Validation specifies the CEL expression which is used to apply the validation.* + + *AuditAnnotation describes how to produce an audit annotation for an API request.* - - **spec.validations.expression** (string), required + - **spec.auditAnnotations.key** (string), required - Expression represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec CEL expressions have access to the contents of the Admission request/response, organized into CEL variables as well as some other useful variables: + key specifies the audit annotation key. The audit annotation keys of a ValidatingAdmissionPolicy must be unique. The key must be a qualified name ([A-Za-z0-9][-A-Za-z0-9_.]*) no more than 63 bytes in length. - 'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request([ref](/pkg/apis/admission/types.go#AdmissionRequest)). 'params' - Parameter resource referred to by the policy binding being evaluated. Only populated if the policy has a ParamKind. + The key is combined with the resource name of the ValidatingAdmissionPolicy to construct an audit annotation key: "{ValidatingAdmissionPolicy name}/{key}". - The `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object. No other metadata properties are accessible. + If an admission webhook uses the same resource name as this ValidatingAdmissionPolicy and the same audit annotation key, the annotation key will be identical. In this case, the first annotation written with the key will be included in the audit event and all subsequent annotations with the same key will be discarded. - Only property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - '__' escapes to '__underscores__' - '.' escapes to '__dot__' - '-' escapes to '__dash__' - '/' escapes to '__slash__' - Property names that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are: - "true", "false", "null", "in", "as", "break", "const", "continue", "else", "for", "function", "if", - "import", "let", "loop", "package", "namespace", "return". - Examples: - - Expression accessing a property named "namespace": {"Expression": "object.__namespace__ > 0"} - - Expression accessing a property named "x-prop": {"Expression": "object.x__dash__prop > 0"} - - Expression accessing a property named "redact__d": {"Expression": "object.redact__underscores__d > 0"} - - Equality on arrays with list type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type: - - 'set': `X + Y` performs a union where the array positions of all elements in `X` are preserved and - non-intersecting elements in `Y` are appended, retaining their partial order. - - 'map': `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values - are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with - non-intersecting keys are appended, retaining their partial order. Required. - - **spec.validations.message** (string) + - **spec.auditAnnotations.valueExpression** (string), required - Message represents the message displayed when validation fails. The message is required if the Expression contains line breaks. The message must not contain line breaks. If unset, the message is "failed rule: {Rule}". e.g. "must be a URL with the host matching spec.host" If the Expression contains line breaks. Message is required. The message must not contain line breaks. If unset, the message is "failed Expression: {Expression}". - - - **spec.validations.reason** (string) - - Reason represents a machine-readable description of why this validation failed. If this is the first validation in the list to fail, this reason, as well as the corresponding HTTP response code, are used in the HTTP response to the client. The currently supported reasons are: "Unauthorized", "Forbidden", "Invalid", "RequestEntityTooLarge". If not set, StatusReasonInvalid is used in the response to the client. + valueExpression represents the expression which is evaluated by CEL to produce an audit annotation value. The expression must evaluate to either a string or null value. If the expression evaluates to a string, the audit annotation is included with the string value. If the expression evaluates to null or empty string the audit annotation will be omitted. The valueExpression may be no longer than 5kb in length. If the result of the valueExpression is more than 10kb in length, it will be truncated to 10kb. + + If multiple ValidatingAdmissionPolicyBinding resources match an API request, then the valueExpression will be evaluated for each binding. All unique values produced by the valueExpressions will be joined together in a comma-separated list. + + Required. - **spec.failurePolicy** (string) - FailurePolicy defines how to handle failures for the admission policy. Failures can occur from invalid or mis-configured policy definitions or bindings. A policy is invalid if spec.paramKind refers to a non-existent Kind. A binding is invalid if spec.paramRef.name refers to a non-existent resource. Allowed values are Ignore or Fail. Defaults to Fail. + failurePolicy defines how to handle failures for the admission policy. Failures can occur from CEL expression parse errors, type check errors, runtime errors and invalid or mis-configured policy definitions or bindings. + + A policy is invalid if spec.paramKind refers to a non-existent Kind. A binding is invalid if spec.paramRef.name refers to a non-existent resource. + + failurePolicy does not define how validations that evaluate to false are handled. + + When failurePolicy is set to Fail, ValidatingAdmissionPolicyBinding validationActions define how failures are enforced. + + Allowed values are Ignore or Fail. Defaults to Fail. + + - **spec.matchConditions** ([]MatchCondition) + + *Patch strategy: merge on key `name`* + + *Map: unique values on key name will be kept during a merge* + + MatchConditions is a list of conditions that must be met for a request to be validated. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed. + + If a parameter object is provided, it can be accessed via the `params` handle in the same manner as validation expressions. + + The exact matching logic is (in order): + 1. If ANY matchCondition evaluates to FALSE, the policy is skipped. + 2. If ALL matchConditions evaluate to TRUE, the policy is evaluated. + 3. If any matchCondition evaluates to an error (but none are FALSE): + - If failurePolicy=Fail, reject the request + - If failurePolicy=Ignore, the policy is skipped + + + ** + + - **spec.matchConditions.expression** (string), required + + Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. CEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables: + + 'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest). 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request. + See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz + 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the + request resource. + Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + + Required. + + - **spec.matchConditions.name** (string), required + + Name is an identifier for this match condition, used for strategic merging of MatchConditions, as well as providing an identifier for logging purposes. A good name should be descriptive of the associated expression. Name must be a qualified name consisting of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyName', or 'my.name', or '123-abc', regex used for validation is '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]') with an optional DNS subdomain prefix and '/' (e.g. 'example.com/MyName') + + Required. - **spec.matchConstraints** (MatchResources) @@ -262,6 +294,125 @@ ValidatingAdmissionPolicy describes the definition of an admission validation po Kind is the API kind the resources belong to. Required. + - **spec.validations** ([]Validation) + + *Atomic: will be replaced during a merge* + + Validations contain CEL expressions which is used to apply the validation. Validations and AuditAnnotations may not both be empty; a minimum of one Validations or AuditAnnotations is required. + + + *Validation specifies the CEL expression which is used to apply the validation.* + + - **spec.validations.expression** (string), required + + Expression represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec CEL expressions have access to the contents of the API request/response, organized into CEL variables as well as some other useful variables: + + - 'object' - The object from the incoming request. The value is null for DELETE requests. - 'oldObject' - The existing object. The value is null for CREATE requests. - 'request' - Attributes of the API request([ref](/pkg/apis/admission/types.go#AdmissionRequest)). - 'params' - Parameter resource referred to by the policy binding being evaluated. Only populated if the policy has a ParamKind. - 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request. + See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz + - 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the + request resource. + + The `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object. No other metadata properties are accessible. + + Only property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - '__' escapes to '__underscores__' - '.' escapes to '__dot__' - '-' escapes to '__dash__' - '/' escapes to '__slash__' - Property names that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are: + "true", "false", "null", "in", "as", "break", "const", "continue", "else", "for", "function", "if", + "import", "let", "loop", "package", "namespace", "return". + Examples: + - Expression accessing a property named "namespace": {"Expression": "object.__namespace__ > 0"} + - Expression accessing a property named "x-prop": {"Expression": "object.x__dash__prop > 0"} + - Expression accessing a property named "redact__d": {"Expression": "object.redact__underscores__d > 0"} + + Equality on arrays with list type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type: + - 'set': `X + Y` performs a union where the array positions of all elements in `X` are preserved and + non-intersecting elements in `Y` are appended, retaining their partial order. + - 'map': `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values + are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with + non-intersecting keys are appended, retaining their partial order. + Required. + + - **spec.validations.message** (string) + + Message represents the message displayed when validation fails. The message is required if the Expression contains line breaks. The message must not contain line breaks. If unset, the message is "failed rule: {Rule}". e.g. "must be a URL with the host matching spec.host" If the Expression contains line breaks. Message is required. The message must not contain line breaks. If unset, the message is "failed Expression: {Expression}". + + - **spec.validations.messageExpression** (string) + + messageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. Since messageExpression is used as a failure message, it must evaluate to a string. If both message and messageExpression are present on a validation, then messageExpression will be used if validation fails. If messageExpression results in a runtime error, the runtime error is logged, and the validation failure message is produced as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset, and the fact that messageExpression produced an empty string/string with only spaces/string with line breaks will be logged. messageExpression has access to all the same variables as the `expression` except for 'authorizer' and 'authorizer.requestResource'. Example: "object.x must be less than max ("+string(params.max)+")" + + - **spec.validations.reason** (string) + + Reason represents a machine-readable description of why this validation failed. If this is the first validation in the list to fail, this reason, as well as the corresponding HTTP response code, are used in the HTTP response to the client. The currently supported reasons are: "Unauthorized", "Forbidden", "Invalid", "RequestEntityTooLarge". If not set, StatusReasonInvalid is used in the response to the client. + +- **status** (ValidatingAdmissionPolicyStatus) + + The status of the ValidatingAdmissionPolicy, including warnings that are useful to determine if the policy behaves in the expected way. Populated by the system. Read-only. + + + *ValidatingAdmissionPolicyStatus represents the status of a ValidatingAdmissionPolicy.* + + - **status.conditions** ([]Condition) + + *Map: unique values on key type will be kept during a merge* + + The conditions represent the latest available observations of a policy's current state. + + + *Condition contains details for one aspect of the current state of this API Resource.* + + - **status.conditions.lastTransitionTime** (Time), required + + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + + + *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* + + - **status.conditions.message** (string), required + + message is a human readable message indicating details about the transition. This may be an empty string. + + - **status.conditions.reason** (string), required + + reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + + - **status.conditions.status** (string), required + + status of the condition, one of True, False, Unknown. + + - **status.conditions.type** (string), required + + type of condition in CamelCase or in foo.example.com/CamelCase. + + - **status.conditions.observedGeneration** (int64) + + observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + + - **status.observedGeneration** (int64) + + The generation observed by the controller. + + - **status.typeChecking** (TypeChecking) + + The results of type checking for each expression. Presence of this field indicates the completion of the type checking. + + + *TypeChecking contains results of type checking the expressions in the ValidatingAdmissionPolicy* + + - **status.typeChecking.expressionWarnings** ([]ExpressionWarning) + + *Atomic: will be replaced during a merge* + + The type checking warnings for each expression. + + + *ExpressionWarning is a warning information that targets a specific expression.* + + - **status.typeChecking.expressionWarnings.fieldRef** (string), required + + The path to the field that refers the expression. For example, the reference to the expression of the first item of validations is "spec.validations[0].expression" + + - **status.typeChecking.expressionWarnings.warning** (string), required + + The content of type checking information in a human-readable form. Each line of the warning contains the type that the expression is checked against, followed by the type check error from the compiler. + @@ -489,6 +640,30 @@ ValidatingAdmissionPolicyBinding binds the ValidatingAdmissionPolicy with parame PolicyName references a ValidatingAdmissionPolicy name which the ValidatingAdmissionPolicyBinding binds to. If the referenced resource does not exist, this binding is considered invalid and will be ignored Required. + - **spec.validationActions** ([]string) + + *Set: unique values will be kept during a merge* + + validationActions declares how Validations of the referenced ValidatingAdmissionPolicy are enforced. If a validation evaluates to false it is always enforced according to these actions. + + Failures defined by the ValidatingAdmissionPolicy's FailurePolicy are enforced according to these actions only if the FailurePolicy is set to Fail, otherwise the failures are ignored. This includes compilation errors, runtime errors and misconfigurations of the policy. + + validationActions is declared as a set of action values. Order does not matter. validationActions may not contain duplicates of the same action. + + The supported actions values are: + + "Deny" specifies that a validation failure results in a denied request. + + "Warn" specifies that a validation failure is reported to the request client in HTTP Warning headers, with a warning code of 299. Warnings can be sent both for allowed or denied admission responses. + + "Audit" specifies that a validation failure is included in the published audit event for the request. The audit event will contain a `validation.policy.admission.k8s.io/validation_failure` audit annotation with a value containing the details of the validation failures, formatted as a JSON list of objects, each with the following fields: - message: The validation failure message string - policy: The resource name of the ValidatingAdmissionPolicy - binding: The resource name of the ValidatingAdmissionPolicyBinding - expressionIndex: The index of the failed validations in the ValidatingAdmissionPolicy - validationActions: The enforcement actions enacted for the validation failure Example audit annotation: `"validation.policy.admission.k8s.io/validation_failure": "[{"message": "Invalid value", {"policy": "policy.example.com", {"binding": "policybinding.example.com", {"expressionIndex": "1", {"validationActions": ["Audit"]}]"` + + Clients should expect to handle additional values by ignoring any values not recognized. + + "Deny" and "Warn" may not be used together since this combination needlessly duplicates the validation failure both in the API response body and the HTTP warning headers. + + Required. + @@ -524,6 +699,34 @@ GET /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{nam +#### Response + + +200 (}}">ValidatingAdmissionPolicy): OK + +401: Unauthorized + + +### `get` read status of the specified ValidatingAdmissionPolicy + +#### HTTP Request + +GET /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}/status + +#### Parameters + + +- **name** (*in path*): string, required + + name of the ValidatingAdmissionPolicy + + +- **pretty** (*in query*): string + + }}">pretty + + + #### Response @@ -581,6 +784,11 @@ GET /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -666,6 +874,56 @@ PUT /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{nam +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">ValidatingAdmissionPolicy): OK + +201 (}}">ValidatingAdmissionPolicy): Created + +401: Unauthorized + + +### `update` replace status of the specified ValidatingAdmissionPolicy + +#### HTTP Request + +PUT /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}/status + +#### Parameters + + +- **name** (*in path*): string, required + + name of the ValidatingAdmissionPolicy + + +- **body**: }}">ValidatingAdmissionPolicy, required + + + + - **dryRun** (*in query*): string }}">dryRun @@ -716,6 +974,61 @@ PATCH /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{n +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **force** (*in query*): boolean + + }}">force + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">ValidatingAdmissionPolicy): OK + +201 (}}">ValidatingAdmissionPolicy): Created + +401: Unauthorized + + +### `patch` partially update status of the specified ValidatingAdmissionPolicy + +#### HTTP Request + +PATCH /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}/status + +#### Parameters + + +- **name** (*in path*): string, required + + name of the ValidatingAdmissionPolicy + + +- **body**: }}">Patch, required + + + + - **dryRun** (*in query*): string }}">dryRun @@ -866,6 +1179,11 @@ DELETE /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1.md b/content/en/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1.md index d41aa10efeb..6821958013b 100644 --- a/content/en/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1.md +++ b/content/en/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1.md @@ -117,6 +117,44 @@ ValidatingWebhookConfiguration describes the configuration of and admission webh FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail. + - **webhooks.matchConditions** ([]MatchCondition) + + *Patch strategy: merge on key `name`* + + *Map: unique values on key name will be kept during a merge* + + MatchConditions is a list of conditions that must be met for a request to be sent to this webhook. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed. + + The exact matching logic is (in order): + 1. If ANY matchCondition evaluates to FALSE, the webhook is skipped. + 2. If ALL matchConditions evaluate to TRUE, the webhook is called. + 3. If any matchCondition evaluates to an error (but none are FALSE): + - If failurePolicy=Fail, reject the request + - If failurePolicy=Ignore, the error is ignored and the webhook is skipped + + This is an alpha feature and managed by the AdmissionWebhookMatchConditions feature gate. + + + *MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook.* + + - **webhooks.matchConditions.expression** (string), required + + Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. CEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables: + + 'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest). 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request. + See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz + 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the + request resource. + Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/ + + Required. + + - **webhooks.matchConditions.name** (string), required + + Name is an identifier for this match condition, used for strategic merging of MatchConditions, as well as providing an identifier for logging purposes. A good name should be descriptive of the associated expression. Name must be a qualified name consisting of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyName', or 'my.name', or '123-abc', regex used for validation is '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]') with an optional DNS subdomain prefix and '/' (e.g. 'example.com/MyName') + + Required. + - **webhooks.matchPolicy** (string) matchPolicy defines how the "rules" list is used to match incoming requests. Allowed values are "Exact" or "Equivalent". @@ -326,6 +364,11 @@ GET /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -611,6 +654,11 @@ DELETE /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/policy-resources/ip-address-v1alpha1.md b/content/en/docs/reference/kubernetes-api/policy-resources/ip-address-v1alpha1.md new file mode 100644 index 00000000000..4828acb88c2 --- /dev/null +++ b/content/en/docs/reference/kubernetes-api/policy-resources/ip-address-v1alpha1.md @@ -0,0 +1,509 @@ +--- +api_metadata: + apiVersion: "networking.k8s.io/v1alpha1" + import: "k8s.io/api/networking/v1alpha1" + kind: "IPAddress" +content_type: "api_reference" +description: "IPAddress represents a single IP of a single IP Family." +title: "IPAddress v1alpha1" +weight: 5 +auto_generated: true +--- + + + +`apiVersion: networking.k8s.io/v1alpha1` + +`import "k8s.io/api/networking/v1alpha1"` + + +## IPAddress {#IPAddress} + +IPAddress represents a single IP of a single IP Family. The object is designed to be used by APIs that operate on IP addresses. The object is used by the Service core API for allocation of IP addresses. An IP address can be represented in different formats, to guarantee the uniqueness of the IP, the name of the object is the IP address in canonical format, four decimal digits separated by dots suppressing leading zeros for IPv4 and the representation defined by RFC 5952 for IPv6. Valid: 192.168.1.5 or 2001:db8::1 or 2001:db8:aaaa:bbbb:cccc:dddd:eeee:1 Invalid: 10.01.2.3 or 2001:db8:0:0:0::1 + +
    + +- **apiVersion**: networking.k8s.io/v1alpha1 + + +- **kind**: IPAddress + + +- **metadata** (}}">ObjectMeta) + + Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + +- **spec** (}}">IPAddressSpec) + + spec is the desired state of the IPAddress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + + + + + +## IPAddressSpec {#IPAddressSpec} + +IPAddressSpec describe the attributes in an IP Address. + +
    + +- **parentRef** (ParentReference) + + ParentRef references the resource that an IPAddress is attached to. An IPAddress must reference a parent object. + + + *ParentReference describes a reference to a parent object.* + + - **parentRef.group** (string) + + Group is the group of the object being referenced. + + - **parentRef.name** (string) + + Name is the name of the object being referenced. + + - **parentRef.namespace** (string) + + Namespace is the namespace of the object being referenced. + + - **parentRef.resource** (string) + + Resource is the resource of the object being referenced. + + - **parentRef.uid** (string) + + UID is the uid of the object being referenced. + + + + + +## IPAddressList {#IPAddressList} + +IPAddressList contains a list of IPAddress. + +
    + +- **apiVersion**: networking.k8s.io/v1alpha1 + + +- **kind**: IPAddressList + + +- **metadata** (}}">ListMeta) + + Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + +- **items** ([]}}">IPAddress), required + + items is the list of IPAddresses. + + + + + +## Operations {#Operations} + + + +
    + + + + + + +### `get` read the specified IPAddress + +#### HTTP Request + +GET /apis/networking.k8s.io/v1alpha1/ipaddresses/{name} + +#### Parameters + + +- **name** (*in path*): string, required + + name of the IPAddress + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">IPAddress): OK + +401: Unauthorized + + +### `list` list or watch objects of kind IPAddress + +#### HTTP Request + +GET /apis/networking.k8s.io/v1alpha1/ipaddresses + +#### Parameters + + +- **allowWatchBookmarks** (*in query*): boolean + + }}">allowWatchBookmarks + + +- **continue** (*in query*): string + + }}">continue + + +- **fieldSelector** (*in query*): string + + }}">fieldSelector + + +- **labelSelector** (*in query*): string + + }}">labelSelector + + +- **limit** (*in query*): integer + + }}">limit + + +- **pretty** (*in query*): string + + }}">pretty + + +- **resourceVersion** (*in query*): string + + }}">resourceVersion + + +- **resourceVersionMatch** (*in query*): string + + }}">resourceVersionMatch + + +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + +- **timeoutSeconds** (*in query*): integer + + }}">timeoutSeconds + + +- **watch** (*in query*): boolean + + }}">watch + + + +#### Response + + +200 (}}">IPAddressList): OK + +401: Unauthorized + + +### `create` create an IPAddress + +#### HTTP Request + +POST /apis/networking.k8s.io/v1alpha1/ipaddresses + +#### Parameters + + +- **body**: }}">IPAddress, required + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">IPAddress): OK + +201 (}}">IPAddress): Created + +202 (}}">IPAddress): Accepted + +401: Unauthorized + + +### `update` replace the specified IPAddress + +#### HTTP Request + +PUT /apis/networking.k8s.io/v1alpha1/ipaddresses/{name} + +#### Parameters + + +- **name** (*in path*): string, required + + name of the IPAddress + + +- **body**: }}">IPAddress, required + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">IPAddress): OK + +201 (}}">IPAddress): Created + +401: Unauthorized + + +### `patch` partially update the specified IPAddress + +#### HTTP Request + +PATCH /apis/networking.k8s.io/v1alpha1/ipaddresses/{name} + +#### Parameters + + +- **name** (*in path*): string, required + + name of the IPAddress + + +- **body**: }}">Patch, required + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldManager** (*in query*): string + + }}">fieldManager + + +- **fieldValidation** (*in query*): string + + }}">fieldValidation + + +- **force** (*in query*): boolean + + }}">force + + +- **pretty** (*in query*): string + + }}">pretty + + + +#### Response + + +200 (}}">IPAddress): OK + +201 (}}">IPAddress): Created + +401: Unauthorized + + +### `delete` delete an IPAddress + +#### HTTP Request + +DELETE /apis/networking.k8s.io/v1alpha1/ipaddresses/{name} + +#### Parameters + + +- **name** (*in path*): string, required + + name of the IPAddress + + +- **body**: }}">DeleteOptions + + + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **gracePeriodSeconds** (*in query*): integer + + }}">gracePeriodSeconds + + +- **pretty** (*in query*): string + + }}">pretty + + +- **propagationPolicy** (*in query*): string + + }}">propagationPolicy + + + +#### Response + + +200 (}}">Status): OK + +202 (}}">Status): Accepted + +401: Unauthorized + + +### `deletecollection` delete collection of IPAddress + +#### HTTP Request + +DELETE /apis/networking.k8s.io/v1alpha1/ipaddresses + +#### Parameters + + +- **body**: }}">DeleteOptions + + + + +- **continue** (*in query*): string + + }}">continue + + +- **dryRun** (*in query*): string + + }}">dryRun + + +- **fieldSelector** (*in query*): string + + }}">fieldSelector + + +- **gracePeriodSeconds** (*in query*): integer + + }}">gracePeriodSeconds + + +- **labelSelector** (*in query*): string + + }}">labelSelector + + +- **limit** (*in query*): integer + + }}">limit + + +- **pretty** (*in query*): string + + }}">pretty + + +- **propagationPolicy** (*in query*): string + + }}">propagationPolicy + + +- **resourceVersion** (*in query*): string + + }}">resourceVersion + + +- **resourceVersionMatch** (*in query*): string + + }}">resourceVersionMatch + + +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + +- **timeoutSeconds** (*in query*): integer + + }}">timeoutSeconds + + + +#### Response + + +200 (}}">Status): OK + +401: Unauthorized + diff --git a/content/en/docs/reference/kubernetes-api/policy-resources/limit-range-v1.md b/content/en/docs/reference/kubernetes-api/policy-resources/limit-range-v1.md index 3be570cfb0a..ef4355e4f27 100644 --- a/content/en/docs/reference/kubernetes-api/policy-resources/limit-range-v1.md +++ b/content/en/docs/reference/kubernetes-api/policy-resources/limit-range-v1.md @@ -213,6 +213,11 @@ GET /api/v1/namespaces/{namespace}/limitranges }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -281,6 +286,11 @@ GET /api/v1/limitranges }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -591,6 +601,11 @@ DELETE /api/v1/namespaces/{namespace}/limitranges }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/policy-resources/network-policy-v1.md b/content/en/docs/reference/kubernetes-api/policy-resources/network-policy-v1.md index 5a1b4f17ae6..01345b62583 100644 --- a/content/en/docs/reference/kubernetes-api/policy-resources/network-policy-v1.md +++ b/content/en/docs/reference/kubernetes-api/policy-resources/network-policy-v1.md @@ -44,11 +44,11 @@ NetworkPolicy describes what network traffic is allowed for a set of Pods - **spec** (}}">NetworkPolicySpec) - Specification of the desired behavior for this NetworkPolicy. + spec represents the specification of the desired behavior for this NetworkPolicy. - **status** (}}">NetworkPolicyStatus) - Status is the current state of the NetworkPolicy. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + status represents the current state of the NetworkPolicy. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status @@ -62,137 +62,137 @@ NetworkPolicySpec provides the specification of a NetworkPolicy - **podSelector** (}}">LabelSelector), required - Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace. + podSelector selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace. - **policyTypes** ([]string) - List of rule types that the NetworkPolicy relates to. Valid options are ["Ingress"], ["Egress"], or ["Ingress", "Egress"]. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include "Egress" (since such a policy would not include an Egress section and would otherwise default to just [ "Ingress" ]). This field is beta-level in 1.8 + policyTypes is a list of rule types that the NetworkPolicy relates to. Valid options are ["Ingress"], ["Egress"], or ["Ingress", "Egress"]. If this field is not specified, it will default based on the existence of ingress or egress rules; policies that contain an egress section are assumed to affect egress, and all policies (whether or not they contain an ingress section) are assumed to affect ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include "Egress" (since such a policy would not include an egress section and would otherwise default to just [ "Ingress" ]). This field is beta-level in 1.8 - **ingress** ([]NetworkPolicyIngressRule) - List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default) + ingress is a list of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default) *NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.* - **ingress.from** ([]NetworkPolicyPeer) - List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the from list. + from is a list of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the from list. *NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed* - **ingress.from.ipBlock** (IPBlock) - IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be. + ipBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be. *IPBlock describes a particular CIDR (Ex. "192.168.1.0/24","2001:db8::/64") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.* - **ingress.from.ipBlock.cidr** (string), required - CIDR is a string representing the IP Block Valid examples are "192.168.1.0/24" or "2001:db8::/64" + cidr is a string representing the IPBlock Valid examples are "192.168.1.0/24" or "2001:db8::/64" - **ingress.from.ipBlock.except** ([]string) - Except is a slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.0/24" or "2001:db8::/64" Except values will be rejected if they are outside the CIDR range + except is a slice of CIDRs that should not be included within an IPBlock Valid examples are "192.168.1.0/24" or "2001:db8::/64" Except values will be rejected if they are outside the cidr range - **ingress.from.namespaceSelector** (}}">LabelSelector) - Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces. + namespaceSelector selects namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces. - If PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector. + If podSelector is also set, then the NetworkPolicyPeer as a whole selects the pods matching podSelector in the namespaces selected by namespaceSelector. Otherwise it selects all pods in the namespaces selected by namespaceSelector. - **ingress.from.podSelector** (}}">LabelSelector) - This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods. + podSelector is a label selector which selects pods. This field follows standard label selector semantics; if present but empty, it selects all pods. - If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace. + If namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the pods matching podSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the pods matching podSelector in the policy's own namespace. - **ingress.ports** ([]NetworkPolicyPort) - List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list. + ports is a list of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list. *NetworkPolicyPort describes a port to allow traffic on* - **ingress.ports.port** (IntOrString) - The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched. + port represents the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched. *IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.* - **ingress.ports.endPort** (int32) - If set, indicates that the range of ports from port to endPort, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port. + endPort indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port. - **ingress.ports.protocol** (string) - The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. + protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. - **egress** ([]NetworkPolicyEgressRule) - List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8 + egress is a list of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8 *NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8* - **egress.to** ([]NetworkPolicyPeer) - List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list. + to is a list of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list. *NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed* - **egress.to.ipBlock** (IPBlock) - IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be. + ipBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be. *IPBlock describes a particular CIDR (Ex. "192.168.1.0/24","2001:db8::/64") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.* - **egress.to.ipBlock.cidr** (string), required - CIDR is a string representing the IP Block Valid examples are "192.168.1.0/24" or "2001:db8::/64" + cidr is a string representing the IPBlock Valid examples are "192.168.1.0/24" or "2001:db8::/64" - **egress.to.ipBlock.except** ([]string) - Except is a slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.0/24" or "2001:db8::/64" Except values will be rejected if they are outside the CIDR range + except is a slice of CIDRs that should not be included within an IPBlock Valid examples are "192.168.1.0/24" or "2001:db8::/64" Except values will be rejected if they are outside the cidr range - **egress.to.namespaceSelector** (}}">LabelSelector) - Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces. + namespaceSelector selects namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces. - If PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector. + If podSelector is also set, then the NetworkPolicyPeer as a whole selects the pods matching podSelector in the namespaces selected by namespaceSelector. Otherwise it selects all pods in the namespaces selected by namespaceSelector. - **egress.to.podSelector** (}}">LabelSelector) - This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods. + podSelector is a label selector which selects pods. This field follows standard label selector semantics; if present but empty, it selects all pods. - If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace. + If namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the pods matching podSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the pods matching podSelector in the policy's own namespace. - **egress.ports** ([]NetworkPolicyPort) - List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list. + ports is a list of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list. *NetworkPolicyPort describes a port to allow traffic on* - **egress.ports.port** (IntOrString) - The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched. + port represents the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched. *IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.* - **egress.ports.endPort** (int32) - If set, indicates that the range of ports from port to endPort, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port. + endPort indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port. - **egress.ports.protocol** (string) - The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. + protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. @@ -200,7 +200,7 @@ NetworkPolicySpec provides the specification of a NetworkPolicy ## NetworkPolicyStatus {#NetworkPolicyStatus} -NetworkPolicyStatus describe the current state of the NetworkPolicy. +NetworkPolicyStatus describes the current state of the NetworkPolicy.
    @@ -210,7 +210,7 @@ NetworkPolicyStatus describe the current state of the NetworkPolicy. *Map: unique values on key type will be kept during a merge* - Conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. Current service state + conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. Current service state *Condition contains details for one aspect of the current state of this API Resource.* @@ -264,7 +264,7 @@ NetworkPolicyList is a list of NetworkPolicy objects. - **items** ([]}}">NetworkPolicy), required - Items is a list of schema objects. + items is a list of schema objects. @@ -401,6 +401,11 @@ GET /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -469,6 +474,11 @@ GET /apis/networking.k8s.io/v1/networkpolicies }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -894,6 +904,11 @@ DELETE /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/policy-resources/pod-disruption-budget-v1.md b/content/en/docs/reference/kubernetes-api/policy-resources/pod-disruption-budget-v1.md index 7fd6fc3551a..ece7b336b9f 100644 --- a/content/en/docs/reference/kubernetes-api/policy-resources/pod-disruption-budget-v1.md +++ b/content/en/docs/reference/kubernetes-api/policy-resources/pod-disruption-budget-v1.md @@ -90,7 +90,7 @@ PodDisruptionBudgetSpec is a description of a PodDisruptionBudget. Additional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field. - This field is alpha-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (disabled by default). + This field is beta-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default). @@ -334,6 +334,11 @@ GET /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -402,6 +407,11 @@ GET /apis/policy/v1/poddisruptionbudgets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -827,6 +837,11 @@ DELETE /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/policy-resources/resource-quota-v1.md b/content/en/docs/reference/kubernetes-api/policy-resources/resource-quota-v1.md index 4675db74751..887b89886b5 100644 --- a/content/en/docs/reference/kubernetes-api/policy-resources/resource-quota-v1.md +++ b/content/en/docs/reference/kubernetes-api/policy-resources/resource-quota-v1.md @@ -81,14 +81,10 @@ ResourceQuotaSpec defines the desired hard limits to enforce for Quota. - **scopeSelector.matchExpressions.operator** (string), required Represents a scope's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. - - - **scopeSelector.matchExpressions.scopeName** (string), required The name of the scope that the selector applies to. - - - **scopeSelector.matchExpressions.values** ([]string) @@ -275,6 +271,11 @@ GET /api/v1/namespaces/{namespace}/resourcequotas }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -343,6 +344,11 @@ GET /api/v1/resourcequotas }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -768,6 +774,11 @@ DELETE /api/v1/namespaces/{namespace}/resourcequotas }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/service-resources/endpoint-slice-v1.md b/content/en/docs/reference/kubernetes-api/service-resources/endpoint-slice-v1.md index d2f6164d71d..06b8f032696 100644 --- a/content/en/docs/reference/kubernetes-api/service-resources/endpoint-slice-v1.md +++ b/content/en/docs/reference/kubernetes-api/service-resources/endpoint-slice-v1.md @@ -45,8 +45,6 @@ EndpointSlice represents a subset of the endpoints that implement a service. For - **addressType** (string), required addressType specifies the type of address carried by this EndpointSlice. All addresses in this slice must be the same type. This field is immutable after creation. The following address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name. - - - **endpoints** ([]Endpoint), required @@ -72,7 +70,7 @@ EndpointSlice represents a subset of the endpoints that implement a service. For - **endpoints.conditions.ready** (boolean) - ready indicates that this endpoint is prepared to receive traffic, according to whatever system is managing the endpoint. A nil value indicates an unknown state. In most cases consumers should interpret this unknown state as ready. For compatibility reasons, ready should never be "true" for terminating endpoints. + ready indicates that this endpoint is prepared to receive traffic, according to whatever system is managing the endpoint. A nil value indicates an unknown state. In most cases consumers should interpret this unknown state as ready. For compatibility reasons, ready should never be "true" for terminating endpoints, except when the normal readiness behavior is being explicitly overridden, for example when the associated Service has set the publishNotReadyAddresses flag. - **endpoints.conditions.serving** (boolean) @@ -133,19 +131,26 @@ EndpointSlice represents a subset of the endpoints that implement a service. For - **ports.port** (int32) - The port number of the endpoint. If this is not specified, ports are not restricted and must be interpreted in the context of the specific consumer. + port represents the port number of the endpoint. If this is not specified, ports are not restricted and must be interpreted in the context of the specific consumer. - **ports.protocol** (string) - The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP. + protocol represents the IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP. - **ports.name** (string) - The name of this port. All ports in an EndpointSlice must have a unique name. If the EndpointSlice is dervied from a Kubernetes service, this corresponds to the Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation: * must be no more than 63 characters long. * must consist of lower case alphanumeric characters or '-'. * must start and end with an alphanumeric character. Default is empty string. + name represents the name of this port. All ports in an EndpointSlice must have a unique name. If the EndpointSlice is dervied from a Kubernetes service, this corresponds to the Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation: * must be no more than 63 characters long. * must consist of lower case alphanumeric characters or '-'. * must start and end with an alphanumeric character. Default is empty string. - **ports.appProtocol** (string) - The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. + The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: + + * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). + + * Kubernetes-defined prefixed names: + * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 + + * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol. @@ -169,7 +174,7 @@ EndpointSliceList represents a list of endpoint slices - **items** ([]}}">EndpointSlice), required - List of endpoint slices + items is the list of endpoint slices @@ -273,6 +278,11 @@ GET /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -341,6 +351,11 @@ GET /apis/discovery.k8s.io/v1/endpointslices }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -651,6 +666,11 @@ DELETE /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/service-resources/endpoints-v1.md b/content/en/docs/reference/kubernetes-api/service-resources/endpoints-v1.md index 8267741ea71..403dc9d535c 100644 --- a/content/en/docs/reference/kubernetes-api/service-resources/endpoints-v1.md +++ b/content/en/docs/reference/kubernetes-api/service-resources/endpoints-v1.md @@ -80,7 +80,7 @@ Endpoints is a collection of endpoints that implement the actual service. Exampl - **subsets.addresses.ip** (string), required - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready. + The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16). - **subsets.addresses.hostname** (string) @@ -103,7 +103,7 @@ Endpoints is a collection of endpoints that implement the actual service. Exampl - **subsets.notReadyAddresses.ip** (string), required - The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready. + The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16). - **subsets.notReadyAddresses.hostname** (string) @@ -131,8 +131,6 @@ Endpoints is a collection of endpoints that implement the actual service. Exampl - **subsets.ports.protocol** (string) The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP. - - - **subsets.ports.name** (string) @@ -140,7 +138,14 @@ Endpoints is a collection of endpoints that implement the actual service. Exampl - **subsets.ports.appProtocol** (string) - The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. + The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: + + * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). + + * Kubernetes-defined prefixed names: + * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 + + * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol. @@ -268,6 +273,11 @@ GET /api/v1/namespaces/{namespace}/endpoints }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -336,6 +346,11 @@ GET /api/v1/endpoints }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -646,6 +661,11 @@ DELETE /api/v1/namespaces/{namespace}/endpoints }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/service-resources/ingress-class-v1.md b/content/en/docs/reference/kubernetes-api/service-resources/ingress-class-v1.md index 009a5b7f9ef..db6654f2f30 100644 --- a/content/en/docs/reference/kubernetes-api/service-resources/ingress-class-v1.md +++ b/content/en/docs/reference/kubernetes-api/service-resources/ingress-class-v1.md @@ -44,7 +44,7 @@ IngressClass represents the class of the Ingress, referenced by the Ingress Spec - **spec** (}}">IngressClassSpec) - Spec is the desired state of the IngressClass. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + spec is the desired state of the IngressClass. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status @@ -58,34 +58,34 @@ IngressClassSpec provides information about the class of an Ingress. - **controller** (string) - Controller refers to the name of the controller that should handle this class. This allows for different "flavors" that are controlled by the same controller. For example, you may have different Parameters for the same implementing controller. This should be specified as a domain-prefixed path no more than 250 characters in length, e.g. "acme.io/ingress-controller". This field is immutable. + controller refers to the name of the controller that should handle this class. This allows for different "flavors" that are controlled by the same controller. For example, you may have different parameters for the same implementing controller. This should be specified as a domain-prefixed path no more than 250 characters in length, e.g. "acme.io/ingress-controller". This field is immutable. - **parameters** (IngressClassParametersReference) - Parameters is a link to a custom resource containing additional configuration for the controller. This is optional if the controller does not require extra parameters. + parameters is a link to a custom resource containing additional configuration for the controller. This is optional if the controller does not require extra parameters. *IngressClassParametersReference identifies an API object. This can be used to specify a cluster or namespace-scoped resource.* - **parameters.kind** (string), required - Kind is the type of resource being referenced. + kind is the type of resource being referenced. - **parameters.name** (string), required - Name is the name of resource being referenced. + name is the name of resource being referenced. - **parameters.apiGroup** (string) - APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + apiGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. - **parameters.namespace** (string) - Namespace is the namespace of the resource being referenced. This field is required when scope is set to "Namespace" and must be unset when scope is set to "Cluster". + namespace is the namespace of the resource being referenced. This field is required when scope is set to "Namespace" and must be unset when scope is set to "Cluster". - **parameters.scope** (string) - Scope represents if this refers to a cluster or namespace scoped resource. This may be set to "Cluster" (default) or "Namespace". + scope represents if this refers to a cluster or namespace scoped resource. This may be set to "Cluster" (default) or "Namespace". @@ -109,7 +109,7 @@ IngressClassList is a collection of IngressClasses. - **items** ([]}}">IngressClass), required - Items is the list of IngressClasses. + items is the list of IngressClasses. @@ -203,6 +203,11 @@ GET /apis/networking.k8s.io/v1/ingressclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -488,6 +493,11 @@ DELETE /apis/networking.k8s.io/v1/ingressclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/service-resources/ingress-v1.md b/content/en/docs/reference/kubernetes-api/service-resources/ingress-v1.md index d6c7290bac4..354cfa6ba60 100644 --- a/content/en/docs/reference/kubernetes-api/service-resources/ingress-v1.md +++ b/content/en/docs/reference/kubernetes-api/service-resources/ingress-v1.md @@ -44,11 +44,11 @@ Ingress is a collection of rules that allow inbound connections to reach the end - **spec** (}}">IngressSpec) - Spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - **status** (}}">IngressStatus) - Status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status @@ -62,31 +62,31 @@ IngressSpec describes the Ingress the user wishes to exist. - **defaultBackend** (}}">IngressBackend) - DefaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller. + defaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller. - **ingressClassName** (string) - IngressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present. + ingressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present. - **rules** ([]IngressRule) *Atomic: will be replaced during a merge* - A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend. + rules is a list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend. *IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.* - **rules.host** (string) - Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to + host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. - Host can be "precise" which is a domain name without the terminating dot of a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name prefixed with a single wildcard label (e.g. "*.foo.com"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). Requests will be matched against the Host field in the following way: 1. If Host is precise, the request matches this rule if the http host header is equal to Host. 2. If Host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule. + host can be "precise" which is a domain name without the terminating dot of a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name prefixed with a single wildcard label (e.g. "*.foo.com"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). Requests will be matched against the Host field in the following way: 1. If host is precise, the request matches this rule if the http host header is equal to Host. 2. If host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule. - **rules.http** (HTTPIngressRuleValue) @@ -98,18 +98,18 @@ IngressSpec describes the Ingress the user wishes to exist. *Atomic: will be replaced during a merge* - A collection of paths that map requests to backends. + paths is a collection of paths that map requests to backends. *HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.* - **rules.http.paths.backend** (}}">IngressBackend), required - Backend defines the referenced service endpoint to which the traffic will be forwarded to. + backend defines the referenced service endpoint to which the traffic will be forwarded to. - **rules.http.paths.pathType** (string), required - PathType determines the interpretation of the Path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is + pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is done on a path element by element basis. A path element refers is the list of labels in the path split by the '/' separator. A request is a match for path p if every p is an element-wise prefix of p of the @@ -123,26 +123,26 @@ IngressSpec describes the Ingress the user wishes to exist. - **rules.http.paths.path** (string) - Path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value "Exact" or "Prefix". + path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value "Exact" or "Prefix". - **tls** ([]IngressTLS) *Atomic: will be replaced during a merge* - TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + tls represents the TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. - *IngressTLS describes the transport layer security associated with an Ingress.* + *IngressTLS describes the transport layer security associated with an ingress.* - **tls.hosts** ([]string) *Atomic: will be replaced during a merge* - Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. - **tls.secretName** (string) - SecretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing. + secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. @@ -156,33 +156,33 @@ IngressBackend describes all endpoints for a given service and port. - **resource** (}}">TypedLocalObjectReference) - Resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service". + resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service". - **service** (IngressServiceBackend) - Service references a Service as a Backend. This is a mutually exclusive setting with "Resource". + service references a service as a backend. This is a mutually exclusive setting with "Resource". *IngressServiceBackend references a Kubernetes Service as a Backend.* - **service.name** (string), required - Name is the referenced service. The service must exist in the same namespace as the Ingress object. + name is the referenced service. The service must exist in the same namespace as the Ingress object. - **service.port** (ServiceBackendPort) - Port of the referenced service. A port name or port number is required for a IngressServiceBackend. + port of the referenced service. A port name or port number is required for a IngressServiceBackend. *ServiceBackendPort is the service port being referenced.* - **service.port.name** (string) - Name is the name of the port on the Service. This is a mutually exclusive setting with "Number". + name is the name of the port on the Service. This is a mutually exclusive setting with "Number". - **service.port.number** (int32) - Number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with "Name". + number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with "Name". @@ -196,48 +196,46 @@ IngressStatus describe the current state of the Ingress. - **loadBalancer** (IngressLoadBalancerStatus) - LoadBalancer contains the current status of the load-balancer. + loadBalancer contains the current status of the load-balancer. *IngressLoadBalancerStatus represents the status of a load-balancer.* - **loadBalancer.ingress** ([]IngressLoadBalancerIngress) - Ingress is a list containing ingress points for the load-balancer. + ingress is a list containing ingress points for the load-balancer. *IngressLoadBalancerIngress represents the status of a load-balancer ingress point.* - **loadBalancer.ingress.hostname** (string) - Hostname is set for load-balancer ingress points that are DNS based. + hostname is set for load-balancer ingress points that are DNS based. - **loadBalancer.ingress.ip** (string) - IP is set for load-balancer ingress points that are IP based. + ip is set for load-balancer ingress points that are IP based. - **loadBalancer.ingress.ports** ([]IngressPortStatus) *Atomic: will be replaced during a merge* - Ports provides information about the ports exposed by this LoadBalancer. + ports provides information about the ports exposed by this LoadBalancer. *IngressPortStatus represents the error condition of a service port* - **loadBalancer.ingress.ports.port** (int32), required - Port is the port number of the ingress port. + port is the port number of the ingress port. - **loadBalancer.ingress.ports.protocol** (string), required - Protocol is the protocol of the ingress port. The supported values are: "TCP", "UDP", "SCTP" - - + protocol is the protocol of the ingress port. The supported values are: "TCP", "UDP", "SCTP" - **loadBalancer.ingress.ports.error** (string) - Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use + error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. @@ -254,7 +252,7 @@ IngressList is a collection of Ingress. - **items** ([]}}">Ingress), required - Items is the list of Ingress. + items is the list of Ingress. - **apiVersion** (string) @@ -403,6 +401,11 @@ GET /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -471,6 +474,11 @@ GET /apis/networking.k8s.io/v1/ingresses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -896,6 +904,11 @@ DELETE /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/service-resources/service-v1.md b/content/en/docs/reference/kubernetes-api/service-resources/service-v1.md index e98d49081c2..8159685fc44 100644 --- a/content/en/docs/reference/kubernetes-api/service-resources/service-v1.md +++ b/content/en/docs/reference/kubernetes-api/service-resources/service-v1.md @@ -89,8 +89,6 @@ ServiceSpec describes the attributes that a user creates on a service. - **ports.protocol** (string) The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. - - - **ports.name** (string) @@ -107,8 +105,6 @@ ServiceSpec describes the attributes that a user creates on a service. - **type** (string) type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. "ExternalName" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types - - - **ipFamilies** ([]string) @@ -141,8 +137,6 @@ ServiceSpec describes the attributes that a user creates on a service. - **sessionAffinity** (string) Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - - - **loadBalancerIP** (string) @@ -163,8 +157,6 @@ ServiceSpec describes the attributes that a user creates on a service. - **externalTrafficPolicy** (string) externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. - - - **internalTrafficPolicy** (string) @@ -286,8 +278,6 @@ ServiceStatus represents the current status of a service. - **loadBalancer.ingress.ports.protocol** (string), required Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" - - - **loadBalancer.ingress.ports.error** (string) @@ -455,6 +445,11 @@ GET /api/v1/namespaces/{namespace}/services }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -523,6 +518,11 @@ GET /api/v1/services }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -948,6 +948,11 @@ DELETE /api/v1/namespaces/{namespace}/services }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/controller-revision-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/controller-revision-v1.md index 5a23855cf25..39a4c73b635 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/controller-revision-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/controller-revision-v1.md @@ -216,6 +216,11 @@ GET /apis/apps/v1/namespaces/{namespace}/controllerrevisions }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -284,6 +289,11 @@ GET /apis/apps/v1/controllerrevisions }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -594,6 +604,11 @@ DELETE /apis/apps/v1/namespaces/{namespace}/controllerrevisions }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/cron-job-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/cron-job-v1.md index 9148da431f4..8222897d123 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/cron-job-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/cron-job-v1.md @@ -81,13 +81,13 @@ CronJobSpec describes how the job execution will look like and when it will actu - **timeZone** (string) - The time zone name for the given schedule, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones. If not specified, this will default to the time zone of the kube-controller-manager process. The set of valid time zone names and the time zone offset is loaded from the system-wide time zone database by the API server during CronJob validation and the controller manager during execution. If no system-wide time zone database can be found a bundled version of the database is used instead. If the time zone name becomes invalid during the lifetime of a CronJob or due to a change in host configuration, the controller will stop creating new new Jobs and will create a system event with the reason UnknownTimeZone. More information can be found in https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones This is beta field and must be enabled via the `CronJobTimeZone` feature gate. + The time zone name for the given schedule, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones. If not specified, this will default to the time zone of the kube-controller-manager process. The set of valid time zone names and the time zone offset is loaded from the system-wide time zone database by the API server during CronJob validation and the controller manager during execution. If no system-wide time zone database can be found a bundled version of the database is used instead. If the time zone name becomes invalid during the lifetime of a CronJob or due to a change in host configuration, the controller will stop creating new new Jobs and will create a system event with the reason UnknownTimeZone. More information can be found in https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones - **concurrencyPolicy** (string) - Specifies how to treat concurrent executions of a Job. Valid values are: - "Allow" (default): allows CronJobs to run concurrently; - "Forbid": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - "Replace": cancels currently running job and replaces it with a new one - + Specifies how to treat concurrent executions of a Job. Valid values are: + - "Allow" (default): allows CronJobs to run concurrently; - "Forbid": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - "Replace": cancels currently running job and replaces it with a new one - **startingDeadlineSeconds** (int64) @@ -294,6 +294,11 @@ GET /apis/batch/v1/namespaces/{namespace}/cronjobs }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -362,6 +367,11 @@ GET /apis/batch/v1/cronjobs }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -787,6 +797,11 @@ DELETE /apis/batch/v1/namespaces/{namespace}/cronjobs }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/daemon-set-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/daemon-set-v1.md index 6176734a8bb..923e9074f05 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/daemon-set-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/daemon-set-v1.md @@ -66,7 +66,7 @@ DaemonSetSpec is the specification of a daemon set. - **template** (}}">PodTemplateSpec), required - An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template + An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). The only allowed template.spec.restartPolicy value is "Always". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template - **minReadySeconds** (int32) @@ -82,8 +82,6 @@ DaemonSetSpec is the specification of a daemon set. - **updateStrategy.type** (string) Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate. - - - **updateStrategy.rollingUpdate** (RollingUpdateDaemonSet) @@ -347,6 +345,11 @@ GET /apis/apps/v1/namespaces/{namespace}/daemonsets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -415,6 +418,11 @@ GET /apis/apps/v1/daemonsets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -840,6 +848,11 @@ DELETE /apis/apps/v1/namespaces/{namespace}/daemonsets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/deployment-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/deployment-v1.md index 1a409e11e7d..3ea68446fe0 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/deployment-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/deployment-v1.md @@ -66,7 +66,7 @@ DeploymentSpec is the specification of the desired behavior of the Deployment. - **template** (}}">PodTemplateSpec), required - Template describes the pods that will be created. + Template describes the pods that will be created. The only allowed template.spec.restartPolicy value is "Always". - **replicas** (int32) @@ -88,8 +88,6 @@ DeploymentSpec is the specification of the desired behavior of the Deployment. - **strategy.type** (string) Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - - - **strategy.rollingUpdate** (RollingUpdateDeployment) @@ -360,6 +358,11 @@ GET /apis/apps/v1/namespaces/{namespace}/deployments }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -428,6 +431,11 @@ GET /apis/apps/v1/deployments }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -853,6 +861,11 @@ DELETE /apis/apps/v1/namespaces/{namespace}/deployments }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v1.md index b815969cfc1..699719e21f0 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v1.md @@ -44,11 +44,11 @@ configuration of a horizontal pod autoscaler. - **spec** (}}">HorizontalPodAutoscalerSpec) - behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. + spec defines the behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. - **status** (}}">HorizontalPodAutoscalerStatus) - current information about the autoscaler. + status is the current information about the autoscaler. @@ -62,7 +62,7 @@ specification of a horizontal pod autoscaler. - **maxReplicas** (int32), required - upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas. + maxReplicas is the upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas. - **scaleTargetRef** (CrossVersionObjectReference), required @@ -73,15 +73,15 @@ specification of a horizontal pod autoscaler. - **scaleTargetRef.kind** (string), required - Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - **scaleTargetRef.name** (string), required - Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names + name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - **scaleTargetRef.apiVersion** (string) - API version of the referent + apiVersion is the API version of the referent - **minReplicas** (int32) @@ -89,7 +89,7 @@ specification of a horizontal pod autoscaler. - **targetCPUUtilizationPercentage** (int32) - target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. + targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. @@ -103,26 +103,26 @@ current status of a horizontal pod autoscaler - **currentReplicas** (int32), required - current number of replicas of pods managed by this autoscaler. + currentReplicas is the current number of replicas of pods managed by this autoscaler. - **desiredReplicas** (int32), required - desired number of replicas of pods managed by this autoscaler. + desiredReplicas is the desired number of replicas of pods managed by this autoscaler. - **currentCPUUtilizationPercentage** (int32) - current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU. + currentCPUUtilizationPercentage is the current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU. - **lastScaleTime** (Time) - last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed. + lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed. *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - **observedGeneration** (int64) - most recent generation observed by this autoscaler. + observedGeneration is the most recent generation observed by this autoscaler. @@ -146,7 +146,7 @@ list of horizontal pod autoscaler objects. - **items** ([]}}">HorizontalPodAutoscaler), required - list of horizontal pod autoscaler objects. + items is the list of horizontal pod autoscaler objects. @@ -283,6 +283,11 @@ GET /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -351,6 +356,11 @@ GET /apis/autoscaling/v1/horizontalpodautoscalers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -776,6 +786,11 @@ DELETE /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2.md b/content/en/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2.md index 16f7b34bd1f..9c0a6c50965 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2.md @@ -73,15 +73,15 @@ HorizontalPodAutoscalerSpec describes the desired functionality of the Horizonta - **scaleTargetRef.kind** (string), required - Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - **scaleTargetRef.name** (string), required - Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names + name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - **scaleTargetRef.apiVersion** (string) - API version of the referent + apiVersion is the API version of the referent - **minReplicas** (int32) @@ -112,15 +112,15 @@ HorizontalPodAutoscalerSpec describes the desired functionality of the Horizonta - **behavior.scaleDown.policies.type** (string), required - Type is used to specify the scaling policy. + type is used to specify the scaling policy. - **behavior.scaleDown.policies.value** (int32), required - Value contains the amount of change which is permitted by the policy. It must be greater than zero + value contains the amount of change which is permitted by the policy. It must be greater than zero - **behavior.scaleDown.policies.periodSeconds** (int32), required - PeriodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). + periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). - **behavior.scaleDown.selectPolicy** (string) @@ -128,7 +128,7 @@ HorizontalPodAutoscalerSpec describes the desired functionality of the Horizonta - **behavior.scaleDown.stabilizationWindowSeconds** (int32) - StabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long). + stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long). - **behavior.scaleUp** (HPAScalingRules) @@ -151,15 +151,15 @@ HorizontalPodAutoscalerSpec describes the desired functionality of the Horizonta - **behavior.scaleUp.policies.type** (string), required - Type is used to specify the scaling policy. + type is used to specify the scaling policy. - **behavior.scaleUp.policies.value** (int32), required - Value contains the amount of change which is permitted by the policy. It must be greater than zero + value contains the amount of change which is permitted by the policy. It must be greater than zero - **behavior.scaleUp.policies.periodSeconds** (int32), required - PeriodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). + periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). - **behavior.scaleUp.selectPolicy** (string) @@ -167,7 +167,7 @@ HorizontalPodAutoscalerSpec describes the desired functionality of the Horizonta - **behavior.scaleUp.stabilizationWindowSeconds** (int32) - StabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long). + stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long). - **metrics** ([]MetricSpec) @@ -281,15 +281,15 @@ HorizontalPodAutoscalerSpec describes the desired functionality of the Horizonta - **metrics.object.describedObject.kind** (string), required - Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - **metrics.object.describedObject.name** (string), required - Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names + name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - **metrics.object.describedObject.apiVersion** (string) - API version of the referent + apiVersion is the API version of the referent - **metrics.object.metric** (MetricIdentifier), required @@ -478,7 +478,7 @@ HorizontalPodAutoscalerStatus describes the current status of a horizontal pod a - **currentMetrics.containerResource.container** (string), required - Container is the name of the container in the pods of the scaling target + container is the name of the container in the pods of the scaling target - **currentMetrics.containerResource.current** (MetricValueStatus), required @@ -501,7 +501,7 @@ HorizontalPodAutoscalerStatus describes the current status of a horizontal pod a - **currentMetrics.containerResource.name** (string), required - Name is the name of the resource in question. + name is the name of the resource in question. - **currentMetrics.external** (ExternalMetricStatus) @@ -579,15 +579,15 @@ HorizontalPodAutoscalerStatus describes the current status of a horizontal pod a - **currentMetrics.object.describedObject.kind** (string), required - Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - **currentMetrics.object.describedObject.name** (string), required - Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names + name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - **currentMetrics.object.describedObject.apiVersion** (string) - API version of the referent + apiVersion is the API version of the referent - **currentMetrics.object.metric** (MetricIdentifier), required @@ -673,7 +673,7 @@ HorizontalPodAutoscalerStatus describes the current status of a horizontal pod a - **currentMetrics.resource.name** (string), required - Name is the name of the resource in question. + name is the name of the resource in question. - **currentReplicas** (int32) @@ -849,6 +849,11 @@ GET /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -917,6 +922,11 @@ GET /apis/autoscaling/v2/horizontalpodautoscalers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -1342,6 +1352,11 @@ DELETE /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/job-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/job-v1.md index 42cec53db7c..00790c4af0a 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/job-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/job-v1.md @@ -67,7 +67,7 @@ JobSpec describes how the job execution will look like. - **template** (}}">PodTemplateSpec), required - Describes the pod that will be created when executing a job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ + Describes the pod that will be created when executing a job. The only allowed template.spec.restartPolicy values are "Never" or "OnFailure". More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ - **parallelism** (int32) @@ -78,11 +78,11 @@ JobSpec describes how the job execution will look like. - **completions** (int32) - Specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ + Specifies the desired number of successfully finished pods the job should be run with. Setting to null means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ - **completionMode** (string) - CompletionMode specifies how Pod completions are tracked. It can be `NonIndexed` (default) or `Indexed`. + completionMode specifies how Pod completions are tracked. It can be `NonIndexed` (default) or `Indexed`. `NonIndexed` means that the Job is considered complete when there have been .spec.completions successfully completed Pods. Each Pod completion is homologous to each other. @@ -104,7 +104,7 @@ JobSpec describes how the job execution will look like. - **suspend** (boolean) - Suspend specifies whether the Job controller should create Pods or not. If a Job is created with suspend set to true, no Pods are created by the Job controller. If a Job is suspended after creation (i.e. the flag goes from false to true), the Job controller will delete all active Pods associated with this Job. Users must design their workload to gracefully handle this. Suspending a Job will reset the StartTime field of the Job, effectively resetting the ActiveDeadlineSeconds timer too. Defaults to false. + suspend specifies whether the Job controller should create Pods or not. If a Job is created with suspend set to true, no Pods are created by the Job controller. If a Job is suspended after creation (i.e. the flag goes from false to true), the Job controller will delete all active Pods associated with this Job. Users must design their workload to gracefully handle this. Suspending a Job will reset the StartTime field of the Job, effectively resetting the ActiveDeadlineSeconds timer too. Defaults to false. ### Selector @@ -136,11 +136,12 @@ JobSpec describes how the job execution will look like. A list of pod failure policy rules. The rules are evaluated in order. Once a rule matches a Pod failure, the remaining of the rules are ignored. When no rule matches the Pod failure, the default handling applies - the counter of pod failures is incremented and it is checked against the backoffLimit. At most 20 elements are allowed. - *PodFailurePolicyRule describes how a pod failure is handled when the requirements are met. One of OnExitCodes and onPodConditions, but not both, can be used in each rule.* + *PodFailurePolicyRule describes how a pod failure is handled when the requirements are met. One of onExitCodes and onPodConditions, but not both, can be used in each rule.* - **podFailurePolicy.rules.action** (string), required Specifies the action taken on a pod failure when the requirements are satisfied. Possible values are: + - FailJob: indicates that the pod's job is marked as Failed and all running pods are terminated. - Ignore: indicates that the counter towards the .backoffLimit is not @@ -148,8 +149,6 @@ JobSpec describes how the job execution will look like. - Count: indicates that the pod is handled in the default way - the counter towards the .backoffLimit is incremented. Additional values are considered to be added in the future. Clients should react to an unknown action by skipping the rule. - - - **podFailurePolicy.rules.onPodConditions** ([]PodFailurePolicyOnPodConditionsPattern), required @@ -178,6 +177,7 @@ JobSpec describes how the job execution will look like. - **podFailurePolicy.rules.onExitCodes.operator** (string), required Represents the relationship between the container exit code(s) and the specified values. Containers completed with success (exit code 0) are excluded from the requirement check. Possible values are: + - In: the requirement is satisfied if at least one container exit code (might be multiple if there are multiple containers not restricted by the 'containerName' field) is in the set of specified values. @@ -185,8 +185,6 @@ JobSpec describes how the job execution will look like. (might be multiple if there are multiple containers not restricted by the 'containerName' field) is not in the set of specified values. Additional values are considered to be added in the future. Clients should react to an unknown operator by assuming the requirement is not satisfied. - - - **podFailurePolicy.rules.onExitCodes.values** ([]int32), required @@ -234,7 +232,7 @@ JobStatus represents the current state of a Job. - **completedIndexes** (string) - CompletedIndexes holds the completed indexes when .spec.completionMode = "Indexed" in a text format. The indexes are represented as decimal integers separated by commas. The numbers are listed in increasing order. Three or more consecutive numbers are compressed and represented by the first and last element of the series, separated by a hyphen. For example, if the completed indexes are 1, 3, 4, 5 and 7, they are represented as "1,3-5,7". + completedIndexes holds the completed indexes when .spec.completionMode = "Indexed" in a text format. The indexes are represented as decimal integers separated by commas. The numbers are listed in increasing order. Three or more consecutive numbers are compressed and represented by the first and last element of the series, separated by a hyphen. For example, if the completed indexes are 1, 3, 4, 5 and 7, they are represented as "1,3-5,7". - **conditions** ([]JobCondition) @@ -279,9 +277,11 @@ JobStatus represents the current state of a Job. - **uncountedTerminatedPods** (UncountedTerminatedPods) - UncountedTerminatedPods holds the UIDs of Pods that have terminated but the job controller hasn't yet accounted for in the status counters. + uncountedTerminatedPods holds the UIDs of Pods that have terminated but the job controller hasn't yet accounted for in the status counters. - The job controller creates pods with a finalizer. When a pod terminates (succeeded or failed), the controller does three steps to account for it in the job status: (1) Add the pod UID to the arrays in this field. (2) Remove the pod finalizer. (3) Remove the pod UID from the arrays while increasing the corresponding + The job controller creates pods with a finalizer. When a pod terminates (succeeded or failed), the controller does three steps to account for it in the job status: + + 1. Add the pod UID to the arrays in this field. 2. Remove the pod finalizer. 3. Remove the pod UID from the arrays while increasing the corresponding counter. Old jobs might not be tracked using this field, in which case the field remains null. @@ -293,13 +293,13 @@ JobStatus represents the current state of a Job. *Set: unique values will be kept during a merge* - Failed holds UIDs of failed Pods. + failed holds UIDs of failed Pods. - **uncountedTerminatedPods.succeeded** ([]string) *Set: unique values will be kept during a merge* - Succeeded holds UIDs of succeeded Pods. + succeeded holds UIDs of succeeded Pods. @@ -469,6 +469,11 @@ GET /apis/batch/v1/namespaces/{namespace}/jobs }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -537,6 +542,11 @@ GET /apis/batch/v1/jobs }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -962,6 +972,11 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/pod-scheduling-v1alpha1.md b/content/en/docs/reference/kubernetes-api/workload-resources/pod-scheduling-context-v1alpha2.md similarity index 69% rename from content/en/docs/reference/kubernetes-api/workload-resources/pod-scheduling-v1alpha1.md rename to content/en/docs/reference/kubernetes-api/workload-resources/pod-scheduling-context-v1alpha2.md index 72a2196d523..bb6c08f3ceb 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/pod-scheduling-v1alpha1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/pod-scheduling-context-v1alpha2.md @@ -1,11 +1,11 @@ --- api_metadata: - apiVersion: "resource.k8s.io/v1alpha1" - import: "k8s.io/api/resource/v1alpha1" - kind: "PodScheduling" + apiVersion: "resource.k8s.io/v1alpha2" + import: "k8s.io/api/resource/v1alpha2" + kind: "PodSchedulingContext" content_type: "api_reference" -description: "PodScheduling objects hold information that is needed to schedule a Pod with ResourceClaims that use \"WaitForFirstConsumer\" allocation mode." -title: "PodScheduling v1alpha1" +description: "PodSchedulingContext objects hold information that is needed to schedule a Pod with ResourceClaims that use \"WaitForFirstConsumer\" allocation mode." +title: "PodSchedulingContext v1alpha2" weight: 14 auto_generated: true --- @@ -21,34 +21,34 @@ guide. You can file document formatting bugs against the [reference-docs](https://github.com/kubernetes-sigs/reference-docs/) project. --> -`apiVersion: resource.k8s.io/v1alpha1` +`apiVersion: resource.k8s.io/v1alpha2` -`import "k8s.io/api/resource/v1alpha1"` +`import "k8s.io/api/resource/v1alpha2"` -## PodScheduling {#PodScheduling} +## PodSchedulingContext {#PodSchedulingContext} -PodScheduling objects hold information that is needed to schedule a Pod with ResourceClaims that use "WaitForFirstConsumer" allocation mode. +PodSchedulingContext objects hold information that is needed to schedule a Pod with ResourceClaims that use "WaitForFirstConsumer" allocation mode. This is an alpha type and requires enabling the DynamicResourceAllocation feature gate.
    -- **apiVersion**: resource.k8s.io/v1alpha1 +- **apiVersion**: resource.k8s.io/v1alpha2 -- **kind**: PodScheduling +- **kind**: PodSchedulingContext - **metadata** (}}">ObjectMeta) Standard object metadata -- **spec** (}}">PodSchedulingSpec), required +- **spec** (}}">PodSchedulingContextSpec), required Spec describes where resources for the Pod are needed. -- **status** (}}">PodSchedulingStatus) +- **status** (}}">PodSchedulingContextStatus) Status describes where resources for the Pod can be allocated. @@ -56,9 +56,9 @@ This is an alpha type and requires enabling the DynamicResourceAllocation featur -## PodSchedulingSpec {#PodSchedulingSpec} +## PodSchedulingContextSpec {#PodSchedulingContextSpec} -PodSchedulingSpec describes where resources for the Pod are needed. +PodSchedulingContextSpec describes where resources for the Pod are needed.
    @@ -78,9 +78,9 @@ PodSchedulingSpec describes where resources for the Pod are needed. -## PodSchedulingStatus {#PodSchedulingStatus} +## PodSchedulingContextStatus {#PodSchedulingContextStatus} -PodSchedulingStatus describes where resources for the Pod can be allocated. +PodSchedulingContextStatus describes where resources for the Pod can be allocated.
    @@ -109,25 +109,25 @@ PodSchedulingStatus describes where resources for the Pod can be allocated. -## PodSchedulingList {#PodSchedulingList} +## PodSchedulingContextList {#PodSchedulingContextList} -PodSchedulingList is a collection of Pod scheduling objects. +PodSchedulingContextList is a collection of Pod scheduling objects.
    -- **apiVersion**: resource.k8s.io/v1alpha1 +- **apiVersion**: resource.k8s.io/v1alpha2 -- **kind**: PodSchedulingList +- **kind**: PodSchedulingContextList - **metadata** (}}">ListMeta) Standard list metadata -- **items** ([]}}">PodScheduling), required +- **items** ([]}}">PodSchedulingContext), required - Items is the list of PodScheduling objects. + Items is the list of PodSchedulingContext objects. @@ -144,18 +144,18 @@ PodSchedulingList is a collection of Pod scheduling objects. -### `get` read the specified PodScheduling +### `get` read the specified PodSchedulingContext #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name} +GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name} #### Parameters - **name** (*in path*): string, required - name of the PodScheduling + name of the PodSchedulingContext - **namespace** (*in path*): string, required @@ -172,23 +172,23 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name} #### Response -200 (}}">PodScheduling): OK +200 (}}">PodSchedulingContext): OK 401: Unauthorized -### `get` read status of the specified PodScheduling +### `get` read status of the specified PodSchedulingContext #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name}/status +GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}/status #### Parameters - **name** (*in path*): string, required - name of the PodScheduling + name of the PodSchedulingContext - **namespace** (*in path*): string, required @@ -205,16 +205,16 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name}/ #### Response -200 (}}">PodScheduling): OK +200 (}}">PodSchedulingContext): OK 401: Unauthorized -### `list` list or watch objects of kind PodScheduling +### `list` list or watch objects of kind PodSchedulingContext #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings +GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts #### Parameters @@ -264,6 +264,11 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -278,16 +283,16 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings #### Response -200 (}}">PodSchedulingList): OK +200 (}}">PodSchedulingContextList): OK 401: Unauthorized -### `list` list or watch objects of kind PodScheduling +### `list` list or watch objects of kind PodSchedulingContext #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/podschedulings +GET /apis/resource.k8s.io/v1alpha2/podschedulingcontexts #### Parameters @@ -332,6 +337,11 @@ GET /apis/resource.k8s.io/v1alpha1/podschedulings }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -346,16 +356,16 @@ GET /apis/resource.k8s.io/v1alpha1/podschedulings #### Response -200 (}}">PodSchedulingList): OK +200 (}}">PodSchedulingContextList): OK 401: Unauthorized -### `create` create a PodScheduling +### `create` create a PodSchedulingContext #### HTTP Request -POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings +POST /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts #### Parameters @@ -365,7 +375,7 @@ POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings }}">namespace -- **body**: }}">PodScheduling, required +- **body**: }}">PodSchedulingContext, required @@ -394,27 +404,27 @@ POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings #### Response -200 (}}">PodScheduling): OK +200 (}}">PodSchedulingContext): OK -201 (}}">PodScheduling): Created +201 (}}">PodSchedulingContext): Created -202 (}}">PodScheduling): Accepted +202 (}}">PodSchedulingContext): Accepted 401: Unauthorized -### `update` replace the specified PodScheduling +### `update` replace the specified PodSchedulingContext #### HTTP Request -PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name} +PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name} #### Parameters - **name** (*in path*): string, required - name of the PodScheduling + name of the PodSchedulingContext - **namespace** (*in path*): string, required @@ -422,7 +432,7 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name} }}">namespace -- **body**: }}">PodScheduling, required +- **body**: }}">PodSchedulingContext, required @@ -451,25 +461,25 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name} #### Response -200 (}}">PodScheduling): OK +200 (}}">PodSchedulingContext): OK -201 (}}">PodScheduling): Created +201 (}}">PodSchedulingContext): Created 401: Unauthorized -### `update` replace status of the specified PodScheduling +### `update` replace status of the specified PodSchedulingContext #### HTTP Request -PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name}/status +PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}/status #### Parameters - **name** (*in path*): string, required - name of the PodScheduling + name of the PodSchedulingContext - **namespace** (*in path*): string, required @@ -477,7 +487,7 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name}/ }}">namespace -- **body**: }}">PodScheduling, required +- **body**: }}">PodSchedulingContext, required @@ -506,25 +516,25 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name}/ #### Response -200 (}}">PodScheduling): OK +200 (}}">PodSchedulingContext): OK -201 (}}">PodScheduling): Created +201 (}}">PodSchedulingContext): Created 401: Unauthorized -### `patch` partially update the specified PodScheduling +### `patch` partially update the specified PodSchedulingContext #### HTTP Request -PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name} +PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name} #### Parameters - **name** (*in path*): string, required - name of the PodScheduling + name of the PodSchedulingContext - **namespace** (*in path*): string, required @@ -566,25 +576,25 @@ PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name #### Response -200 (}}">PodScheduling): OK +200 (}}">PodSchedulingContext): OK -201 (}}">PodScheduling): Created +201 (}}">PodSchedulingContext): Created 401: Unauthorized -### `patch` partially update status of the specified PodScheduling +### `patch` partially update status of the specified PodSchedulingContext #### HTTP Request -PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name}/status +PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}/status #### Parameters - **name** (*in path*): string, required - name of the PodScheduling + name of the PodSchedulingContext - **namespace** (*in path*): string, required @@ -626,25 +636,25 @@ PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name #### Response -200 (}}">PodScheduling): OK +200 (}}">PodSchedulingContext): OK -201 (}}">PodScheduling): Created +201 (}}">PodSchedulingContext): Created 401: Unauthorized -### `delete` delete a PodScheduling +### `delete` delete a PodSchedulingContext #### HTTP Request -DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{name} +DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name} #### Parameters - **name** (*in path*): string, required - name of the PodScheduling + name of the PodSchedulingContext - **namespace** (*in path*): string, required @@ -681,18 +691,18 @@ DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings/{nam #### Response -200 (}}">PodScheduling): OK +200 (}}">PodSchedulingContext): OK -202 (}}">PodScheduling): Accepted +202 (}}">PodSchedulingContext): Accepted 401: Unauthorized -### `deletecollection` delete collection of PodScheduling +### `deletecollection` delete collection of PodSchedulingContext #### HTTP Request -DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings +DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts #### Parameters @@ -757,6 +767,11 @@ DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/podschedulings }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/pod-template-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/pod-template-v1.md index 8d2737ee735..b8a028e890a 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/pod-template-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/pod-template-v1.md @@ -190,6 +190,11 @@ GET /api/v1/namespaces/{namespace}/podtemplates }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -258,6 +263,11 @@ GET /api/v1/podtemplates }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -568,6 +578,11 @@ DELETE /api/v1/namespaces/{namespace}/podtemplates }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/pod-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/pod-v1.md index 3b4dbd6ef84..16813f69737 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/pod-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/pod-v1.md @@ -161,8 +161,6 @@ PodSpec is a description of a pod. - **tolerations.operator** (string) Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. - - - **tolerations.value** (string) @@ -171,8 +169,6 @@ PodSpec is a description of a pod. - **tolerations.effect** (string) Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - - - **tolerations.tolerationSeconds** (int64) @@ -219,15 +215,10 @@ PodSpec is a description of a pod. - **topologySpreadConstraints.whenUnsatisfiable** (string), required - WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - - DoNotSchedule (default) tells the scheduler not to schedule it. - - ScheduleAnyway tells the scheduler to schedule the pod in any location, + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. - A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. - - - **topologySpreadConstraints.labelSelector** (}}">LabelSelector) @@ -237,7 +228,9 @@ PodSpec is a description of a pod. *Atomic: will be replaced during a merge* - MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. + MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). - **topologySpreadConstraints.minDomains** (int32) @@ -268,9 +261,7 @@ PodSpec is a description of a pod. - **restartPolicy** (string) - Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy - - + Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy - **terminationGracePeriodSeconds** (int64) @@ -355,8 +346,6 @@ PodSpec is a description of a pod. - **dnsPolicy** (string) Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. - - ### Hosts namespaces @@ -438,8 +427,6 @@ PodSpec is a description of a pod. type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. - - - **securityContext.seccompProfile.localhostProfile** (string) @@ -561,9 +548,11 @@ PodSpec is a description of a pod. *Map: unique values on key name will be kept during a merge* - SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. + SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. - This is an alpha-level feature enabled by PodSchedulingReadiness feature gate. + SchedulingGates can only be set at pod creation time, and be removed only afterwards. + + This is a beta feature enabled by the PodSchedulingReadiness feature gate. *PodSchedulingGate is associated to a Pod to guard its scheduling.* @@ -603,8 +592,6 @@ A single application container that you want to run within a pod. - **imagePullPolicy** (string) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images - - ### Entrypoint @@ -654,8 +641,6 @@ A single application container that you want to run within a pod. - **ports.protocol** (string) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - - ### Environment variables @@ -840,13 +825,13 @@ A single application container that you want to run within a pod. - **resources.claims** ([]ResourceClaim) - *Set: unique values will be kept during a merge* + *Map: unique values on key name will be kept during a merge* Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. + This field is immutable. It can only be set for containers. *ResourceClaim references one entry in PodSpec.ResourceClaims.* @@ -861,7 +846,24 @@ A single application container that you want to run within a pod. - **resources.requests** (map[string]}}">Quantity) - Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + +- **resizePolicy** ([]ContainerResizePolicy) + + *Atomic: will be replaced during a merge* + + Resources resize policy for the container. + + + *ContainerResizePolicy represents resource resize policy for the container.* + + - **resizePolicy.resourceName** (string), required + + Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + + - **resizePolicy.restartPolicy** (string), required + + Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. ### Lifecycle @@ -888,8 +890,6 @@ A single application container that you want to run within a pod. - **terminationMessagePolicy** (string) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - - - **livenessProbe** (}}">Probe) @@ -968,8 +968,6 @@ A single application container that you want to run within a pod. type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. - - - **securityContext.seccompProfile.localhostProfile** (string) @@ -1068,8 +1066,6 @@ To add an ephemeral container, use the ephemeralcontainers subresource of an exi - **imagePullPolicy** (string) Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images - - ### Entrypoint @@ -1257,6 +1253,26 @@ To add an ephemeral container, use the ephemeralcontainers subresource of an exi name must match the name of a persistentVolumeClaim in the pod +### Resources + + +- **resizePolicy** ([]ContainerResizePolicy) + + *Atomic: will be replaced during a merge* + + Resources resize policy for the container. + + + *ContainerResizePolicy represents resource resize policy for the container.* + + - **resizePolicy.resourceName** (string), required + + Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + + - **resizePolicy.restartPolicy** (string), required + + Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + ### Lifecycle @@ -1267,8 +1283,6 @@ To add an ephemeral container, use the ephemeralcontainers subresource of an exi - **terminationMessagePolicy** (string) Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. - - ### Debugging @@ -1350,8 +1364,6 @@ To add an ephemeral container, use the ephemeralcontainers subresource of an exi type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. - - - **securityContext.seccompProfile.localhostProfile** (string) @@ -1436,8 +1448,6 @@ To add an ephemeral container, use the ephemeralcontainers subresource of an exi - **ports.protocol** (string) Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". - - - **resources** (ResourceRequirements) @@ -1448,13 +1458,13 @@ To add an ephemeral container, use the ephemeralcontainers subresource of an exi - **resources.claims** ([]ResourceClaim) - *Set: unique values will be kept during a merge* + *Map: unique values on key name will be kept during a merge* Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. + This field is immutable. It can only be set for containers. *ResourceClaim references one entry in PodSpec.ResourceClaims.* @@ -1469,7 +1479,7 @@ To add an ephemeral container, use the ephemeralcontainers subresource of an exi - **resources.requests** (map[string]}}">Quantity) - Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - **lifecycle** (Lifecycle) @@ -1557,8 +1567,6 @@ LifecycleHandler defines a specific action that should be taken in a lifecycle h - **httpGet.scheme** (string) Scheme to use for connecting to the host. Defaults to HTTP. - - - **tcpSocket** (TCPSocketAction) @@ -1831,8 +1839,6 @@ Probe describes a health check to be performed against a container to determine - **httpGet.scheme** (string) Scheme to use for connecting to the host. Defaults to HTTP. - - - **tcpSocket** (TCPSocketAction) @@ -1878,7 +1884,7 @@ Probe describes a health check to be performed against a container to determine - **grpc** (GRPCAction) - GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate. + GRPC specifies an action involving a GRPC port. ** @@ -1925,8 +1931,6 @@ PodStatus represents information about the status of a pod. Status may trail the Pending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase - - - **message** (string) @@ -1996,9 +2000,7 @@ PodStatus represents information about the status of a pod. Status may trail the - **qosClass** (string) - The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md - - + The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes - **initContainerStatuses** ([]ContainerStatus) @@ -2007,188 +2009,6 @@ PodStatus represents information about the status of a pod. Status may trail the *ContainerStatus contains details for the current status of this container.* - - **initContainerStatuses.name** (string), required - - This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated. - - - **initContainerStatuses.image** (string), required - - The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images. - - - **initContainerStatuses.imageID** (string), required - - ImageID of the container's image. - - - **initContainerStatuses.containerID** (string) - - Container's ID in the format '\://\'. - - - **initContainerStatuses.state** (ContainerState) - - Details about the container's current condition. - - - *ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.* - - - **initContainerStatuses.state.running** (ContainerStateRunning) - - Details about a running container - - - *ContainerStateRunning is a running state of a container.* - - - **initContainerStatuses.state.running.startedAt** (Time) - - Time at which the container was last (re-)started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **initContainerStatuses.state.terminated** (ContainerStateTerminated) - - Details about a terminated container - - - *ContainerStateTerminated is a terminated state of a container.* - - - **initContainerStatuses.state.terminated.containerID** (string) - - Container's ID in the format '\://\' - - - **initContainerStatuses.state.terminated.exitCode** (int32), required - - Exit status from the last termination of the container - - - **initContainerStatuses.state.terminated.startedAt** (Time) - - Time at which previous execution of the container started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **initContainerStatuses.state.terminated.finishedAt** (Time) - - Time at which the container last terminated - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **initContainerStatuses.state.terminated.message** (string) - - Message regarding the last termination of the container - - - **initContainerStatuses.state.terminated.reason** (string) - - (brief) reason from the last termination of the container - - - **initContainerStatuses.state.terminated.signal** (int32) - - Signal from the last termination of the container - - - **initContainerStatuses.state.waiting** (ContainerStateWaiting) - - Details about a waiting container - - - *ContainerStateWaiting is a waiting state of a container.* - - - **initContainerStatuses.state.waiting.message** (string) - - Message regarding why the container is not yet running. - - - **initContainerStatuses.state.waiting.reason** (string) - - (brief) reason the container is not yet running. - - - **initContainerStatuses.lastState** (ContainerState) - - Details about the container's last termination condition. - - - *ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.* - - - **initContainerStatuses.lastState.running** (ContainerStateRunning) - - Details about a running container - - - *ContainerStateRunning is a running state of a container.* - - - **initContainerStatuses.lastState.running.startedAt** (Time) - - Time at which the container was last (re-)started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **initContainerStatuses.lastState.terminated** (ContainerStateTerminated) - - Details about a terminated container - - - *ContainerStateTerminated is a terminated state of a container.* - - - **initContainerStatuses.lastState.terminated.containerID** (string) - - Container's ID in the format '\://\' - - - **initContainerStatuses.lastState.terminated.exitCode** (int32), required - - Exit status from the last termination of the container - - - **initContainerStatuses.lastState.terminated.startedAt** (Time) - - Time at which previous execution of the container started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **initContainerStatuses.lastState.terminated.finishedAt** (Time) - - Time at which the container last terminated - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **initContainerStatuses.lastState.terminated.message** (string) - - Message regarding the last termination of the container - - - **initContainerStatuses.lastState.terminated.reason** (string) - - (brief) reason from the last termination of the container - - - **initContainerStatuses.lastState.terminated.signal** (int32) - - Signal from the last termination of the container - - - **initContainerStatuses.lastState.waiting** (ContainerStateWaiting) - - Details about a waiting container - - - *ContainerStateWaiting is a waiting state of a container.* - - - **initContainerStatuses.lastState.waiting.message** (string) - - Message regarding why the container is not yet running. - - - **initContainerStatuses.lastState.waiting.reason** (string) - - (brief) reason the container is not yet running. - - - **initContainerStatuses.ready** (boolean), required - - Specifies whether the container has passed its readiness probe. - - - **initContainerStatuses.restartCount** (int32), required - - The number of times the container has been restarted. - - - **initContainerStatuses.started** (boolean) - - Specifies whether the container has passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. Is always true when no startupProbe is defined. - - **containerStatuses** ([]ContainerStatus) The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status @@ -2196,188 +2016,6 @@ PodStatus represents information about the status of a pod. Status may trail the *ContainerStatus contains details for the current status of this container.* - - **containerStatuses.name** (string), required - - This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated. - - - **containerStatuses.image** (string), required - - The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images. - - - **containerStatuses.imageID** (string), required - - ImageID of the container's image. - - - **containerStatuses.containerID** (string) - - Container's ID in the format '\://\'. - - - **containerStatuses.state** (ContainerState) - - Details about the container's current condition. - - - *ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.* - - - **containerStatuses.state.running** (ContainerStateRunning) - - Details about a running container - - - *ContainerStateRunning is a running state of a container.* - - - **containerStatuses.state.running.startedAt** (Time) - - Time at which the container was last (re-)started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **containerStatuses.state.terminated** (ContainerStateTerminated) - - Details about a terminated container - - - *ContainerStateTerminated is a terminated state of a container.* - - - **containerStatuses.state.terminated.containerID** (string) - - Container's ID in the format '\://\' - - - **containerStatuses.state.terminated.exitCode** (int32), required - - Exit status from the last termination of the container - - - **containerStatuses.state.terminated.startedAt** (Time) - - Time at which previous execution of the container started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **containerStatuses.state.terminated.finishedAt** (Time) - - Time at which the container last terminated - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **containerStatuses.state.terminated.message** (string) - - Message regarding the last termination of the container - - - **containerStatuses.state.terminated.reason** (string) - - (brief) reason from the last termination of the container - - - **containerStatuses.state.terminated.signal** (int32) - - Signal from the last termination of the container - - - **containerStatuses.state.waiting** (ContainerStateWaiting) - - Details about a waiting container - - - *ContainerStateWaiting is a waiting state of a container.* - - - **containerStatuses.state.waiting.message** (string) - - Message regarding why the container is not yet running. - - - **containerStatuses.state.waiting.reason** (string) - - (brief) reason the container is not yet running. - - - **containerStatuses.lastState** (ContainerState) - - Details about the container's last termination condition. - - - *ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.* - - - **containerStatuses.lastState.running** (ContainerStateRunning) - - Details about a running container - - - *ContainerStateRunning is a running state of a container.* - - - **containerStatuses.lastState.running.startedAt** (Time) - - Time at which the container was last (re-)started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **containerStatuses.lastState.terminated** (ContainerStateTerminated) - - Details about a terminated container - - - *ContainerStateTerminated is a terminated state of a container.* - - - **containerStatuses.lastState.terminated.containerID** (string) - - Container's ID in the format '\://\' - - - **containerStatuses.lastState.terminated.exitCode** (int32), required - - Exit status from the last termination of the container - - - **containerStatuses.lastState.terminated.startedAt** (Time) - - Time at which previous execution of the container started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **containerStatuses.lastState.terminated.finishedAt** (Time) - - Time at which the container last terminated - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **containerStatuses.lastState.terminated.message** (string) - - Message regarding the last termination of the container - - - **containerStatuses.lastState.terminated.reason** (string) - - (brief) reason from the last termination of the container - - - **containerStatuses.lastState.terminated.signal** (int32) - - Signal from the last termination of the container - - - **containerStatuses.lastState.waiting** (ContainerStateWaiting) - - Details about a waiting container - - - *ContainerStateWaiting is a waiting state of a container.* - - - **containerStatuses.lastState.waiting.message** (string) - - Message regarding why the container is not yet running. - - - **containerStatuses.lastState.waiting.reason** (string) - - (brief) reason the container is not yet running. - - - **containerStatuses.ready** (boolean), required - - Specifies whether the container has passed its readiness probe. - - - **containerStatuses.restartCount** (int32), required - - The number of times the container has been restarted. - - - **containerStatuses.started** (boolean) - - Specifies whether the container has passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. Is always true when no startupProbe is defined. - - **ephemeralContainerStatuses** ([]ContainerStatus) Status for any ephemeral containers that have run in this pod. @@ -2385,187 +2023,9 @@ PodStatus represents information about the status of a pod. Status may trail the *ContainerStatus contains details for the current status of this container.* - - **ephemeralContainerStatuses.name** (string), required +- **resize** (string) - This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated. - - - **ephemeralContainerStatuses.image** (string), required - - The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images. - - - **ephemeralContainerStatuses.imageID** (string), required - - ImageID of the container's image. - - - **ephemeralContainerStatuses.containerID** (string) - - Container's ID in the format '\://\'. - - - **ephemeralContainerStatuses.state** (ContainerState) - - Details about the container's current condition. - - - *ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.* - - - **ephemeralContainerStatuses.state.running** (ContainerStateRunning) - - Details about a running container - - - *ContainerStateRunning is a running state of a container.* - - - **ephemeralContainerStatuses.state.running.startedAt** (Time) - - Time at which the container was last (re-)started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **ephemeralContainerStatuses.state.terminated** (ContainerStateTerminated) - - Details about a terminated container - - - *ContainerStateTerminated is a terminated state of a container.* - - - **ephemeralContainerStatuses.state.terminated.containerID** (string) - - Container's ID in the format '\://\' - - - **ephemeralContainerStatuses.state.terminated.exitCode** (int32), required - - Exit status from the last termination of the container - - - **ephemeralContainerStatuses.state.terminated.startedAt** (Time) - - Time at which previous execution of the container started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **ephemeralContainerStatuses.state.terminated.finishedAt** (Time) - - Time at which the container last terminated - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **ephemeralContainerStatuses.state.terminated.message** (string) - - Message regarding the last termination of the container - - - **ephemeralContainerStatuses.state.terminated.reason** (string) - - (brief) reason from the last termination of the container - - - **ephemeralContainerStatuses.state.terminated.signal** (int32) - - Signal from the last termination of the container - - - **ephemeralContainerStatuses.state.waiting** (ContainerStateWaiting) - - Details about a waiting container - - - *ContainerStateWaiting is a waiting state of a container.* - - - **ephemeralContainerStatuses.state.waiting.message** (string) - - Message regarding why the container is not yet running. - - - **ephemeralContainerStatuses.state.waiting.reason** (string) - - (brief) reason the container is not yet running. - - - **ephemeralContainerStatuses.lastState** (ContainerState) - - Details about the container's last termination condition. - - - *ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.* - - - **ephemeralContainerStatuses.lastState.running** (ContainerStateRunning) - - Details about a running container - - - *ContainerStateRunning is a running state of a container.* - - - **ephemeralContainerStatuses.lastState.running.startedAt** (Time) - - Time at which the container was last (re-)started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **ephemeralContainerStatuses.lastState.terminated** (ContainerStateTerminated) - - Details about a terminated container - - - *ContainerStateTerminated is a terminated state of a container.* - - - **ephemeralContainerStatuses.lastState.terminated.containerID** (string) - - Container's ID in the format '\://\' - - - **ephemeralContainerStatuses.lastState.terminated.exitCode** (int32), required - - Exit status from the last termination of the container - - - **ephemeralContainerStatuses.lastState.terminated.startedAt** (Time) - - Time at which previous execution of the container started - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **ephemeralContainerStatuses.lastState.terminated.finishedAt** (Time) - - Time at which the container last terminated - - - *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* - - - **ephemeralContainerStatuses.lastState.terminated.message** (string) - - Message regarding the last termination of the container - - - **ephemeralContainerStatuses.lastState.terminated.reason** (string) - - (brief) reason from the last termination of the container - - - **ephemeralContainerStatuses.lastState.terminated.signal** (int32) - - Signal from the last termination of the container - - - **ephemeralContainerStatuses.lastState.waiting** (ContainerStateWaiting) - - Details about a waiting container - - - *ContainerStateWaiting is a waiting state of a container.* - - - **ephemeralContainerStatuses.lastState.waiting.message** (string) - - Message regarding why the container is not yet running. - - - **ephemeralContainerStatuses.lastState.waiting.reason** (string) - - (brief) reason the container is not yet running. - - - **ephemeralContainerStatuses.ready** (boolean), required - - Specifies whether the container has passed its readiness probe. - - - **ephemeralContainerStatuses.restartCount** (int32), required - - The number of times the container has been restarted. - - - **ephemeralContainerStatuses.started** (boolean) - - Specifies whether the container has passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. Is always true when no startupProbe is defined. + Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to "Proposed" @@ -2834,6 +2294,11 @@ GET /api/v1/namespaces/{namespace}/pods }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -2902,6 +2367,11 @@ GET /api/v1/pods }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -3442,6 +2912,11 @@ DELETE /api/v1/namespaces/{namespace}/pods }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/priority-class-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/priority-class-v1.md index d3faa756960..5afb617faba 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/priority-class-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/priority-class-v1.md @@ -44,7 +44,7 @@ PriorityClass defines mapping from a priority class name to the priority integer - **value** (int32), required - The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec. + value represents the integer value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec. - **description** (string) @@ -56,7 +56,7 @@ PriorityClass defines mapping from a priority class name to the priority integer - **preemptionPolicy** (string) - PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset. + preemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset. @@ -174,6 +174,11 @@ GET /apis/scheduling.k8s.io/v1/priorityclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -459,6 +464,11 @@ DELETE /apis/scheduling.k8s.io/v1/priorityclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/replica-set-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/replica-set-v1.md index 6745c9ef18b..5c6040313cd 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/replica-set-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/replica-set-v1.md @@ -297,6 +297,11 @@ GET /apis/apps/v1/namespaces/{namespace}/replicasets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -365,6 +370,11 @@ GET /apis/apps/v1/replicasets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -790,6 +800,11 @@ DELETE /apis/apps/v1/namespaces/{namespace}/replicasets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/replication-controller-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/replication-controller-v1.md index c07094341c3..b0bb72eaeda 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/replication-controller-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/replication-controller-v1.md @@ -66,7 +66,7 @@ ReplicationControllerSpec is the specification of a replication controller. - **template** (}}">PodTemplateSpec) - Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template + Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is "Always". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template - **replicas** (int32) @@ -297,6 +297,11 @@ GET /api/v1/namespaces/{namespace}/replicationcontrollers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -365,6 +370,11 @@ GET /api/v1/replicationcontrollers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -790,6 +800,11 @@ DELETE /api/v1/namespaces/{namespace}/replicationcontrollers }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-template-v1alpha1.md b/content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-template-v1alpha2.md similarity index 84% rename from content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-template-v1alpha1.md rename to content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-template-v1alpha2.md index 61dbcbfe4d3..ed1d6b7104f 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-template-v1alpha1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-template-v1alpha2.md @@ -1,11 +1,11 @@ --- api_metadata: - apiVersion: "resource.k8s.io/v1alpha1" - import: "k8s.io/api/resource/v1alpha1" + apiVersion: "resource.k8s.io/v1alpha2" + import: "k8s.io/api/resource/v1alpha2" kind: "ResourceClaimTemplate" content_type: "api_reference" description: "ResourceClaimTemplate is used to produce ResourceClaim objects." -title: "ResourceClaimTemplate v1alpha1" +title: "ResourceClaimTemplate v1alpha2" weight: 16 auto_generated: true --- @@ -21,9 +21,9 @@ guide. You can file document formatting bugs against the [reference-docs](https://github.com/kubernetes-sigs/reference-docs/) project. --> -`apiVersion: resource.k8s.io/v1alpha1` +`apiVersion: resource.k8s.io/v1alpha2` -`import "k8s.io/api/resource/v1alpha1"` +`import "k8s.io/api/resource/v1alpha2"` ## ResourceClaimTemplate {#ResourceClaimTemplate} @@ -32,7 +32,7 @@ ResourceClaimTemplate is used to produce ResourceClaim objects.
    -- **apiVersion**: resource.k8s.io/v1alpha1 +- **apiVersion**: resource.k8s.io/v1alpha2 - **kind**: ResourceClaimTemplate @@ -42,7 +42,7 @@ ResourceClaimTemplate is used to produce ResourceClaim objects. Standard object metadata -- **spec** (}}">ResourceClaimTemplateSpec), required +- **spec** (}}">ResourceClaimTemplateSpec), required Describes the ResourceClaim that is to be generated. @@ -58,7 +58,7 @@ ResourceClaimTemplateSpec contains the metadata and fields for a ResourceClaim.
    -- **spec** (}}">ResourceClaimSpec), required +- **spec** (}}">ResourceClaimSpec), required Spec for the ResourceClaim. The entire content is copied unchanged into the ResourceClaim that gets created from this template. The same fields as in a ResourceClaim are also valid here. @@ -76,7 +76,7 @@ ResourceClaimTemplateList is a collection of claim templates.
    -- **apiVersion**: resource.k8s.io/v1alpha1 +- **apiVersion**: resource.k8s.io/v1alpha2 - **kind**: ResourceClaimTemplateList @@ -86,7 +86,7 @@ ResourceClaimTemplateList is a collection of claim templates. Standard list metadata -- **items** ([]}}">ResourceClaimTemplate), required +- **items** ([]}}">ResourceClaimTemplate), required Items is the list of resource claim templates. @@ -109,7 +109,7 @@ ResourceClaimTemplateList is a collection of claim templates. #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates/{name} +GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name} #### Parameters @@ -133,7 +133,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates #### Response -200 (}}">ResourceClaimTemplate): OK +200 (}}">ResourceClaimTemplate): OK 401: Unauthorized @@ -142,7 +142,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates +GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates #### Parameters @@ -192,6 +192,11 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -206,7 +211,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates #### Response -200 (}}">ResourceClaimTemplateList): OK +200 (}}">ResourceClaimTemplateList): OK 401: Unauthorized @@ -215,7 +220,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/resourceclaimtemplates +GET /apis/resource.k8s.io/v1alpha2/resourceclaimtemplates #### Parameters @@ -260,6 +265,11 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclaimtemplates }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -274,7 +284,7 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclaimtemplates #### Response -200 (}}">ResourceClaimTemplateList): OK +200 (}}">ResourceClaimTemplateList): OK 401: Unauthorized @@ -283,7 +293,7 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclaimtemplates #### HTTP Request -POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates +POST /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates #### Parameters @@ -293,7 +303,7 @@ POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplate }}">namespace -- **body**: }}">ResourceClaimTemplate, required +- **body**: }}">ResourceClaimTemplate, required @@ -322,11 +332,11 @@ POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplate #### Response -200 (}}">ResourceClaimTemplate): OK +200 (}}">ResourceClaimTemplate): OK -201 (}}">ResourceClaimTemplate): Created +201 (}}">ResourceClaimTemplate): Created -202 (}}">ResourceClaimTemplate): Accepted +202 (}}">ResourceClaimTemplate): Accepted 401: Unauthorized @@ -335,7 +345,7 @@ POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplate #### HTTP Request -PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates/{name} +PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name} #### Parameters @@ -350,7 +360,7 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates }}">namespace -- **body**: }}">ResourceClaimTemplate, required +- **body**: }}">ResourceClaimTemplate, required @@ -379,9 +389,9 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates #### Response -200 (}}">ResourceClaimTemplate): OK +200 (}}">ResourceClaimTemplate): OK -201 (}}">ResourceClaimTemplate): Created +201 (}}">ResourceClaimTemplate): Created 401: Unauthorized @@ -390,7 +400,7 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates #### HTTP Request -PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates/{name} +PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name} #### Parameters @@ -439,9 +449,9 @@ PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplat #### Response -200 (}}">ResourceClaimTemplate): OK +200 (}}">ResourceClaimTemplate): OK -201 (}}">ResourceClaimTemplate): Created +201 (}}">ResourceClaimTemplate): Created 401: Unauthorized @@ -450,7 +460,7 @@ PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplat #### HTTP Request -DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates/{name} +DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name} #### Parameters @@ -494,9 +504,9 @@ DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtempla #### Response -200 (}}">ResourceClaimTemplate): OK +200 (}}">ResourceClaimTemplate): OK -202 (}}">ResourceClaimTemplate): Accepted +202 (}}">ResourceClaimTemplate): Accepted 401: Unauthorized @@ -505,7 +515,7 @@ DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtempla #### HTTP Request -DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtemplates +DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates #### Parameters @@ -570,6 +580,11 @@ DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaimtempla }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-v1alpha1.md b/content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-v1alpha2.md similarity index 80% rename from content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-v1alpha1.md rename to content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-v1alpha2.md index 0f435c9721a..24b8419a5ee 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-v1alpha1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/resource-claim-v1alpha2.md @@ -1,11 +1,11 @@ --- api_metadata: - apiVersion: "resource.k8s.io/v1alpha1" - import: "k8s.io/api/resource/v1alpha1" + apiVersion: "resource.k8s.io/v1alpha2" + import: "k8s.io/api/resource/v1alpha2" kind: "ResourceClaim" content_type: "api_reference" description: "ResourceClaim describes which resources are needed by a resource consumer." -title: "ResourceClaim v1alpha1" +title: "ResourceClaim v1alpha2" weight: 15 auto_generated: true --- @@ -21,9 +21,9 @@ guide. You can file document formatting bugs against the [reference-docs](https://github.com/kubernetes-sigs/reference-docs/) project. --> -`apiVersion: resource.k8s.io/v1alpha1` +`apiVersion: resource.k8s.io/v1alpha2` -`import "k8s.io/api/resource/v1alpha1"` +`import "k8s.io/api/resource/v1alpha2"` ## ResourceClaim {#ResourceClaim} @@ -34,7 +34,7 @@ This is an alpha type and requires enabling the DynamicResourceAllocation featur
    -- **apiVersion**: resource.k8s.io/v1alpha1 +- **apiVersion**: resource.k8s.io/v1alpha2 - **kind**: ResourceClaim @@ -44,11 +44,11 @@ This is an alpha type and requires enabling the DynamicResourceAllocation featur Standard object metadata -- **spec** (}}">ResourceClaimSpec), required +- **spec** (}}">ResourceClaimSpec), required Spec describes the desired attributes of a resource that then needs to be allocated. It can only be set once when creating the ResourceClaim. -- **status** (}}">ResourceClaimStatus) +- **status** (}}">ResourceClaimStatus) Status describes whether the resource is available and with which attributes. @@ -103,14 +103,14 @@ ResourceClaimStatus tracks whether the resource has been allocated and what the - **allocation** (AllocationResult) - Allocation is set by the resource driver once a resource has been allocated successfully. If this is not specified, the resource is not yet allocated. + Allocation is set by the resource driver once a resource or set of resources has been allocated successfully. If this is not specified, the resources have not been allocated yet. - *AllocationResult contains attributed of an allocated resource.* + *AllocationResult contains attributes of an allocated resource.* - **allocation.availableOnNodes** (NodeSelector) - This field will get set by the resource driver after it has allocated the resource driver to inform the scheduler where it can schedule Pods using the ResourceClaim. + This field will get set by the resource driver after it has allocated the resource to inform the scheduler where it can schedule Pods using the ResourceClaim. Setting this field is optional. If null, the resource is available everywhere. @@ -132,11 +132,26 @@ ResourceClaimStatus tracks whether the resource has been allocated and what the A list of node selector requirements by node's fields. - - **allocation.resourceHandle** (string) + - **allocation.resourceHandles** ([]ResourceHandle) - ResourceHandle contains arbitrary data returned by the driver after a successful allocation. This is opaque for Kubernetes. Driver documentation may explain to users how to interpret this data if needed. + *Atomic: will be replaced during a merge* - The maximum size of this field is 16KiB. This may get increased in the future, but not reduced. + ResourceHandles contain the state associated with an allocation that should be maintained throughout the lifetime of a claim. Each ResourceHandle contains data that should be passed to a specific kubelet plugin once it lands on a node. This data is returned by the driver after a successful allocation and is opaque to Kubernetes. Driver documentation may explain to users how to interpret this data if needed. + + Setting this field is optional. It has a maximum size of 32 entries. If null (or empty), it is assumed this allocation will be processed by a single kubelet plugin with no ResourceHandle data attached. The name of the kubelet plugin invoked will match the DriverName set in the ResourceClaimStatus this AllocationResult is embedded in. + + + *ResourceHandle holds opaque resource data for processing by a specific kubelet plugin.* + + - **allocation.resourceHandles.data** (string) + + Data contains the opaque data associated with this ResourceHandle. It is set by the controller component of the resource driver whose name matches the DriverName set in the ResourceClaimStatus this ResourceHandle is embedded in. It is set at allocation time and is intended for processing by the kubelet plugin whose name matches the DriverName set in this ResourceHandle. + + The maximum size of this field is 16KiB. This may get increased in the future, but not reduced. + + - **allocation.resourceHandles.driverName** (string) + + DriverName specifies the name of the resource driver whose kubelet plugin should be invoked to process this ResourceHandle's data once it lands on a node. This may differ from the DriverName set in ResourceClaimStatus this ResourceHandle is embedded in. - **allocation.shareable** (boolean) @@ -156,7 +171,7 @@ ResourceClaimStatus tracks whether the resource has been allocated and what the - **reservedFor** ([]ResourceClaimConsumerReference) - *Set: unique values will be kept during a merge* + *Map: unique values on key uid will be kept during a merge* ReservedFor indicates which entities are currently allowed to use the claim. A Pod which references a ResourceClaim which is not reserved for that Pod will not be started. @@ -191,7 +206,7 @@ ResourceClaimList is a collection of claims.
    -- **apiVersion**: resource.k8s.io/v1alpha1 +- **apiVersion**: resource.k8s.io/v1alpha2 - **kind**: ResourceClaimList @@ -201,7 +216,7 @@ ResourceClaimList is a collection of claims. Standard list metadata -- **items** ([]}}">ResourceClaim), required +- **items** ([]}}">ResourceClaim), required Items is the list of resource claims. @@ -224,7 +239,7 @@ ResourceClaimList is a collection of claims. #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} +GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name} #### Parameters @@ -248,7 +263,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} #### Response -200 (}}">ResourceClaim): OK +200 (}}">ResourceClaim): OK 401: Unauthorized @@ -257,7 +272,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/status +GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status #### Parameters @@ -281,7 +296,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/ #### Response -200 (}}">ResourceClaim): OK +200 (}}">ResourceClaim): OK 401: Unauthorized @@ -290,7 +305,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/ #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims +GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims #### Parameters @@ -340,6 +355,11 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -354,7 +374,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims #### Response -200 (}}">ResourceClaimList): OK +200 (}}">ResourceClaimList): OK 401: Unauthorized @@ -363,7 +383,7 @@ GET /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/resourceclaims +GET /apis/resource.k8s.io/v1alpha2/resourceclaims #### Parameters @@ -408,6 +428,11 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclaims }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -422,7 +447,7 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclaims #### Response -200 (}}">ResourceClaimList): OK +200 (}}">ResourceClaimList): OK 401: Unauthorized @@ -431,7 +456,7 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclaims #### HTTP Request -POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims +POST /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims #### Parameters @@ -441,7 +466,7 @@ POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims }}">namespace -- **body**: }}">ResourceClaim, required +- **body**: }}">ResourceClaim, required @@ -470,11 +495,11 @@ POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims #### Response -200 (}}">ResourceClaim): OK +200 (}}">ResourceClaim): OK -201 (}}">ResourceClaim): Created +201 (}}">ResourceClaim): Created -202 (}}">ResourceClaim): Accepted +202 (}}">ResourceClaim): Accepted 401: Unauthorized @@ -483,7 +508,7 @@ POST /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims #### HTTP Request -PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} +PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name} #### Parameters @@ -498,7 +523,7 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} }}">namespace -- **body**: }}">ResourceClaim, required +- **body**: }}">ResourceClaim, required @@ -527,9 +552,9 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} #### Response -200 (}}">ResourceClaim): OK +200 (}}">ResourceClaim): OK -201 (}}">ResourceClaim): Created +201 (}}">ResourceClaim): Created 401: Unauthorized @@ -538,7 +563,7 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} #### HTTP Request -PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/status +PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status #### Parameters @@ -553,7 +578,7 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/ }}">namespace -- **body**: }}">ResourceClaim, required +- **body**: }}">ResourceClaim, required @@ -582,9 +607,9 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/ #### Response -200 (}}">ResourceClaim): OK +200 (}}">ResourceClaim): OK -201 (}}">ResourceClaim): Created +201 (}}">ResourceClaim): Created 401: Unauthorized @@ -593,7 +618,7 @@ PUT /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/ #### HTTP Request -PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} +PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name} #### Parameters @@ -642,9 +667,9 @@ PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name #### Response -200 (}}">ResourceClaim): OK +200 (}}">ResourceClaim): OK -201 (}}">ResourceClaim): Created +201 (}}">ResourceClaim): Created 401: Unauthorized @@ -653,7 +678,7 @@ PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name #### HTTP Request -PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name}/status +PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status #### Parameters @@ -702,9 +727,9 @@ PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name #### Response -200 (}}">ResourceClaim): OK +200 (}}">ResourceClaim): OK -201 (}}">ResourceClaim): Created +201 (}}">ResourceClaim): Created 401: Unauthorized @@ -713,7 +738,7 @@ PATCH /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name #### HTTP Request -DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{name} +DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name} #### Parameters @@ -757,9 +782,9 @@ DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{nam #### Response -200 (}}">ResourceClaim): OK +200 (}}">ResourceClaim): OK -202 (}}">ResourceClaim): Accepted +202 (}}">ResourceClaim): Accepted 401: Unauthorized @@ -768,7 +793,7 @@ DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims/{nam #### HTTP Request -DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims +DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims #### Parameters @@ -833,6 +858,11 @@ DELETE /apis/resource.k8s.io/v1alpha1/namespaces/{namespace}/resourceclaims }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/resource-class-v1alpha1.md b/content/en/docs/reference/kubernetes-api/workload-resources/resource-class-v1alpha2.md similarity index 87% rename from content/en/docs/reference/kubernetes-api/workload-resources/resource-class-v1alpha1.md rename to content/en/docs/reference/kubernetes-api/workload-resources/resource-class-v1alpha2.md index e06ae249913..8e3c5a50da5 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/resource-class-v1alpha1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/resource-class-v1alpha2.md @@ -1,11 +1,11 @@ --- api_metadata: - apiVersion: "resource.k8s.io/v1alpha1" - import: "k8s.io/api/resource/v1alpha1" + apiVersion: "resource.k8s.io/v1alpha2" + import: "k8s.io/api/resource/v1alpha2" kind: "ResourceClass" content_type: "api_reference" description: "ResourceClass is used by administrators to influence how resources are allocated." -title: "ResourceClass v1alpha1" +title: "ResourceClass v1alpha2" weight: 17 auto_generated: true --- @@ -21,9 +21,9 @@ guide. You can file document formatting bugs against the [reference-docs](https://github.com/kubernetes-sigs/reference-docs/) project. --> -`apiVersion: resource.k8s.io/v1alpha1` +`apiVersion: resource.k8s.io/v1alpha2` -`import "k8s.io/api/resource/v1alpha1"` +`import "k8s.io/api/resource/v1alpha2"` ## ResourceClass {#ResourceClass} @@ -34,7 +34,7 @@ This is an alpha type and requires enabling the DynamicResourceAllocation featur
    -- **apiVersion**: resource.k8s.io/v1alpha1 +- **apiVersion**: resource.k8s.io/v1alpha2 - **kind**: ResourceClass @@ -107,7 +107,7 @@ ResourceClassList is a collection of classes.
    -- **apiVersion**: resource.k8s.io/v1alpha1 +- **apiVersion**: resource.k8s.io/v1alpha2 - **kind**: ResourceClassList @@ -117,7 +117,7 @@ ResourceClassList is a collection of classes. Standard list metadata -- **items** ([]}}">ResourceClass), required +- **items** ([]}}">ResourceClass), required Items is the list of resource classes. @@ -140,7 +140,7 @@ ResourceClassList is a collection of classes. #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} +GET /apis/resource.k8s.io/v1alpha2/resourceclasses/{name} #### Parameters @@ -159,7 +159,7 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} #### Response -200 (}}">ResourceClass): OK +200 (}}">ResourceClass): OK 401: Unauthorized @@ -168,7 +168,7 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} #### HTTP Request -GET /apis/resource.k8s.io/v1alpha1/resourceclasses +GET /apis/resource.k8s.io/v1alpha2/resourceclasses #### Parameters @@ -213,6 +213,11 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -227,7 +232,7 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclasses #### Response -200 (}}">ResourceClassList): OK +200 (}}">ResourceClassList): OK 401: Unauthorized @@ -236,12 +241,12 @@ GET /apis/resource.k8s.io/v1alpha1/resourceclasses #### HTTP Request -POST /apis/resource.k8s.io/v1alpha1/resourceclasses +POST /apis/resource.k8s.io/v1alpha2/resourceclasses #### Parameters -- **body**: }}">ResourceClass, required +- **body**: }}">ResourceClass, required @@ -270,11 +275,11 @@ POST /apis/resource.k8s.io/v1alpha1/resourceclasses #### Response -200 (}}">ResourceClass): OK +200 (}}">ResourceClass): OK -201 (}}">ResourceClass): Created +201 (}}">ResourceClass): Created -202 (}}">ResourceClass): Accepted +202 (}}">ResourceClass): Accepted 401: Unauthorized @@ -283,7 +288,7 @@ POST /apis/resource.k8s.io/v1alpha1/resourceclasses #### HTTP Request -PUT /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} +PUT /apis/resource.k8s.io/v1alpha2/resourceclasses/{name} #### Parameters @@ -293,7 +298,7 @@ PUT /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} name of the ResourceClass -- **body**: }}">ResourceClass, required +- **body**: }}">ResourceClass, required @@ -322,9 +327,9 @@ PUT /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} #### Response -200 (}}">ResourceClass): OK +200 (}}">ResourceClass): OK -201 (}}">ResourceClass): Created +201 (}}">ResourceClass): Created 401: Unauthorized @@ -333,7 +338,7 @@ PUT /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} #### HTTP Request -PATCH /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} +PATCH /apis/resource.k8s.io/v1alpha2/resourceclasses/{name} #### Parameters @@ -377,9 +382,9 @@ PATCH /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} #### Response -200 (}}">ResourceClass): OK +200 (}}">ResourceClass): OK -201 (}}">ResourceClass): Created +201 (}}">ResourceClass): Created 401: Unauthorized @@ -388,7 +393,7 @@ PATCH /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} #### HTTP Request -DELETE /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} +DELETE /apis/resource.k8s.io/v1alpha2/resourceclasses/{name} #### Parameters @@ -427,9 +432,9 @@ DELETE /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} #### Response -200 (}}">ResourceClass): OK +200 (}}">ResourceClass): OK -202 (}}">ResourceClass): Accepted +202 (}}">ResourceClass): Accepted 401: Unauthorized @@ -438,7 +443,7 @@ DELETE /apis/resource.k8s.io/v1alpha1/resourceclasses/{name} #### HTTP Request -DELETE /apis/resource.k8s.io/v1alpha1/resourceclasses +DELETE /apis/resource.k8s.io/v1alpha2/resourceclasses #### Parameters @@ -498,6 +503,11 @@ DELETE /apis/resource.k8s.io/v1alpha1/resourceclasses }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/kubernetes-api/workload-resources/stateful-set-v1.md b/content/en/docs/reference/kubernetes-api/workload-resources/stateful-set-v1.md index 2e588e6f131..a106d18d27e 100644 --- a/content/en/docs/reference/kubernetes-api/workload-resources/stateful-set-v1.md +++ b/content/en/docs/reference/kubernetes-api/workload-resources/stateful-set-v1.md @@ -74,7 +74,7 @@ A StatefulSetSpec is the specification of a StatefulSet. - **template** (}}">PodTemplateSpec), required - template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format \-\. For example, a pod in a StatefulSet named "web" with index number "3" would be named "web-3". + template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format \-\. For example, a pod in a StatefulSet named "web" with index number "3" would be named "web-3". The only allowed template.spec.restartPolicy value is "Always". - **replicas** (int32) @@ -90,8 +90,6 @@ A StatefulSetSpec is the specification of a StatefulSet. - **updateStrategy.type** (string) Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. - - - **updateStrategy.rollingUpdate** (RollingUpdateStatefulSetStrategy) @@ -114,8 +112,6 @@ A StatefulSetSpec is the specification of a StatefulSet. - **podManagementPolicy** (string) podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once. - - - **revisionHistoryLimit** (int32) @@ -146,7 +142,7 @@ A StatefulSetSpec is the specification of a StatefulSet. - **ordinals** (StatefulSetOrdinals) - ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is alpha. + ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is beta. *StatefulSetOrdinals describes the policy used for replica ordinal assignment in this StatefulSet.* @@ -395,6 +391,11 @@ GET /apis/apps/v1/namespaces/{namespace}/statefulsets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -463,6 +464,11 @@ GET /apis/apps/v1/statefulsets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds @@ -888,6 +894,11 @@ DELETE /apis/apps/v1/namespaces/{namespace}/statefulsets }}">resourceVersionMatch +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + + - **timeoutSeconds** (*in query*): integer }}">timeoutSeconds diff --git a/content/en/docs/reference/labels-annotations-taints/_index.md b/content/en/docs/reference/labels-annotations-taints/_index.md index fd8b6f38018..0ef92685794 100644 --- a/content/en/docs/reference/labels-annotations-taints/_index.md +++ b/content/en/docs/reference/labels-annotations-taints/_index.md @@ -92,6 +92,69 @@ Common forms of values include: One of the [recommended labels](/docs/concepts/overview/working-with-objects/common-labels/#labels). +### applyset.kubernetes.io/additional-namespaces (alpha) {#applyset-kubernetes-io-additional-namespaces} + +Example: `applyset.kubernetes.io/additional-namespaces: "namespace1,namespace2"` + +Used on: Objects being used as ApplySet parents. + +Use of this annotation is alpha. +For Kubernetes version {{< skew currentVersion >}}, you can use this annotation on Secrets, ConfigMaps, or custom resources if the {{< glossary_tooltip term_id="CustomResourceDefinition" text="CustomResourceDefinition" >}} defining them has the `applyset.kubernetes.io/is-parent-type` label. + +Part of the specification used to implement [ApplySet-based pruning in kubectl](/docs/tasks/manage-kubernetes-objects/declarative-config/#alternative-kubectl-apply-f-directory-prune). This annotation is applied to the parent object used to track an ApplySet to extend the scope of the ApplySet beyond the parent object's own namespace (if any). The value is a comma-separated list of the names of namespaces other than the parent's namespace in which objects are found. + +### applyset.kubernetes.io/contains-group-resources (alpha) {#applyset-kubernetes-io-contains-group-resources} + +Example: `applyset.kubernetes.io/contains-group-resources: "certificates.cert-manager.io,configmaps,deployments.apps,secrets,services"` + +Used on: Objects being used as ApplySet parents. + +Use of this annotation is alpha. +For Kubernetes version {{< skew currentVersion >}}, you can use this annotation on Secrets, ConfigMaps, or custom resources if the {{< glossary_tooltip term_id="CustomResourceDefinition" text="CustomResourceDefinition" >}} defining them has the `applyset.kubernetes.io/is-parent-type` label. + +Part of the specification used to implement [ApplySet-based pruning in kubectl](/docs/tasks/manage-kubernetes-objects/declarative-config/#alternative-kubectl-apply-f-directory-prune). This annotation is applied to the parent object used to track an ApplySet to optimize listing of ApplySet member objects. It is optional in the ApplySet specification, as tools can perform discovery or use a different optimization. However, as of Kubernetes version {{< skew currentVersion >}}, it is required by kubectl. When present, the value of this annotation must be a comma separated list of the group-kinds, in the fully-qualified name format, i.e. `.`. + + +### applyset.kubernetes.io/id (alpha) {#applyset-kubernetes-io-id} + +Example: `applyset.kubernetes.io/id: "applyset-0eFHV8ySqp7XoShsGvyWFQD3s96yqwHmzc4e0HR1dsY-v1"` + +Used on: Objects being used as ApplySet parents. + +Use of this label is alpha. +For Kubernetes version {{< skew currentVersion >}}, you can use this label on Secrets, ConfigMaps, or custom resources if the {{< glossary_tooltip term_id="CustomResourceDefinition" text="CustomResourceDefinition" >}} defining them has the `applyset.kubernetes.io/is-parent-type` label. + +Part of the specification used to implement [ApplySet-based pruning in kubectl](/docs/tasks/manage-kubernetes-objects/declarative-config/#alternative-kubectl-apply-f-directory-prune). This label is what makes an object an ApplySet parent object. Its value is the unique ID of the ApplySet, which is derived from the identity of the parent object itself. This ID **must** be the base64 encoding (using the URL safe encoding of RFC4648) of the hash of the group-kind-name-namespace of the object it is on, in the form: `...))>`. There is no relation between the value of this label and object UIDs. + +### applyset.kubernetes.io/is-parent-type (alpha) {#applyset-kubernetes-io-is-parent-type} + +Example: `applyset.kubernetes.io/is-parent-type: "true"` + +Used on: Custom Resource Definition (CRD) + +Use of this label is alpha. +Part of the specification used to implement [ApplySet-based pruning in kubectl](/docs/tasks/manage-kubernetes-objects/declarative-config/#alternative-kubectl-apply-f-directory-prune). You can set this label on a {{< glossary_tooltip term_id="CustomResourceDefinition" text="CustomResourceDefinition" >}} (CRD) to identify the custom resource type it defines (not the CRD itself) as an allowed parent for an ApplySet. The only permitted value for this label is `"true"`; if you want to mark a CRD as not being a valid parent for ApplySets, omit this label. + +### applyset.kubernetes.io/part-of (alpha) {#applyset-kubernetes-io-part-of} + +Example: `applyset.kubernetes.io/part-of: "applyset-0eFHV8ySqp7XoShsGvyWFQD3s96yqwHmzc4e0HR1dsY-v1"` + +Used on: All objects. + +Use of this label is alpha. +Part of the specification used to implement [ApplySet-based pruning in kubectl](/docs/tasks/manage-kubernetes-objects/declarative-config/#alternative-kubectl-apply-f-directory-prune). This label is what makes an object a member of an ApplySet. The value of the label **must** match the value of the `applyset.kubernetes.io/id` label on the parent object. + +### applyset.kubernetes.io/tooling (alpha) {#applyset-kubernetes-io-tooling} + +Example: `applyset.kubernetes.io/tooling: "kubectl/v{{< skew currentVersion >}}"` + +Used on: Objects being used as ApplySet parents. + +Use of this annotation is alpha. +For Kubernetes version {{< skew currentVersion >}}, you can use this annotation on Secrets, ConfigMaps, or custom resources if the {{< glossary_tooltip term_id="CustomResourceDefinition" text="CustomResourceDefinition" >}} defining them has the `applyset.kubernetes.io/is-parent-type` label. + +Part of the specification used to implement [ApplySet-based pruning in kubectl](/docs/tasks/manage-kubernetes-objects/declarative-config/#alternative-kubectl-apply-f-directory-prune). This annotation is applied to the parent object used to track an ApplySet to indicate which tooling manages that ApplySet. Tooling should refuse to mutate ApplySets belonging to other tools. The value must be in the format `/`. + ### cluster-autoscaler.kubernetes.io/safe-to-evict Example: `cluster-autoscaler.kubernetes.io/safe-to-evict: "true"` @@ -276,9 +339,9 @@ Used on: ServiceAccount The value for this annotation must be **true** to take effect. This annotation indicates that pods running as this service account may only reference Secret API objects specified in the service account's `secrets` field. -### node.kubernetes.io/exclude-from-external-load-balancer +### node.kubernetes.io/exclude-from-external-load-balancers -Example: `node.kubernetes.io/exclude-from-external-load-balancer` +Example: `node.kubernetes.io/exclude-from-external-load-balancers` Used on: Node @@ -722,6 +785,47 @@ Kubernetes 1.27 and newer will ignore this annotation and always track Jobs using finalizers. {{< /note >}} +### job-name (deprecated) {#job-name} + +Example: `job-name: "pi"` + +Used on: Jobs and Pods controlled by Jobs + +{{< note >}} +Starting from Kubernetes 1.27, this label is deprecated. +Kubernetes 1.27 and newer ignore this label and use the prefixed `job-name` label. +{{< /note >}} + +### controller-uid (deprecated) {#controller-uid} + +Example: `controller-uid: "$UID"` + +Used on: Jobs and Pods controlled by Jobs + +{{< note >}} +Starting from Kubernetes 1.27, this label is deprecated. +Kubernetes 1.27 and newer ignore this label and use the prefixed `controller-uid` label. +{{< /note >}} + +### batch.kubernetes.io/job-name {#batchkubernetesio-job-name} + +Example: `batch.kubernetes.io/job-name: "pi"` + +Used on: Jobs and Pods controlled by Jobs + +This label is used as a user-friendly way to get Pods corresponding to a Job. +The `job-name` comes from the `name` of the Job and allows for an easy way to get Pods corresponding to the Job. + +### batch.kubernetes.io/controller-uid {#batchkubernetesio-controller-uid} + +Example: `batch.kubernetes.io/controller-uid: "$UID"` + +Used on: Jobs and Pods controlled by Jobs + +This label is used as a programmatic way to get all Pods corresponding to a Job. +The `controller-uid` is a unique identifer that gets set in the `selector` field so the Job controller +can get all the corresponding Pods. + ### scheduler.alpha.kubernetes.io/defaultTolerations {#scheduleralphakubernetesio-defaulttolerations} Example: `scheduler.alpha.kubernetes.io/defaultTolerations: '[{"operator": "Equal", "value": "value1", "effect": "NoSchedule", "key": "dedicated-node"}]'` @@ -916,23 +1020,19 @@ When the PodSecurityPolicy admission controller admitted a Pod, the admission co modified the Pod to have this annotation. The value of the annotation was the name of the PodSecurityPolicy that was used for validation. -### seccomp.security.alpha.kubernetes.io/pod (deprecated) {#seccomp-security-alpha-kubernetes-io-pod} +### seccomp.security.alpha.kubernetes.io/pod (non-functional) {#seccomp-security-alpha-kubernetes-io-pod} -This annotation has been deprecated since Kubernetes v1.19 and will become non-functional in a future release. -please use the corresponding pod or container `securityContext.seccompProfile` field instead. -To specify security settings for a Pod, include the `securityContext` field in the Pod specification. -The [`securityContext`](/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) field within a Pod's `.spec` defines pod-level security attributes. -When you [specify the security context for a Pod](/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod), -the settings you specify apply to all containers in that Pod. +Older versions of Kubernetes allowed you to configure seccomp +behavior using this {{< glossary_tooltip text="annotation" term_id="annotation" >}}. +See [Restrict a Container's Syscalls with seccomp](/docs/tutorials/security/seccomp/) to +learn the supported way to specify seccomp restrictions for a Pod. -### container.seccomp.security.alpha.kubernetes.io/[NAME] (deprecated) {#container-seccomp-security-alpha-kubernetes-io} +### container.seccomp.security.alpha.kubernetes.io/[NAME] (non-functional) {#container-seccomp-security-alpha-kubernetes-io} -This annotation has been deprecated since Kubernetes v1.19 and will become non-functional in a future release. -please use the corresponding pod or container `securityContext.seccompProfile` field instead. -The tutorial [Restrict a Container's Syscalls with seccomp](/docs/tutorials/security/seccomp/) takes -you through the steps you follow to apply a seccomp profile to a Pod or to one of -its containers. That tutorial covers the supported mechanism for configuring seccomp in Kubernetes, -based on setting `securityContext` within the Pod's `.spec`. +Older versions of Kubernetes allowed you to configure seccomp +behavior using this {{< glossary_tooltip text="annotation" term_id="annotation" >}}. +See [Restrict a Container's Syscalls with seccomp](/docs/tutorials/security/seccomp/) to +learn the supported way to specify seccomp restrictions for a Pod. ### snapshot.storage.kubernetes.io/allow-volume-mode-change diff --git a/content/en/docs/reference/labels-annotations-taints/audit-annotations.md b/content/en/docs/reference/labels-annotations-taints/audit-annotations.md index f950c6457e2..7c076132058 100644 --- a/content/en/docs/reference/labels-annotations-taints/audit-annotations.md +++ b/content/en/docs/reference/labels-annotations-taints/audit-annotations.md @@ -108,3 +108,25 @@ to ensure connections are secured properly and to avoid disruption in future rel There's more information about this in the Go documentation: [Rejecting SHA-1 certificates](https://go.dev/doc/go1.18#sha1). + +## validation.policy.admission.k8s.io/validation_failure + +Example: `validation.policy.admission.k8s.io/validation_failure: '[{"message": "Invalid value", {"policy": "policy.example.com", {"binding": "policybinding.example.com", {"expressionIndex": "1", {"validationActions": ["Audit"]}]'` + +Used by Kubernetes version v1.27 and later. + +This annotation indicates that a admission policy validation evaluted to false +for an API request, or that the validation resulted in an error while the policy +was configured with `failurePolicy: Fail`. + +The value of the annotation is a JSON object. The `message` in the JSON +provides the message about the validation failure. + +The `policy`, `binding` and `expressionIndex` in the JSON identifies the +name of the `ValidatingAdmissionPolicy`, the name of the +`ValidatingAdmissionPolicyBinding` and the index in the policy `validations` of +the CEL expressions that failed, respectively. + +The `validationActions` shows what actions were taken for this validation failure. +See [Validating Admission Policy](/docs/reference/access-authn-authz/validating-admission-policy/) +for more details about `validationActions`. diff --git a/content/en/docs/reference/networking/virtual-ips.md b/content/en/docs/reference/networking/virtual-ips.md index 670960f1710..25acc81c3e0 100644 --- a/content/en/docs/reference/networking/virtual-ips.md +++ b/content/en/docs/reference/networking/virtual-ips.md @@ -131,6 +131,26 @@ iptables: ... ``` +##### Performance optimization for `iptables` mode {#minimize-iptables-restore} + +{{< feature-state for_k8s_version="v1.27" state="beta" >}} + +In Kubernetes {{< skew currentVersion >}} the kube-proxy defaults to a minimal approach +to `iptables-restore` operations, only making updates where Services or EndpointSlices have +actually changed. This is a performance optimization. +The original implementation updated all the rules for all Services on every sync; this +sometimes led to performance issues (update lag) in large clusters. + +If you are not running kube-proxy from Kubernetes {{< skew currentVersion >}}, check +the behavior and associated advice for the version that you are actually running. + +If you were previously overriding `minSyncPeriod`, you should try +removing that override and letting kube-proxy use the default value +(`1s`) or at least a smaller value than you were using before upgrading. +You can select the legacy behavior by disabling the `MinimizeIPTablesRestore` +[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) +(you should not need to). + ##### `minSyncPeriod` The `minSyncPeriod` parameter sets the minimum duration between @@ -142,7 +162,7 @@ things change in a small time period. For example, if you have a Service backed by a {{< glossary_tooltip term_id="deployment" text="Deployment" >}} with 100 pods, and you delete the Deployment, then with `minSyncPeriod: 0s`, kube-proxy would end up -removing the Service's Endpoints from the iptables rules one by one, +removing the Service's endpoints from the iptables rules one by one, for a total of 100 updates. With a larger `minSyncPeriod`, multiple Pod deletion events would get aggregated together, so kube-proxy might @@ -154,20 +174,19 @@ The larger the value of `minSyncPeriod`, the more work that can be aggregated, but the downside is that each individual change may end up waiting up to the full `minSyncPeriod` before being processed, meaning that the iptables rules spend more time being out-of-sync with the -current apiserver state. +current API server state. -The default value of `1s` is a good compromise for small and medium -clusters. In large clusters, it may be necessary to set it to a larger -value. (Especially, if kube-proxy's -`sync_proxy_rules_duration_seconds` metric indicates an average -time much larger than 1 second, then bumping up `minSyncPeriod` may -make updates more efficient.) +The default value of `1s` should work well in most clusters, but in very +large clusters it may be necessary to set it to a larger value. +Especially, if kube-proxy's `sync_proxy_rules_duration_seconds` metric +indicates an average time much larger than 1 second, then bumping up +`minSyncPeriod` may make updates more efficient. ##### `syncPeriod` The `syncPeriod` parameter controls a handful of synchronization operations that are not directly related to changes in individual -Services and Endpoints. In particular, it controls how quickly +Services and EndpointSlices. In particular, it controls how quickly kube-proxy notices if an external component has interfered with kube-proxy's iptables rules. In large clusters, kube-proxy also only performs certain cleanup operations once every `syncPeriod` to avoid @@ -178,29 +197,6 @@ impact on performance, but in the past, it was sometimes useful to set it to a very large value (eg, `1h`). This is no longer recommended, and is likely to hurt functionality more than it improves performance. -##### Experimental performance improvements {#minimize-iptables-restore} - -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} - -In Kubernetes 1.26, some new performance improvements were made to the -iptables proxy mode, but they are not enabled by default (and should -probably not be enabled in production clusters yet). To try them out, -enable the `MinimizeIPTablesRestore` [feature -gate](/docs/reference/command-line-tools-reference/feature-gates/) for -kube-proxy with `--feature-gates=MinimizeIPTablesRestore=true,…`. - -If you enable that feature gate and -you were previously overriding -`minSyncPeriod`, you should try removing that override and letting -kube-proxy use the default value (`1s`) or at least a smaller value -than you were using before. - -If you notice kube-proxy's -`sync_proxy_rules_iptables_restore_failures_total` or -`sync_proxy_rules_iptables_partial_restore_failures_total` metrics -increasing after enabling this feature, that likely indicates you are -encountering bugs in the feature and you should file a bug report. - ### IPVS proxy mode {#proxy-mode-ipvs} In `ipvs` mode, kube-proxy watches Kubernetes Services and EndpointSlices, @@ -276,14 +272,16 @@ populated in terms of the Service's virtual IP address (and port). One of the primary philosophies of Kubernetes is that you should not be exposed to situations that could cause your actions to fail through no fault of your own. For the design of the Service resource, this means not making -you choose your own port number if that choice might collide with +you choose your own IP address if that choice might collide with someone else's choice. That is an isolation failure. -In order to allow you to choose a port number for your Services, we must +In order to allow you to choose an IP address for your Services, we must ensure that no two Services can collide. Kubernetes does that by allocating each Service its own IP address from within the `service-cluster-ip-range` CIDR range that is configured for the {{< glossary_tooltip term_id="kube-apiserver" text="API Server" >}}. +#### IP address allocation tracking + To ensure each Service receives a unique IP, an internal allocator atomically updates a global allocation map in {{< glossary_tooltip term_id="etcd" >}} prior to creating each Service. The map object must exist in the registry for @@ -296,6 +294,42 @@ in-memory locking). Kubernetes also uses controllers to check for invalid assignments (e.g. due to administrator intervention) and for cleaning up allocated IP addresses that are no longer used by any Services. +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} +If you enable the `MultiCIDRServiceAllocator` +[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) and the +[`networking.k8s.io/v1alpha1` API group](/docs/tasks/administer-cluster/enable-disable-api/), +the control plane replaces the existing etcd allocator with a new one, using IPAddress +objects instead of an internal global allocation map. The ClusterIP address +associated to each Service will have a referenced IPAddress object. + +The background controller is also replaced by a new one to handle the new IPAddress +objects and the migration from the old allocator model. + +One of the main benefits of the new allocator is that it removes the size limitations +for the `service-cluster-ip-range`, there is no limitations for IPv4 and for IPv6 +users can use masks equal or larger than /64 (previously it was /108). + +Users now will be able to inspect the IP addresses assigned to their Services, and +Kubernetes extensions such as the [Gateway](https://gateway-api.sigs.k8s.io/) API, can use this new +IPAddress object kind to enhance the Kubernetes networking capabilities, going beyond the limitations of +the built-in Service API. + +```shell +kubectl get services +``` +``` +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +kubernetes ClusterIP 2001:db8:1:2::1 443/TCP 3d1h +``` +```shell +kubectl get ipaddresses +``` +``` +NAME PARENTREF +2001:db8:1:2::1 services/default/kubernetes +2001:db8:1:2::a services/kube-system/kube-dns +``` + #### IP address ranges for Service virtual IP addresses {#service-ip-static-sub-range} {{< feature-state for_k8s_version="v1.25" state="beta" >}} diff --git a/content/en/docs/reference/scheduling/config.md b/content/en/docs/reference/scheduling/config.md index 86391158266..d1ba65585a9 100644 --- a/content/en/docs/reference/scheduling/config.md +++ b/content/en/docs/reference/scheduling/config.md @@ -20,8 +20,7 @@ by implementing one or more of these extension points. You can specify scheduling profiles by running `kube-scheduler --config `, using the -KubeSchedulerConfiguration ([v1beta3](/docs/reference/config-api/kube-scheduler-config.v1beta3/) -or [v1](/docs/reference/config-api/kube-scheduler-config.v1/)) +KubeSchedulerConfiguration [v1](/docs/reference/config-api/kube-scheduler-config.v1/) struct. A minimal configuration looks as follows: @@ -35,9 +34,10 @@ clientConnection: {{< note >}} KubeSchedulerConfiguration [v1beta2](/docs/reference/config-api/kube-scheduler-config.v1beta2/) - is deprecated in v1.25 and will be removed in v1.26. Please migrate KubeSchedulerConfiguration to - [v1beta3](/docs/reference/config-api/kube-scheduler-config.v1beta3/) or [v1](/docs/reference/config-api/kube-scheduler-config.v1/) - before upgrading Kubernetes to v1.25. + is deprecated in v1.25 and will be removed in v1.28. + KubeSchedulerConfiguration [v1beta3](/docs/reference/config-api/kube-scheduler-config.v1beta3/) + is deprecated in v1.26 and will be removed in v1.29. + Please migrate KubeSchedulerConfiguration to [v1](/docs/reference/config-api/kube-scheduler-config.v1/). {{< /note >}} ## Profiles diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_list.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_list.md index 541d9892a15..92b045be4bf 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_list.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_list.md @@ -55,7 +55,7 @@ kubeadm config images list [flags] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_pull.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_pull.md index 3a78f260312..cad6279ee04 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_pull.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_pull.md @@ -48,7 +48,7 @@ kubeadm config images pull [flags] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init.md index ad919d2e16e..385331d7af5 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init.md @@ -139,7 +139,7 @@ kubeadm init [flags] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_addon_all.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_addon_all.md index dafa56360ac..621c1f8170b 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_addon_all.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_addon_all.md @@ -69,7 +69,7 @@ kubeadm init phase addon all [flags] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_addon_coredns.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_addon_coredns.md index 3225abfba1d..a44e72427fb 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_addon_coredns.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_addon_coredns.md @@ -48,7 +48,7 @@ kubeadm init phase addon coredns [flags] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_control-plane_all.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_control-plane_all.md index e168a6bb877..b28306a6477 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_control-plane_all.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_control-plane_all.md @@ -101,7 +101,7 @@ kubeadm init phase control-plane all [flags] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_control-plane_apiserver.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_control-plane_apiserver.md index 3f69982f8f1..67d775db2d1 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_control-plane_apiserver.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_control-plane_apiserver.md @@ -83,7 +83,7 @@ kubeadm init phase control-plane apiserver [flags] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_preflight.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_preflight.md index 21fc3f7feae..23013ec7e3a 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_preflight.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_preflight.md @@ -44,6 +44,13 @@ kubeadm init phase preflight [flags]

    Path to a kubeadm configuration file.

    + +--cri-socket string + + +

    Path to the CRI socket to connect. If empty kubeadm will try to auto-detect this value; use this option only if you have more than one CRI installed or if you have non-standard CRI socket.

    + + --dry-run diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_all.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_all.md index 2b15abac969..3feed3b1892 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_all.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_all.md @@ -37,6 +37,13 @@ kubeadm init phase upload-config all [flags]

    Path to a kubeadm configuration file.

    + +--cri-socket string + + +

    Path to the CRI socket to connect. If empty kubeadm will try to auto-detect this value; use this option only if you have more than one CRI installed or if you have non-standard CRI socket.

    + + --dry-run diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_kubeadm.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_kubeadm.md index d8f466b4094..4ef3f88e7e8 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_kubeadm.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_kubeadm.md @@ -46,6 +46,13 @@ kubeadm init phase upload-config kubeadm [flags]

    Path to a kubeadm configuration file.

    + +--cri-socket string + + +

    Path to the CRI socket to connect. If empty kubeadm will try to auto-detect this value; use this option only if you have more than one CRI installed or if you have non-standard CRI socket.

    + + --dry-run diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_kubelet.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_kubelet.md index ae2fd63e838..c83a86129e5 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_kubelet.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_init_phase_upload-config_kubelet.md @@ -44,6 +44,13 @@ kubeadm init phase upload-config kubelet [flags]

    Path to a kubeadm configuration file.

    + +--cri-socket string + + +

    Path to the CRI socket to connect. If empty kubeadm will try to auto-detect this value; use this option only if you have more than one CRI installed or if you have non-standard CRI socket.

    + + --dry-run diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_kubeconfig_user.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_kubeconfig_user.md index 7d8bda9389f..25edb297c20 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_kubeconfig_user.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_kubeconfig_user.md @@ -24,6 +24,9 @@ kubeadm kubeconfig user [flags] ### Examples ``` + # Output a kubeconfig file for an additional user named foo + kubeadm kubeconfig user --client-name=foo + # Output a kubeconfig file for an additional user named foo using a kubeadm config file bar kubeadm kubeconfig user --client-name=foo --config=bar ``` diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_apply.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_apply.md index 2d1d3aa37dc..dca72b0cce9 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_apply.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_apply.md @@ -76,7 +76,7 @@ kubeadm upgrade apply [version] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_plan.md b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_plan.md index d235a065264..dddf17e1877 100644 --- a/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_plan.md +++ b/content/en/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_plan.md @@ -55,7 +55,7 @@ kubeadm upgrade plan [version] [flags] --feature-gates string -

    A set of key=value pairs that describe feature gates for various features. Options are:
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    +

    A set of key=value pairs that describe feature gates for various features. Options are:
    EtcdLearnerMode=true|false (ALPHA - default=false)
    PublicKeysECDSA=true|false (ALPHA - default=false)
    RootlessControlPlane=true|false (ALPHA - default=false)

    diff --git a/content/en/docs/reference/using-api/api-concepts.md b/content/en/docs/reference/using-api/api-concepts.md index 3c7c0fa8ccb..62deb25f584 100644 --- a/content/en/docs/reference/using-api/api-concepts.md +++ b/content/en/docs/reference/using-api/api-concepts.md @@ -195,7 +195,7 @@ For subscribing to collections, Kubernetes client libraries typically offer some of standard tool for this **list**-then-**watch** logic. (In the Go client library, this is called a `Reflector` and is located in the `k8s.io/client-go/tools/cache` package.) -### Watch bookmarks +### Watch bookmarks {#watch-bookmarks} To mitigate the impact of short history window, the Kubernetes API provides a watch event named `BOOKMARK`. It is a special kind of event to mark that all changes up @@ -226,6 +226,64 @@ As a client, you can request `BOOKMARK` events by setting the assume bookmarks are returned at any specific interval, nor can clients assume that the API server will send any `BOOKMARK` event even when requested. +## Streaming lists + +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + +On large clusters, retrieving the collection of some resource types may result in +a significant increase of resource usage (primarily RAM) on the control plane. +In order to alleviate its impact and simplify the user experience of the **list** + **watch** +pattern, Kubernetes v1.27 introduces as an alpha feature the support +for requesting the initial state (previously requested via the **list** request) as part of +the **watch** request. + +Provided that the `WatchList` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) +is enabled, this can be achieved by specifying `sendInitialEvents=true` as query string parameter +in a **watch** request. If set, the API server starts the watch stream with synthetic init +events (of type `ADDED`) to build the whole state of all existing objects followed by a +[`BOOKMARK` event](/docs/reference/using-api/api-concepts/#watch-bookmarks) +(if requested via `allowWatchBookmarks=true` option). The bookmark event includes the resource version +to which is synced. After sending the bookmark event, the API server continues as for any other **watch** +request. + +When you set `sendInitialEvents=true` in the query string, Kubernetes also requires that you set +`resourceVersionMatch` to `NotOlderThan` value. +If you provided `resourceVersion` in the query string without providing a value or don't provide +it at all, this is interpreted as a request for _consistent read_; +the bookmark event is sent when the state is synced at least to the moment of a consistent read +from when the request started to be processed. If you specify `resourceVersion` (in the query string), +the bookmark event is sent when the state is synced at least to the provided resource version. + +### Example {#example-streaming-lists} + +An example: you want to watch a collection of Pods. For that collection, the current resource version +is 10245 and there are two pods: `foo` and `bar`. Then sending the following request (explicitly requesting +_consistent read_ by setting empty resource version using `resourceVersion=`) could result +in the following sequence of events: + +```console +GET /api/v1/namespaces/test/pods?watch=1&sendInitialEvents=true&allowWatchBookmarks=true&resourceVersion=&resourceVersionMatch=NotOlderThan +--- +200 OK +Transfer-Encoding: chunked +Content-Type: application/json + +{ + "type": "ADDED", + "object": {"kind": "Pod", "apiVersion": "v1", "metadata": {"resourceVersion": "8467", "name": "foo"}, ...} +} +{ + "type": "ADDED", + "object": {"kind": "Pod", "apiVersion": "v1", "metadata": {"resourceVersion": "5726", "name": "bar"}, ...} +} +{ + "type": "BOOKMARK", + "object": {"kind": "Pod", "apiVersion": "v1", "metadata": {"resourceVersion": "10245"} } +} +... + +``` + ## Retrieving large results sets in chunks {{< feature-state for_k8s_version="v1.9" state="beta" >}} @@ -698,29 +756,13 @@ These situations are: fields via `x-kubernetes-preserve-unknown-fields`). 2. The field is duplicated in the object. -### Setting the field validation level +### Validation for unrecognized or duplicate fields (#setting-the-field-validation-level) - {{< feature-state for_k8s_version="v1.25" state="beta" >}} + {{< feature-state for_k8s_version="v1.27" state="stable" >}} -Provided that the `ServerSideFieldValidation` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) is enabled (disabled -by default in 1.23 and 1.24, enabled by default starting in 1.25), you can take -advantage of server side field validation to catch these unrecognized fields. - -When you use HTTP verbs that can submit data (`POST`, `PUT`, and `PATCH`), field -validation gives you the option to choose how you would like to be notified of -these fields that are being dropped by the API server. Possible levels of -validation are `Ignore`, `Warn`, and `Strict`. - -{{< note >}} -If you submit a request that specifies an unrecognized field, and that is also invalid for -a different reason (for example, the request provides a string value where the API expects -an integer), then the API server responds with a 400 Bad Request error response. - -You always receive an error response in this case, no matter what field validation level you requested. -{{< /note >}} - -Field validation is set by the `fieldValidation` query parameter. The three -values that you can provide for this parameter are: +From 1.25 onward, unrecognized or duplicate fields in an object are detected via +validation on the server when you use HTTP verbs that can submit data (`POST`, `PUT`, and `PATCH`). Possible levels of +validation are `Ignore`, `Warn` (default), and `Strict`. `Ignore` : The API server succeeds in handling the request as it would without the erroneous fields @@ -740,20 +782,38 @@ detects any unknown or duplicate fields. The response message from the API server specifies all the unknown or duplicate fields that the API server has detected. +The field validation level is set by the `fieldValidation` query parameter. + +{{< note >}} +If you submit a request that specifies an unrecognized field, and that is also invalid for +a different reason (for example, the request provides a string value where the API expects +an integer for a known field), then the API server responds with a 400 Bad Request error, but will +not provide any information on unknown or duplicate fields (only which fatal +error it encountered first). + +You always receive an error response in this case, no matter what field validation level you requested. +{{< /note >}} + Tools that submit requests to the server (such as `kubectl`), might set their own defaults that are different from the `Warn` validation level that the API server uses by default. -The `kubectl` tool uses the `--validate` flag to set the level of field validation. -Historically `--validate` was used to toggle client-side validation on or off as -a boolean flag. Since Kubernetes 1.25, kubectl uses -server-side field validation when sending requests to a server with this feature -enabled. Validation will fall back to client-side only when it cannot connect -to an API server with field validation enabled. -It accepts the values `ignore`, `warn`, -and `strict` while also accepting the values `true` (equivalent to `strict`) and `false` -(equivalent to `ignore`). The default validation setting for kubectl is `--validate=true`, -which means strict server-side field validation. +The `kubectl` tool uses the `--validate` flag to set the level of field +validation. It accepts the values `ignore`, `warn`, and `strict` while +also accepting the values `true` (equivalent to `strict`) and `false` +(equivalent to `ignore`). The default validation setting for kubectl is +`--validate=true`, which means strict server-side field validation. + +When kubectl cannot connect to an API server with field validation (API servers +prior to Kubernetes 1.27), it will fall back to using client-side validation. +Client-side validation will be removed entirely in a future version of kubectl. + +{{< note >}} + +Prior to Kubernetes 1.25 `kubectl --validate` was used to toggle client-side validation on or off as +a boolean flag. + +{{< /note >}} ## Dry-run diff --git a/content/en/docs/reference/using-api/deprecation-policy.md b/content/en/docs/reference/using-api/deprecation-policy.md index 9bf80456e46..ad8b0291b27 100644 --- a/content/en/docs/reference/using-api/deprecation-policy.md +++ b/content/en/docs/reference/using-api/deprecation-policy.md @@ -425,7 +425,7 @@ to determine SLOs, these tend to have greater import. Other metrics are more experimental in nature or are used primarily in the Kubernetes development process. -Accordingly, metrics fall under two stability classes (`ALPHA` and `STABLE`); +Accordingly, metrics fall under three stability classes (`ALPHA`, `BETA` `STABLE`); this impacts removal of a metric during a Kubernetes release. These classes are determined by the perceived importance of the metric. The rules for deprecating and removing a metric are as follows: @@ -433,11 +433,13 @@ deprecating and removing a metric are as follows: **Rule #9a: Metrics, for the corresponding stability class, must function for no less than:** * **STABLE: 4 releases or 12 months (whichever is longer)** + * **BETA: 2 releases or 8 months (whichever is longer)** * **ALPHA: 0 releases** **Rule #9b: Metrics, after their _announced deprecation_, must function for no less than:** * **STABLE: 3 releases or 9 months (whichever is longer)** + * **BETA: 1 releases or 4 months (whichever is longer)** * **ALPHA: 0 releases** Deprecated metrics will have their description text prefixed with a deprecation notice diff --git a/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md b/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md index 01f0d75f7d8..eae4cb3a7dd 100644 --- a/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md +++ b/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md @@ -27,6 +27,7 @@ see the [Creating a cluster with kubeadm](/docs/setup/production-environment/too * Unique hostname, MAC address, and product_uuid for every node. See [here](#verify-mac-address) for more details. * Certain ports are open on your machines. See [here](#check-required-ports) for more details. * Swap disabled. You **MUST** disable swap in order for the kubelet to work properly. + * For example, `sudo swapoff -a` will disable swapping temporarily. To make this change persistent across reboots, make sure swap is disabled in config files like `/etc/fstab`, `systemd.swap`, depending how it was configured on your system. diff --git a/content/en/docs/tasks/access-application-cluster/configure-access-multiple-clusters.md b/content/en/docs/tasks/access-application-cluster/configure-access-multiple-clusters.md index ca7f6897d32..23402785149 100644 --- a/content/en/docs/tasks/access-application-cluster/configure-access-multiple-clusters.md +++ b/content/en/docs/tasks/access-application-cluster/configure-access-multiple-clusters.md @@ -403,8 +403,8 @@ $Env:KUBECONFIG=$ENV:KUBECONFIG_SAVED It is not always obvious what attributes (username, groups) you will get after authenticating to the cluster. It can be even more challenging if you are managing more than one cluster at the same time. -There is a `kubectl` alpha subcommand command to check subject attributes, such as username, -for your selected Kubernetes client context: `kubectl alpha auth whoami`. +There is a `kubectl` subcommand to check subject attributes, such as username, for your selected Kubernetes +client context: `kubectl auth whoami`. Read [API access to authentication information for a client](/docs/reference/access-authn-authz/authentication/#self-subject-review) to learn about this in more detail. diff --git a/content/en/docs/tasks/administer-cluster/configure-upgrade-etcd.md b/content/en/docs/tasks/administer-cluster/configure-upgrade-etcd.md index 542a3a57c29..6df175e93c1 100644 --- a/content/en/docs/tasks/administer-cluster/configure-upgrade-etcd.md +++ b/content/en/docs/tasks/administer-cluster/configure-upgrade-etcd.md @@ -38,7 +38,7 @@ weight: 270 clusters. Therefore, run etcd clusters on dedicated machines or isolated environments for [guaranteed resource requirements](https://etcd.io/docs/current/op-guide/hardware/). -* The minimum recommended version of etcd to run in production is `3.2.10+`. +* The minimum recommended etcd versions to run in production are `3.4.22+` and `3.5.6+`. ## Resource requirements diff --git a/content/en/docs/tasks/administer-cluster/controller-manager-leader-migration.md b/content/en/docs/tasks/administer-cluster/controller-manager-leader-migration.md index 743e23d0bd1..c31f309b190 100644 --- a/content/en/docs/tasks/administer-cluster/controller-manager-leader-migration.md +++ b/content/en/docs/tasks/administer-cluster/controller-manager-leader-migration.md @@ -10,8 +10,6 @@ weight: 250 -{{< feature-state for_k8s_version="v1.24" state="stable" >}} - {{< glossary_definition term_id="cloud-controller-manager" length="all" prepend="The cloud-controller-manager is">}} ## Background diff --git a/content/en/docs/tasks/administer-cluster/encrypt-data.md b/content/en/docs/tasks/administer-cluster/encrypt-data.md index 537d4b6b8a8..c80c19a687e 100644 --- a/content/en/docs/tasks/administer-cluster/encrypt-data.md +++ b/content/en/docs/tasks/administer-cluster/encrypt-data.md @@ -19,6 +19,8 @@ This page shows how to enable and configure encryption of secret data at rest. * To encrypt a custom resource, your cluster must be running Kubernetes v1.26 or newer. +* Use of wildcard for resource encryption is available from Kubernetes v1.27 or newer. + @@ -63,6 +65,24 @@ resources: keys: - name: key1 secret: YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY= + - resources: + - events + providers: + - identity: {} # do not encrypt events even though *.* is specified below + - resources: + - '*.apps' + providers: + - aescbc: + keys: + - name: key2 + secret: c2VjcmV0IGlzIHNlY3VyZSwgb3IgaXMgaXQ/Cg== + - resources: + - '*.*' + providers: + - aescbc: + keys: + - name: key3 + secret: c2VjcmV0IGlzIHNlY3VyZSwgSSB0aGluaw== ``` Each `resources` array item is a separate config and contains a complete configuration. The @@ -84,6 +104,29 @@ resources from storage, each provider that matches the stored data attempts in o data. If no provider can read the stored data due to a mismatch in format or secret key, an error is returned which prevents clients from accessing that resource. +`EncryptionConfiguration` supports the use of wildcards to specify the resources that should be encrypted. +Use '`*.`' to encrypt all resources within a group (for eg '`*.apps`' in above example) or '`*.*`' +to encrypt all resources. '`*.`' can be used to encrypt all resource in the core group. '`*.*`' will +encrypt all resources, even custom resources that are added after API server start. + +{{< note >}} Use of wildcards that overlap within the same resource list or across multiple entries are not allowed +since part of the configuration would be ineffective. The `resources` list's processing order and precedence +are determined by the order it's listed in the configuration. {{< /note >}} + +Opting out of encryption for specific resources while wildcard is enabled can be achieved by adding a new +`resources` array item with the resource name, followed by the `providers` array item with the `identity` provider. +For example, if '`*.*`' is enabled and you want to opt-out encryption for the `events` resource, add a new item +to the `resources` array with `events` as the resource name, followed by the providers array item with `identity`. +The new item should look like this: + +```yaml +- resources: + - events + providers: + - identity: {} +``` +Ensure that the new item is listed before the wildcard '`*.*`' item in the resources array to give it precedence. + For more detailed information about the `EncryptionConfiguration` struct, please refer to the [encryption configuration API](/docs/reference/config-api/apiserver-encryption.v1/). @@ -102,7 +145,8 @@ Name | Encryption | Strength | Speed | Key Length | Other Considerations `secretbox` | XSalsa20 and Poly1305 | Strong | Faster | 32-byte | A newer standard and may not be considered acceptable in environments that require high levels of review. `aesgcm` | AES-GCM with random nonce | Must be rotated every 200k writes | Fastest | 16, 24, or 32-byte | Is not recommended for use except when an automated key rotation scheme is implemented. `aescbc` | AES-CBC with [PKCS#7](https://datatracker.ietf.org/doc/html/rfc2315) padding | Weak | Fast | 32-byte | Not recommended due to CBC's vulnerability to padding oracle attacks. -`kms` | Uses envelope encryption scheme: Data is encrypted by data encryption keys (DEKs) using AES-CBC with [PKCS#7](https://datatracker.ietf.org/doc/html/rfc2315) padding (prior to v1.25), using AES-GCM starting from v1.25, DEKs are encrypted by key encryption keys (KEKs) according to configuration in Key Management Service (KMS) | Strongest | Fast | 32-bytes | The recommended choice for using a third party tool for key management. Simplifies key rotation, with a new DEK generated for each encryption, and KEK rotation controlled by the user. [Configure the KMS provider](/docs/tasks/administer-cluster/kms-provider/). +`kms v1` | Uses envelope encryption scheme: Data is encrypted by data encryption keys (DEKs) using AES-CBC with [PKCS#7](https://datatracker.ietf.org/doc/html/rfc2315) padding (prior to v1.25), using AES-GCM starting from v1.25, DEKs are encrypted by key encryption keys (KEKs) according to configuration in Key Management Service (KMS) | Strongest | Slow (_compared to `kms v2`_) | 32-bytes | Simplifies key rotation, with a new DEK generated for each encryption, and KEK rotation controlled by the user. [Configure the KMS V1 provider](/docs/tasks/administer-cluster/kms-provider#configuring-the-kms-provider-kms-v1). +`kms v2` | Uses envelope encryption scheme: Data is encrypted by data encryption keys (DEKs) using AES-GCM, DEKs are encrypted by key encryption keys (KEKs) according to configuration in Key Management Service (KMS) | Strongest | Fast | 32-bytes | The recommended choice for using a third party tool for key management. Available in beta from `v1.27`. A new DEK is generated at startup and reused for encryption. The DEK is rotated when the KEK is rotated. [Configure the KMS V2 provider](/docs/tasks/administer-cluster/kms-provider#configuring-the-kms-provider-kms-v2). {{< /table >}} Each provider supports multiple keys - the keys are tried in order for decryption, and if the provider diff --git a/content/en/docs/tasks/administer-cluster/kms-provider.md b/content/en/docs/tasks/administer-cluster/kms-provider.md index 21e89321e6c..7cf67fbf853 100644 --- a/content/en/docs/tasks/administer-cluster/kms-provider.md +++ b/content/en/docs/tasks/administer-cluster/kms-provider.md @@ -7,14 +7,17 @@ content_type: task weight: 370 --- -This page shows how to configure a Key Management Service (KMS) provider and plugin to enable secret data encryption. Currently there are two KMS API versions. KMS v1 will continue to work while v2 develops in maturity. If you are not sure which KMS API version to pick, choose v1. +This page shows how to configure a Key Management Service (KMS) provider and plugin to enable secret data encryption. +Currently there are two KMS API versions. New integrations that only need to support Kubernetes v1.27+ +should use KMS v2 as it offers significantly better performance characteristics than v1 +(note the `Caution` sections below for specific cases when KMS v2 must not be used.) ## {{% heading "prerequisites" %}} {{< include "task-tutorial-prereqs.md" >}} The version of Kubernetes that you need depends on which KMS API version -you have selected. +you have selected. - If you selected KMS API v1, any supported Kubernetes version will work fine. - If you selected KMS API v2, you should use Kubernetes v{{< skew currentVersion >}} @@ -24,36 +27,61 @@ you have selected. {{< version-check >}} ### KMS v1 +{{< feature-state for_k8s_version="v1.12" state="beta" >}} + * Kubernetes version 1.10.0 or later is required * Your cluster must use etcd v3 or later -{{< feature-state for_k8s_version="v1.12" state="beta" >}} - ### KMS v2 -* Kubernetes version 1.25.0 or later is required +{{< feature-state for_k8s_version="v1.27" state="beta" >}} -* Set kube-apiserver feature gate: `--feature-gates=KMSv2=true` to configure a KMS v2 provider +* For version 1.25 and 1.26, enabling the feature via kube-apiserver feature gate is required. +Set `--feature-gates=KMSv2=true` to configure a KMS v2 provider. * Your cluster must use etcd v3 or later -{{< feature-state for_k8s_version="v1.25" state="alpha" >}} +{{< caution >}} +The KMS v2 API and implementation changed in incompatible ways in-between the alpha release in v1.25 +and the beta release in v1.27. Attempting to upgrade from old versions with the alpha feature +enabled will result in data loss. +{{< /caution >}} The KMS encryption provider uses an envelope encryption scheme to encrypt data in etcd. -The data is encrypted using a data encryption key (DEK); a new DEK is generated for each encryption. +The data is encrypted using a data encryption key (DEK). The DEKs are encrypted with a key encryption key (KEK) that is stored and managed in a remote KMS. -The KMS provider uses gRPC to communicate with a specific KMS plugin. +With KMS v1, a new DEK is generated for each encryption. +With KMS v2, a new DEK is generated on server startup and when the KMS plugin informs the API server +that a KEK rotation has occurred (see `Understanding key_id and Key Rotation` section below). +The KMS provider uses gRPC to communicate with a specific KMS plugin over a UNIX domain socket. The KMS plugin, which is implemented as a gRPC server and deployed on the same host(s) as the Kubernetes control plane, is responsible for all communication with the remote KMS. +{{< caution >}} +If you are running virtual machine (VM) based nodes that leverage VM state store with this feature, you must not use KMS v2. + +With KMS v2, the API server uses AES-GCM with a 12 byte nonce (8 byte atomic counter and 4 bytes random data) for encryption. +The following issues could occur if the VM is saved and restored: +1. The counter value may be lost or corrupted if the VM is saved in an inconsistent state or restored improperly. + This can lead to a situation where the same counter value is used twice, resulting in the same nonce being used + for two different messages. +2. If the VM is restored to a previous state, the counter value may be set back to its previous value, +resulting in the same nonce being used again. + +Although both of these cases are partially mitigated by the 4 byte random nonce, this can compromise +the security of the encryption. +{{< /caution >}} + ## Configuring the KMS provider To configure a KMS provider on the API server, include a provider of type `kms` in the `providers` array in the encryption configuration file and set the following properties: ### KMS v1 {#configuring-the-kms-provider-kms-v1} + +* `apiVersion`: API Version for KMS provider. Leave this value empty or set it to `v1`. * `name`: Display name of the KMS plugin. Cannot be changed once set. * `endpoint`: Listen address of the gRPC server (KMS plugin). The endpoint is a UNIX domain socket. * `cachesize`: Number of data encryption keys (DEKs) to be cached in the clear. @@ -63,15 +91,17 @@ To configure a KMS provider on the API server, include a provider of type `kms` returning an error (default is 3 seconds). ### KMS v2 {#configuring-the-kms-provider-kms-v2} -* `apiVersion`: API Version for KMS provider (Allowed values: v2, v1 or empty. Any other value will result in an error.) Must be set to v2 to use the KMS v2 APIs. + +* `apiVersion`: API Version for KMS provider. Set this to `v2`. * `name`: Display name of the KMS plugin. Cannot be changed once set. * `endpoint`: Listen address of the gRPC server (KMS plugin). The endpoint is a UNIX domain socket. -* `cachesize`: Number of data encryption keys (DEKs) to be cached in the clear. - When cached, DEKs can be used without another call to the KMS; - whereas DEKs that are not cached require a call to the KMS to unwrap. * `timeout`: How long should `kube-apiserver` wait for kms-plugin to respond before returning an error (default is 3 seconds). +KMS v2 does not support the `cachesize` property. All data encryption keys (DEKs) will be cached in +the clear once the server has unwrapped them via a call to the KMS. Once cached, DEKs can be used +to perform decryption indefinitely without making a call to the KMS. + See [Understanding the encryption at rest configuration](/docs/tasks/administer-cluster/encrypt-data). ## Implementing a KMS plugin @@ -80,7 +110,7 @@ To implement a KMS plugin, you can develop a new plugin gRPC server or enable a already provided by your cloud provider. You then integrate the plugin with the remote KMS and deploy it on the Kubernetes master. -### Enabling the KMS supported by your cloud provider +### Enabling the KMS supported by your cloud provider Refer to your cloud provider for instructions on enabling the cloud provider-specific KMS plugin. @@ -90,21 +120,26 @@ You can develop a KMS plugin gRPC server using a stub file available for Go. For you use a proto file to create a stub file that you can use to develop the gRPC server code. #### KMS v1 {#developing-a-kms-plugin-gRPC-server-kms-v1} + * Using Go: Use the functions and data structures in the stub file: - [api.pb.go](https://github.com/kubernetes/kubernetes/blob/release-1.25/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/api.pb.go) - to develop the gRPC server code + [api.pb.go](https://github.com/kubernetes/kms/blob/release-{{< skew currentVersion >}}/apis/v1beta1/api.pb.go) + to develop the gRPC server code * Using languages other than Go: Use the protoc compiler with the proto file: - [api.proto](https://github.com/kubernetes/kubernetes/blob/release-1.25/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/api.proto) + [api.proto](https://github.com/kubernetes/kms/blob/release-{{< skew currentVersion >}}/apis/v1beta1/api.proto) to generate a stub file for the specific language #### KMS v2 {#developing-a-kms-plugin-gRPC-server-kms-v2} -* Using Go: Use the functions and data structures in the stub file: - [api.pb.go](https://github.com/kubernetes/kubernetes/blob/release-1.25/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v2alpha1/api.pb.go) - to develop the gRPC server code + +* Using Go: A high level + [library](https://github.com/kubernetes/kms/blob/release-{{< skew currentVersion >}}/pkg/service/interface.go) + is provided to make the process easier. Low level implementations + can use the functions and data structures in the stub file: + [api.pb.go](https://github.com/kubernetes/kms/blob/release-{{< skew currentVersion >}}/apis/v2/api.pb.go) + to develop the gRPC server code * Using languages other than Go: Use the protoc compiler with the proto file: - [api.proto](https://github.com/kubernetes/kubernetes/blob/release-1.25/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v2alpha1/api.proto) + [api.proto](https://github.com/kubernetes/kms/blob/release-{{< skew currentVersion >}}/apis/v2/api.proto) to generate a stub file for the specific language Then use the functions and data structures in the stub file to develop the server code. @@ -112,35 +147,106 @@ Then use the functions and data structures in the stub file to develop the serve #### Notes ##### KMS v1 {#developing-a-kms-plugin-gRPC-server-notes-kms-v1} + * kms plugin version: `v1beta1` In response to procedure call Version, a compatible KMS plugin should return `v1beta1` as `VersionResponse.version`. * message version: `v1beta1` - All messages from KMS provider have the version field set to current version v1beta1. + All messages from KMS provider have the version field set to `v1beta1`. * protocol: UNIX domain socket (`unix`) The plugin is implemented as a gRPC server that listens at UNIX domain socket. The plugin deployment should create a file on the file system to run the gRPC unix domain socket connection. The API server (gRPC client) is configured with the KMS provider (gRPC server) unix domain socket endpoint in order to communicate with it. An abstract Linux socket may be used by starting the endpoint with `/@`, i.e. `unix:///@foo`. Care must be taken when using this type of socket as they do not have concept of ACL (unlike traditional file based sockets). However, they are subject to Linux networking namespace, so will only be accessible to containers within the same pod unless host networking is used. ##### KMS v2 {#developing-a-kms-plugin-gRPC-server-notes-kms-v2} -* kms plugin version: `v2alpha1` - In response to procedure call Status, a compatible KMS plugin should return `v2alpha1` as `StatusResponse.Version`, "ok" as `StatusResponse.Healthz` and a keyID (KMS KEK ID) as `StatusResponse.KeyID` +* KMS plugin version: `v2beta1` + + In response to procedure call `Status`, a compatible KMS plugin should return `v2beta1` as `StatusResponse.version`, + "ok" as `StatusResponse.healthz` and a `key_id` (remote KMS KEK ID) as `StatusResponse.key_id`. + + The API server polls the `Status` procedure call approximately every minute when everything is healthy, + and every 10 seconds when the plugin is not healthy. Plugins must take care to optimize this call as it will be + under constant load. + +* Encryption + + The `EncryptRequest` procedure call provides the plaintext and a UID for logging purposes. The response must include + the ciphertext, the `key_id` for the KEK used, and, optionally, any metadata that the KMS plugin needs to aid in + future `DecryptRequest` calls (via the `annotations` field). The plugin must guarantee that any distinct plaintext + results in a distinct response `(ciphertext, key_id, annotations)`. + + If the plugin returns a non-empty `annotations` map, all map keys must be fully qualified domain names such as + `example.com`. An example use case of `annotation` is `{"kms.example.io/remote-kms-auditid":""}` + + The API server does not perform the `EncryptRequest` procedure call at a high rate. Plugin implementations should + still aim to keep each request's latency at under 100 milliseconds. + +* Decryption + + The `DecryptRequest` procedure call provides the `(ciphertext, key_id, annotations)` from `EncryptRequest` and a UID + for logging purposes. As expected, it is the inverse of the `EncryptRequest` call. Plugins must verify that the + `key_id` is one that they understand - they must not attempt to decrypt data unless they are sure that it was + encrypted by them at an earlier time. + + The API server may perform thousands of `DecryptRequest` procedure calls on startup to fill its watch cache. Thus + plugin implementations must perform these calls as quickly as possible, and should aim to keep each request's latency + at under 10 milliseconds. + +* Understanding `key_id` and Key Rotation + + The `key_id` is the public, non-secret name of the remote KMS KEK that is currently in use. It may be logged + during regular operation of the API server, and thus must not contain any private data. Plugin implementations + are encouraged to use a hash to avoid leaking any data. The KMS v2 metrics take care to hash this value before + exposing it via the `/metrics` endpoint. + + The API server considers the `key_id` returned from the `Status` procedure call to be authoritative. Thus, a change + to this value signals to the API server that the remote KEK has changed, and data encrypted with the old KEK should + be marked stale when a no-op write is performed (as described below). If an `EncryptRequest` procedure call returns a + `key_id` that is different from `Status`, the response is thrown away and the plugin is considered unhealthy. Thus + implementations must guarantee that the `key_id` returned from `Status` will be the same as the one returned by + `EncryptRequest`. Furthermore, plugins must ensure that the `key_id` is stable and does not flip-flop between values + (i.e. during a remote KEK rotation). + + Plugins must not re-use `key_id`s, even in situations where a previously used remote KEK has been reinstated. For + example, if a plugin was using `key_id=A`, switched to `key_id=B`, and then went back to `key_id=A` - instead of + reporting `key_id=A` the plugin should report some derivative value such as `key_id=A_001` or use a new value such + as `key_id=C`. + + Since the API server polls `Status` about every minute, `key_id` rotation is not immediate. Furthermore, the API + server will coast on the last valid state for about three minutes. Thus if a user wants to take a passive approach + to storage migration (i.e. by waiting), they must schedule a migration to occur at `3 + N + M` minutes after the + remote KEK has been rotated (`N` is how long it takes the plugin to observe the `key_id` change and `M` is the + desired buffer to allow config changes to be processed - a minimum `M` of five minutes is recommend). Note that no + API server restart is required to perform KEK rotation. + + {{< caution >}} + Because you don't control the number of writes performed with the DEK, we recommend rotating the KEK at least every 90 days. + {{< /caution >}} * protocol: UNIX domain socket (`unix`) - The plugin is implemented as a gRPC server that listens at UNIX domain socket. The plugin deployment should create a file on the file system to run the gRPC unix domain socket connection. The API server (gRPC client) is configured with the KMS provider (gRPC server) unix domain socket endpoint in order to communicate with it. An abstract Linux socket may be used by starting the endpoint with `/@`, i.e. `unix:///@foo`. Care must be taken when using this type of socket as they do not have concept of ACL (unlike traditional file based sockets). However, they are subject to Linux networking namespace, so will only be accessible to containers within the same pod unless host networking is used. + The plugin is implemented as a gRPC server that listens at UNIX domain socket. + The plugin deployment should create a file on the file system to run the gRPC unix domain socket connection. + The API server (gRPC client) is configured with the KMS provider (gRPC server) unix + domain socket endpoint in order to communicate with it. + An abstract Linux socket may be used by starting the endpoint with `/@`, i.e. `unix:///@foo`. + Care must be taken when using this type of socket as they do not have concept of ACL + (unlike traditional file based sockets). + However, they are subject to Linux networking namespace, so will only be accessible to + containers within the same pod unless host networking is used. ### Integrating a KMS plugin with the remote KMS The KMS plugin can communicate with the remote KMS using any protocol supported by the KMS. -All configuration data, including authentication credentials the KMS plugin uses to communicate with the remote KMS, +All configuration data, including authentication credentials the KMS plugin uses to communicate with the remote KMS, are stored and managed by the KMS plugin independently. -The KMS plugin can encode the ciphertext with additional metadata that may be required before sending it to the KMS for decryption. +The KMS plugin can encode the ciphertext with additional metadata that may be required before sending it to the KMS +for decryption (KMS v2 makes this process easier by providing a dedicated `annotations` field). -### Deploying the KMS plugin +### Deploying the KMS plugin Ensure that the KMS plugin runs on the same host(s) as the Kubernetes master(s). @@ -196,25 +302,24 @@ defined in a CustomResourceDefinition, your cluster must be running Kubernetes v apiVersion: v2 name: myKmsPluginFoo endpoint: unix:///tmp/socketfile.sock - cachesize: 100 timeout: 3s - kms: + apiVersion: v2 name: myKmsPluginBar endpoint: unix:///tmp/socketfile.sock - cachesize: 100 timeout: 3s ``` Setting `--encryption-provider-config-automatic-reload` to `true` collapses all health checks to a single health check endpoint. Individual health checks are only available when KMS v1 providers are in use and the encryption config is not auto-reloaded. -Following table summarizes the health check endpoints for each KMS version: +The following table summarizes the health check endpoints for each KMS version: -| KMS configurations | Without Automatic Reload | With Automatic Reload | -| ------------------------- |------------------------------------| -----------------------| -| KMS v1 only | Individual Healthchecks | Single Healthcheck | -| KMS v2 only | Single Healthcheck | Single Healthcheck | -| Both KMS v1 and v2 | Individual Healthchecks | Single Healthcheck | -| No KMS | None | Single Healthcheck | +| KMS configurations | Without Automatic Reload | With Automatic Reload | +| ------------------ | ------------------------ | --------------------- | +| KMS v1 only | Individual Healthchecks | Single Healthcheck | +| KMS v2 only | Single Healthcheck | Single Healthcheck | +| Both KMS v1 and v2 | Individual Healthchecks | Single Healthcheck | +| No KMS | None | Single Healthcheck | `Single Healthcheck` means that the only health check endpoint is `/healthz/kms-providers`. @@ -222,6 +327,10 @@ Following table summarizes the health check endpoints for each KMS version: These healthcheck endpoint paths are hard coded and generated/controlled by the server. The indices for individual healthchecks corresponds to the order in which the KMS encryption config is processed. +At a high level, restarting an API server when a KMS plugin is unhealthy is unlikely to make the situation better. +It can make the situation significantly worse by throwing away the API server's DEK cache. Thus the general +recommendation is to ignore the API server KMS healthz checks for liveness purposes, i.e. `/livez?exclude=kms-providers`. + Until the steps defined in [Ensuring all secrets are encrypted](#ensuring-all-secrets-are-encrypted) are performed, the `providers` list should end with the `identity: {}` provider to allow unencrypted data to be read. Once all resources are encrypted, the `identity` provider should be removed to prevent the API server from honoring unencrypted data. For details about the `EncryptionConfiguration` format, please check the @@ -229,8 +338,9 @@ For details about the `EncryptionConfiguration` format, please check the ## Verifying that the data is encrypted -Data is encrypted when written to etcd. After restarting your `kube-apiserver`, -any newly created or updated Secret or other resource types configured in `EncryptionConfiguration` should be encrypted when stored. To verify, +When encryption at rest is correctly configured, resources are encrypted on write. +After restarting your `kube-apiserver`, any newly created or updated Secret or other resource types +configured in `EncryptionConfiguration` should be encrypted when stored. To verify, you can use the `etcdctl` command line program to retrieve the contents of your secret data. 1. Create a new secret called `secret1` in the `default` namespace: @@ -259,7 +369,8 @@ you can use the `etcdctl` command line program to retrieve the contents of your ## Ensuring all secrets are encrypted -Because secrets are encrypted on write, performing an update on a secret encrypts that content. +When encryption at rest is correctly configured, resources are encrypted on write. +Thus we can perform an in-place no-op update to ensure that data is encrypted. The following command reads all secrets and then updates them to apply server side encryption. If an error occurs due to a conflicting write, retry the command. @@ -283,9 +394,9 @@ To switch from a local encryption provider to the `kms` provider and re-encrypt - secrets providers: - kms: + apiVersion: v2 name : myKmsPlugin endpoint: unix:///tmp/socketfile.sock - cachesize: 100 - aescbc: keys: - name: key1 @@ -304,7 +415,7 @@ To switch from a local encryption provider to the `kms` provider and re-encrypt To disable encryption at rest: -1. Place the `identity` provider as the first entry in the configuration file: +1. Place the `identity` provider as the first entry in the configuration file: ```yaml apiVersion: apiserver.config.k8s.io/v1 @@ -315,12 +426,12 @@ To disable encryption at rest: providers: - identity: {} - kms: + apiVersion: v2 name : myKmsPlugin endpoint: unix:///tmp/socketfile.sock - cachesize: 100 ``` -1. Restart all `kube-apiserver` processes. +1. Restart all `kube-apiserver` processes. 1. Run the following command to force all secrets to be decrypted. diff --git a/content/en/docs/tasks/administer-cluster/safely-drain-node.md b/content/en/docs/tasks/administer-cluster/safely-drain-node.md index 456fd02c7d4..5afcd3eac1c 100644 --- a/content/en/docs/tasks/administer-cluster/safely-drain-node.md +++ b/content/en/docs/tasks/administer-cluster/safely-drain-node.md @@ -35,6 +35,11 @@ If availability is important for any applications that run or could run on the n that you are draining, [configure a PodDisruptionBudgets](/docs/tasks/run-application/configure-pdb/) first and then continue following this guide. +It is recommended to set `AlwaysAllow` [Unhealthy Pod Eviction Policy](/docs/tasks/run-application/configure-pdb/#unhealthy-pod-eviction-policy) +to your PodDisruptionBudgets to support eviction of misbehaving applications during a node drain. +The default behavior is to wait for the application pods to become [healthy](/docs/tasks/run-application/configure-pdb/#healthiness-of-a-pod) +before the drain can proceed. + ## Use `kubectl drain` to remove a node from service You can use `kubectl drain` to safely evict all of your pods from a diff --git a/content/en/docs/tasks/administer-cluster/switch-to-evented-pleg.md b/content/en/docs/tasks/administer-cluster/switch-to-evented-pleg.md new file mode 100644 index 00000000000..8fdb491c28a --- /dev/null +++ b/content/en/docs/tasks/administer-cluster/switch-to-evented-pleg.md @@ -0,0 +1,91 @@ +--- +title: Switching From Polling to CRI Event-based Updates to Container Status +min-kubernetes-server-version: 1.26 +content_type: task +weight: 90 +--- + +{{< feature-state for_k8s_version="v1.26" state="beta" >}} + + +This page shows how to migrate notes to use event based updates for container status. The event-based +implementation reduces node resource consumption by the kubelet, compared to the legacy approach +that relies on polling. +You may know this feature as _evented Pod lifecycle event generator (PLEG)_. That's the name used +internally within the Kubernetes project for a key implementation detail. + + +## {{% heading "prerequisites" %}} + +* You need to run a version of Kubernetes that provides this feature. +Kubernetes {{< skew currentVersion >}} includes beta support for event-based container +status updates. The feature is beta and is disabled by default. +{{< version-check >}} +If you are running a different version of Kubernetes, check the documentation for that release. + + + + +## Why switch to Evented PLEG? + +* The current `Generic PLEG` incurs non-negligible overhead due to frequent polling of container statuses. +* This overhead is exacerbated by Kubelet's parallelism, limiting its scalability and causing poor performance and reliability problems. +* The goal of `Evented PLEG` is to reduce unnecessary work during inactivity by replacing periodic polling. + +## Switching to Evented PLEG + + +1. Start the Kubelet with the [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) `EventedPLEG` enabled. In Kubelet feature gates can be enabled by editing [config file](https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/) and restarting the Kubelet service. + +2. Please make sure the node is [drained](https://kubernetes.io/docs/tasks/administer-cluster/safely-drain-node/) before proceeding. + +3. Start the `CRI Runtime` with the `Evented PLEG` support. + {{< tabs name="tab_with_code" >}} + {{< tab name="Containerd" codelang="bash" >}} + Version 1.7+ + {{< /tab >}} + {{< tab name="CRI-O" codelang="bash" >}} + Version 1.26+ + + Check if the CRI-O is already configured to emit `CRI Events` by verifying the configuration, + ``` + $ crio config | grep enable_pod_events + ``` + If its enabled it should show, + ``` + # enable_pod_events = true + ``` + + To enable it, start the cri-o daemon with the flag `--enable-pod-events=true` or using a drop in config like, + + [crio.runtime] + enable_pod_events: true + + + {{< /tab >}} + {{< /tabs >}} + + +{{< version-check >}} + +4. Verify that `Evented PLEG` is in use by looking for the term `EventedPLEG` in the kubelet logs + + The output is similar to this: + ``` + I0314 11:10:13.909915 1105457 feature_gate.go:249] feature gates: &{map[EventedPLEG:true]} + ``` + + If you have set LOG_LEVEL to 4 and above, you might see more entries that indicate `Evented PLEG` is in use by the kubelet. + + ``` + I0314 11:12:42.009542 1110177 evented.go:238] "Evented PLEG: Generated pod status from the received event" podUID=3b2c6172-b112-447a-ba96-94e7022912dc + I0314 11:12:44.623326 1110177 evented.go:238] "Evented PLEG: Generated pod status from the received event" podUID=b3fba5ea-a8c5-4b76-8f43-481e17e8ec40 + I0314 11:12:44.714564 1110177 evented.go:238] "Evented PLEG: Generated pod status from the received event" podUID=b3fba5ea-a8c5-4b76-8f43-481e17e8ec40 + ``` + +## {{% heading "whatsnext" %}} + +* Learn more about [KEP 3386](https://github.com/kubernetes/enhancements/blob/5b258a990adabc2ffdc9d84581ea6ed696f7ce6c/keps/sig-node/3386-kubelet-evented-pleg/README.md). + + + diff --git a/content/en/docs/tasks/administer-cluster/topology-manager.md b/content/en/docs/tasks/administer-cluster/topology-manager.md index 7dac6b42562..7d06ebe14c8 100644 --- a/content/en/docs/tasks/administer-cluster/topology-manager.md +++ b/content/en/docs/tasks/administer-cluster/topology-manager.md @@ -15,7 +15,7 @@ weight: 150 -{{< feature-state state="beta" for_k8s_version="v1.18" >}} +{{< feature-state state="stable" for_k8s_version="v1.27" >}} An increasing number of systems leverage a combination of CPUs and hardware accelerators to support latency-critical execution and high-throughput parallel computation. These include @@ -60,12 +60,6 @@ the pod can be accepted or rejected from the node based on the selected hint. The hint is then stored in the Topology Manager for use by the *Hint Providers* when making the resource allocation decisions. -### Enable the Topology Manager feature - -Support for the Topology Manager requires `TopologyManager` -[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) to be enabled. -It is enabled by default starting with Kubernetes 1.18. - ## Topology Manager Scopes and Policies The Topology Manager currently: diff --git a/content/en/docs/tasks/configure-pod-container/assign-cpu-resource.md b/content/en/docs/tasks/configure-pod-container/assign-cpu-resource.md index 6f4b885e543..6f4c44e3494 100644 --- a/content/en/docs/tasks/configure-pod-container/assign-cpu-resource.md +++ b/content/en/docs/tasks/configure-pod-container/assign-cpu-resource.md @@ -275,4 +275,4 @@ kubectl delete namespace cpu-example * [Configure Quotas for API Objects](/docs/tasks/administer-cluster/quota-api-object/) - +* [Resize CPU and Memory Resources assigned to Containers](/docs/tasks/configure-pod-container/resize-container-resources/) diff --git a/content/en/docs/tasks/configure-pod-container/assign-memory-resource.md b/content/en/docs/tasks/configure-pod-container/assign-memory-resource.md index d923d6356c1..a0dcae50526 100644 --- a/content/en/docs/tasks/configure-pod-container/assign-memory-resource.md +++ b/content/en/docs/tasks/configure-pod-container/assign-memory-resource.md @@ -358,7 +358,4 @@ kubectl delete namespace mem-example * [Configure Quotas for API Objects](/docs/tasks/administer-cluster/quota-api-object/) - - - - +* [Resize CPU and Memory Resources assigned to Containers](/docs/tasks/configure-pod-container/resize-container-resources/) diff --git a/content/en/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md b/content/en/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md index 0f7d9ecc4f9..b8d91a824b1 100644 --- a/content/en/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md +++ b/content/en/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md @@ -240,21 +240,27 @@ kubectl describe pod goproxy {{< feature-state for_k8s_version="v1.24" state="beta" >}} -If your application implements [gRPC Health Checking Protocol](https://github.com/grpc/grpc/blob/master/doc/health-checking.md), -kubelet can be configured to use it for application liveness checks. -You must enable the `GRPCContainerProbe` -[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) -in order to configure checks that rely on gRPC. +If your application implements the [gRPC Health Checking Protocol](https://github.com/grpc/grpc/blob/master/doc/health-checking.md), +this example shows how to configure Kubernetes to use it for application liveness checks. +Similarly you can configure readiness and startup probes. Here is an example manifest: {{< codenew file="pods/probe/grpc-liveness.yaml" >}} -To use a gRPC probe, `port` must be configured. If the health endpoint is configured -on a non-default service, you must also specify the `service`. +To use a gRPC probe, `port` must be configured. If you want to distinguish probes of different types +and probes for different features you can use the `service` field. +You can set `service` to the value `liveness` and make your gRPC Health Checking endpoint +respond to this request differently then when you set `service` set to `readiness`. +This lets you use the same endpoint for different kinds of container health check +(rather than needing to listen on two different ports). +If you want to specify your own custom service name and also specify a probe type, +the Kubernetes project recommends that you use a name that concatenates +those. For example: `myservice-liveness` (using `-` as a separator). {{< note >}} -Unlike HTTP and TCP probes, named ports cannot be used and custom host cannot be configured. +Unlike HTTP or TCP probes, you cannot specify the healthcheck port by name, and you +cannot configure a custom hostname. {{< /note >}} Configuration problems (for example: incorrect port and service, unimplemented health checking protocol) @@ -511,7 +517,7 @@ to resolve it. ### Probe-level `terminationGracePeriodSeconds` -{{< feature-state for_k8s_version="v1.25" state="beta" >}} +{{< feature-state for_k8s_version="v1.27" state="stable" >}} Prior to release 1.21, the pod-level `terminationGracePeriodSeconds` was used for terminating a container that failed its liveness or startup probe. This diff --git a/content/en/docs/tasks/configure-pod-container/migrate-from-psp.md b/content/en/docs/tasks/configure-pod-container/migrate-from-psp.md index f48ad1e7bf3..d8511ac66d7 100644 --- a/content/en/docs/tasks/configure-pod-container/migrate-from-psp.md +++ b/content/en/docs/tasks/configure-pod-container/migrate-from-psp.md @@ -201,7 +201,7 @@ For each updated PodSecurityPolicy: 3. Create the new PodSecurityPolicies. If any Roles or ClusterRoles are granting `use` on all PSPs this could cause the new PSPs to be used instead of their mutating counter-parts. 4. Update your authorization to grant access to the new PSPs. In RBAC this means updating any Roles - or ClusterRoles that grant the `use` permision on the original PSP to also grant it to the + or ClusterRoles that grant the `use` permission on the original PSP to also grant it to the updated PSP. 5. Verify: after some soak time, rerun the command from step 1 to see if any pods are still using the original PSPs. Note that pods need to be recreated after the new policies have been rolled diff --git a/content/en/docs/tasks/configure-pod-container/resize-container-resources.md b/content/en/docs/tasks/configure-pod-container/resize-container-resources.md new file mode 100644 index 00000000000..77e1b30d960 --- /dev/null +++ b/content/en/docs/tasks/configure-pod-container/resize-container-resources.md @@ -0,0 +1,261 @@ +--- +title: Resize CPU and Memory Resources assigned to Containers +content_type: task +weight: 30 +min-kubernetes-server-version: 1.27 +--- + + + + +{{< feature-state state="alpha" for_k8s_version="v1.27" >}} + +This page assumes that you are familiar with [Quality of Service](/docs/tasks/configure-pod-container/quality-service-pod/) +for Kubernetes Pods. + +This page shows how to resize CPU and memory resources assigned to containers +of a running pod without restarting the pod or its containers. A Kubernetes node +allocates resources for a pod based on its `requests`, and restricts the pod's +resource usage based on the `limits` specified in the pod's containers. + +For in-place resize of pod resources: +- Container's resource `requests` and `limits` are _mutable_ for CPU + and memory resources. +- `allocatedResources` field in `containerStatuses` of the Pod's status reflects + the resources allocated to the pod's containers. +- `resources` field in `containerStatuses` of the Pod's status reflects the + actual resource `requests` and `limits` that are configured on the running + containers as reported by the container runtime. +- `resize` field in the Pod's status shows the status of the last requested + pending resize. It can have the following values: + - `Proposed`: This value indicates an acknowledgement of the requested resize + and that the request was validated and recorded. + - `InProgress`: This value indicates that the node has accepted the resize + request and is in the process of applying it to the pod's containers. + - `Deferred`: This value means that the requested resize cannot be granted at + this time, and the node will keep retrying. The resize may be granted when + other pods leave and free up node resources. + - `Infeasible`: is a signal that the node cannot accommodate the requested + resize. This can happen if the requested resize exceeds the maximum + resources the node can ever allocate for a pod. + + +## {{% heading "prerequisites" %}} + + +{{< include "task-tutorial-prereqs.md" >}} {{< version-check >}} + + +## Container Resize Policies + +Resize policies allow for a more fine-grained control over how pod's containers +are resized for CPU and memory resources. For example, the container's +application may be able to handle CPU resources resized without being restarted, +but resizing memory may require that the application hence the containers be restarted. + +To enable this, the Container specification allows users to specify a `resizePolicy`. +The following restart policies can be specified for resizing CPU and memory: +* `NotRequired`: Resize the container's resources while it is running. +* `RestartContainer`: Restart the container and apply new resources upon restart. + +If `resizePolicy[*].restartPolicy` is not specified, it defaults to `NotRequired`. + +{{< note >}} +If the Pod's `restartPolicy` is `Never`, container's resize restart policy must be +set to `NotRequired` for all Containers in the Pod. +{{< /note >}} + +Below example shows a Pod whose Container's CPU can be resized without restart, but +memory resize memory requires the container to be restarted. + +```yaml +apiVersion: v1 +kind: Pod +metadata: + name: qos-demo-5 + namespace: qos-example +spec: + containers: + - name: qos-demo-ctr-5 + image: nginx + resizePolicy: + - resourceName: cpu + restartPolicy: NotRequired + - resourceName: memory + restartPolicy: RestartContainer + resources: + limits: + memory: "200Mi" + cpu: "700m" + requests: + memory: "200Mi" + cpu: "700m" +``` + +{{< note >}} +In the above example, if desired requests or limits for both CPU _and_ memory +have changed, the container will be restarted in order to resize its memory. +{{< /note >}} + + + + +## Create a pod with resource requests and limits + +You can create a Guaranteed or Burstable [Quality of Service](/docs/tasks/configure-pod-container/quality-service-pod/) +class pod by specifying requests and/or limits for a pod's containers. + +Consider the following manifest for a Pod that has one Container. + +{{< codenew file="pods/qos/qos-pod-5.yaml" >}} + +Create the pod in the `qos-example` namespace: + +```shell +kubectl create namespace qos-example +kubectl create -f https://k8s.io/examples/pods/qos/qos-pod-5.yaml +``` + +This pod is classified as a Guaranteed QoS class requesting 700m CPU and 200Mi +memory. + +View detailed information about the pod: + +```shell +kubectl get pod qos-demo-5 --output=yaml --namespace=qos-example +``` + +Also notice that the values of `resizePolicy[*].restartPolicy` defaulted to +`NotRequired`, indicating that CPU and memory can be resized while container +is running. + +```yaml +spec: + containers: + ... + resizePolicy: + - resourceName: cpu + restartPolicy: NotRequired + - resourceName: memory + restartPolicy: NotRequired + resources: + limits: + cpu: 700m + memory: 200Mi + requests: + cpu: 700m + memory: 200Mi +... + containerStatuses: +... + name: qos-demo-ctr-5 + ready: true +... + allocatedResources: + cpu: 700m + memory: 200Mi + resources: + limits: + cpu: 700m + memory: 200Mi + requests: + cpu: 700m + memory: 200Mi + restartCount: 0 + started: true +... + qosClass: Guaranteed +``` + + +## Updating the pod's resources + +Let's say the CPU requirements have increased, and 0.8 CPU is now desired. This +is typically determined, and may be programmatically applied, by an entity such as +[VerticalPodAutoscaler](https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler#readme) (VPA). + +{{< note >}} +While you can change a Pod's requests and limits to express new desired +resources, you cannot change the QoS class in which the Pod was created. +{{< /note >}} + +Now, patch the Pod's Container with CPU requests & limits both set to `800m`: + +```shell +kubectl -n qos-example patch pod qos-demo-5 --patch '{"spec":{"containers":[{"name":"qos-demo-ctr-5", "resources":{"requests":{"cpu":"800m"}, "limits":{"cpu":"800m"}}}]}}' +``` + +Query the Pod's detailed information after the Pod has been patched. + +```shell +kubectl get pod qos-demo-5 --output=yaml --namespace=qos-example +``` + +The Pod's spec below reflects the updated CPU requests and limits. + +```yaml +spec: + containers: + ... + resources: + limits: + cpu: 800m + memory: 200Mi + requests: + cpu: 800m + memory: 200Mi +... + containerStatuses: +... + allocatedResources: + cpu: 800m + memory: 200Mi + resources: + limits: + cpu: 800m + memory: 200Mi + requests: + cpu: 800m + memory: 200Mi + restartCount: 0 + started: true +``` + +Observe that the `allocatedResources` values have been updated to reflect the new +desired CPU requests. This indicates that node was able to accommodate the +increased CPU resource needs. + +In the Container's status, updated CPU resource values shows that new CPU +resources have been applied. The Container's `restartCount` remains unchanged, +indicating that container's CPU resources were resized without restarting the container. + + +## Clean up + +Delete your namespace: + +```shell +kubectl delete namespace qos-example +``` + + +## {{% heading "whatsnext" %}} + + +### For application developers + +* [Assign Memory Resources to Containers and Pods](/docs/tasks/configure-pod-container/assign-memory-resource/) + +* [Assign CPU Resources to Containers and Pods](/docs/tasks/configure-pod-container/assign-cpu-resource/) + +### For cluster administrators + +* [Configure Default Memory Requests and Limits for a Namespace](/docs/tasks/administer-cluster/manage-resources/memory-default-namespace/) + +* [Configure Default CPU Requests and Limits for a Namespace](/docs/tasks/administer-cluster/manage-resources/cpu-default-namespace/) + +* [Configure Minimum and Maximum Memory Constraints for a Namespace](/docs/tasks/administer-cluster/manage-resources/memory-constraint-namespace/) + +* [Configure Minimum and Maximum CPU Constraints for a Namespace](/docs/tasks/administer-cluster/manage-resources/cpu-constraint-namespace/) + +* [Configure Memory and CPU Quotas for a Namespace](/docs/tasks/administer-cluster/manage-resources/quota-memory-cpu-namespace/) diff --git a/content/en/docs/tasks/configure-pod-container/security-context.md b/content/en/docs/tasks/configure-pod-container/security-context.md index 756222eb426..c23ef53396a 100644 --- a/content/en/docs/tasks/configure-pod-container/security-context.md +++ b/content/en/docs/tasks/configure-pod-container/security-context.md @@ -440,7 +440,7 @@ To assign SELinux labels, the SELinux security module must be loaded on the host ### Efficient SELinux volume relabeling -{{< feature-state for_k8s_version="v1.25" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} By default, the container runtime recursively assigns SELinux label to all files on all Pod volumes. To speed up this process, Kubernetes can change the @@ -449,17 +449,16 @@ SELinux label of a volume instantly by using a mount option To benefit from this speedup, all these conditions must be met: -* Alpha feature gates `ReadWriteOncePod` and `SELinuxMountReadWriteOncePod` must - be enabled. +* The [feature gates](/docs/reference/command-line-tools-reference/feature-gates/) `ReadWriteOncePod` + and `SELinuxMountReadWriteOncePod` must be enabled. * Pod must use PersistentVolumeClaim with `accessModes: ["ReadWriteOncePod"]`. * Pod (or all its Containers that use the PersistentVolumeClaim) must have `seLinuxOptions` set. -* The corresponding PersistentVolume must be either a volume that uses a - {{< glossary_tooltip text="CSI" term_id="csi" >}} driver, or a volume that uses the - legacy `iscsi` volume type. - * If you use a volume backed by a CSI driver, that CSI driver must announce that it - supports mounting with `-o context` by setting `spec.seLinuxMount: true` in - its CSIDriver instance. +* The corresponding PersistentVolume must be either: + * A volume that uses the legacy in-tree `iscsi`, `rbd` or `fc` volume type. + * Or a volume that uses a {{< glossary_tooltip text="CSI" term_id="csi" >}} driver. + The CSI driver must announce that it supports mounting with `-o context` by setting + `spec.seLinuxMount: true` in its CSIDriver instance. For any other volume types, SELinux relabelling happens another way: the container runtime recursively changes the SELinux label for all inodes (files and directories) @@ -467,11 +466,12 @@ in the volume. The more files and directories in the volume, the longer that relabelling takes. {{< note >}} -In Kubernetes 1.25, the kubelet loses track of volume labels after restart. In -other words, then kubelet may refuse to start Pods with errors similar to "conflicting -SELinux labels of volume", while there are no conflicting labels in Pods. Make sure -nodes are [fully drained](/docs/tasks/administer-cluster/safely-drain-node/) -before restarting kubelet. + +If you are running Kubernetes v1.25, refer to the v1.25 version of this task page: +[Configure a Security Context for a Pod or Container](https://v1-25.docs.kubernetes.io/docs/tasks/configure-pod-container/security-context/) (v1.25). +There is an important note in that documentation about a situation where the kubelet +can lose track of volume labels after restart. This deficiency has been fixed +in Kubernetes 1.26. {{< /note >}} ## Discussion diff --git a/content/en/docs/tasks/configure-pod-container/user-namespaces.md b/content/en/docs/tasks/configure-pod-container/user-namespaces.md index 5c7c2dfe5d0..85cd1298a07 100644 --- a/content/en/docs/tasks/configure-pod-container/user-namespaces.md +++ b/content/en/docs/tasks/configure-pod-container/user-namespaces.md @@ -52,8 +52,8 @@ Pods, you also need to ensure that the user namespace Pods are [scheduled](/docs/concepts/scheduling-eviction/assign-pod-node/) to suitable nodes. Please note that **if your container runtime doesn't support user namespaces, the -new `pod.spec` field will be silently ignored and the pod will be created without -user namespaces.** +`hostUsers` field in the pod spec will be silently ignored and the pod will be +created without user namespaces.** diff --git a/content/en/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions.md b/content/en/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions.md index c439aa35dfd..edade8f8258 100644 --- a/content/en/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions.md +++ b/content/en/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions.md @@ -765,7 +765,7 @@ For example: required: - minReplicas - replicas - - maxReplicas + - maxReplicas ``` will reject a request to create this custom resource: @@ -788,7 +788,7 @@ The CronTab "my-new-cron-object" is invalid: * spec: Invalid value: map[string]interface {}{"maxReplicas":10, "minReplicas":0, "replicas":20}: replicas should be smaller than or equal to maxReplicas. ``` -`x-kubernetes-validations` could have multiple rules. +`x-kubernetes-validations` could have multiple rules. The `rule` under `x-kubernetes-validations` represents the expression which will be evaluated by CEL. The `message` represents the message displayed when validation fails. If message is unset, the above response would be: @@ -798,22 +798,22 @@ The CronTab "my-new-cron-object" is invalid: * spec: Invalid value: map[string]interface {}{"maxReplicas":10, "minReplicas":0, "replicas":20}: failed rule: self.replicas <= self.maxReplicas ``` -Validation rules are compiled when CRDs are created/updated. -The request of CRDs create/update will fail if compilation of validation rules fail. +Validation rules are compiled when CRDs are created/updated. +The request of CRDs create/update will fail if compilation of validation rules fail. Compilation process includes type checking as well. The compilation failure: - `no_matching_overload`: this function has no overload for the types of the arguments. - + For example, a rule like `self == true` against a field of integer type will get error: ```none Invalid value: apiextensions.ValidationRule{Rule:"self == true", Message:""}: compilation failed: ERROR: \:1:6: found no matching overload for '_==_' applied to '(int, bool)' ``` - + - `no_such_field`: does not contain the desired field. - + For example, a rule like `self.nonExistingField > 0` against a non-existing field will return the following error: @@ -822,7 +822,7 @@ The compilation failure: ``` - `invalid argument`: invalid argument to macros. - + For example, a rule like `has(self)` will return error: ```none @@ -961,7 +961,7 @@ Examples: The `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object and from any `x-kubernetes-embedded-resource` annotated objects. No other metadata properties are accessible. - + Unknown data preserved in custom resources via `x-kubernetes-preserve-unknown-fields` is not accessible in CEL expressions. This includes: @@ -1007,7 +1007,7 @@ the list type: - `map`: `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with non-intersecting keys are appended, retaining their partial order. - + Here is the declarations type mapping between OpenAPIv3 and CEL type: @@ -1035,6 +1035,37 @@ xref: [CEL types](https://github.com/google/cel-spec/blob/v0.6.0/doc/langdef.md# [OpenAPI types](https://swagger.io/specification/#data-types), [Kubernetes Structural Schemas](/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#specifying-a-structural-schema). +#### The messageExpression field + +Similar to the `message` field, which defines the string reported for a validation rule failure, +`messageExpression` allows you to use a CEL expression to construct the message string. +This allows you to insert more descriptive information into the validation failure message. +`messageExpression` must evaluate a string and may use the same variables that are available to the `rule` +field. For example: + +```yaml +x-kubernetes-validations: +- rule: "self.x <= self.maxLimit" + messageExpression: '"x exceeded max limit of " + string(self.maxLimit)' +``` + +Keep in mind that CEL string concatenation (`+` operator) does not auto-cast to string. If +you have a non-string scalar, use the `string()` function to cast the scalar to a string +like shown in the above example. + +`messageExpression` must evaluate to a string, and this is checked while the CRD is being written. Note that it is possible +to set `message` and `messageExpression` on the same rule, and if both are present, `messageExpression` +will be used. However, if `messageExpression` evaluates to an error, the string defined in `message` +will be used instead, and the `messageExpression` error will be logged. This fallback will also occur if +the CEL expression defined in `messageExpression` generates an empty string, or a string containing line +breaks. + +If one of the above conditions are met and no `message` has been set, then the default validation failure +message will be used instead. + +`messageExpression` is a CEL expression, so the restrictions listed in [Resource use by validation functions](#resource-use-by-validation-functions) apply. If evaluation halts due to resource constraints +during `messageExpression` execution, then no further validation rules will be executed. + #### Validation functions {#available-validation-functions} Functions available include: @@ -1100,8 +1131,8 @@ estimated to be prohibitively expensive to execute, the API server rejects the c or update operation, and returns an error message. A similar system is used at runtime that observes the actions the interpreter takes. If the interpreter executes too many instructions, execution of the rule will be halted, and an error will result. -Each CustomResourceDefinition is also allowed a certain amount of resources to finish executing all of -its validation rules. If the sum total of its rules are estimated at creation time to go over that limit, +Each CustomResourceDefinition is also allowed a certain amount of resources to finish executing all of +its validation rules. If the sum total of its rules are estimated at creation time to go over that limit, then a validation error will also occur. You are unlikely to encounter issues with the resource budget for validation if you only @@ -1114,7 +1145,7 @@ Another example would be if `foo` were an array, and you specified a validation The cost system always assumes the worst-case scenario if a limit on the length of `foo` is not given, and this will happen for anything that can be iterated over (lists, maps, etc.). -Because of this, it is considered best practice to put a limit via `maxItems`, `maxProperties`, and +Because of this, it is considered best practice to put a limit via `maxItems`, `maxProperties`, and `maxLength` for anything that will be processed in a validation rule in order to prevent validation errors during cost estimation. For example, given this schema with one rule: @@ -1133,8 +1164,8 @@ openAPIV3Schema: then the API server rejects this rule on validation budget grounds with error: ``` -spec.validation.openAPIV3Schema.properties[spec].properties[foo].x-kubernetes-validations[0].rule: Forbidden: -CEL rule exceeded budget by more than 100x (try simplifying the rule, or adding maxItems, maxProperties, and +spec.validation.openAPIV3Schema.properties[spec].properties[foo].x-kubernetes-validations[0].rule: Forbidden: +CEL rule exceeded budget by more than 100x (try simplifying the rule, or adding maxItems, maxProperties, and maxLength where arrays, maps, and strings are used) ``` @@ -1177,7 +1208,7 @@ openAPIV3Schema: maxLength: 10 ``` -If a list inside of a list has a validation rule that uses `self.all`, that is significantly more expensive +If a list inside of a list has a validation rule that uses `self.all`, that is significantly more expensive than a non-nested list with the same rule. A rule that would have been allowed on a non-nested list might need lower limits set on both nested lists in order to be allowed. For example, even without having limits set, the following rule is allowed: @@ -1346,19 +1377,23 @@ with `foo` pruned and defaulted because the field is non-nullable, `bar` maintai value due to `nullable: true`, and `baz` pruned because the field is non-nullable and has no default. -### Publish Validation Schema in OpenAPI v2 +### Publish Validation Schema in OpenAPI CustomResourceDefinition [OpenAPI v3 validation schemas](#validation) which are [structural](#specifying-a-structural-schema) and [enable pruning](#field-pruning) are published -as part of the [OpenAPI v2 spec](/docs/concepts/overview/kubernetes-api/#openapi-and-swagger-definitions) -from Kubernetes API server. +as [OpenAPI v3](/docs/concepts/overview/kubernetes-api/#openapi-and-swagger-definitions) and +OpenAPI v2 from Kubernetes API server. It is recommended to use the OpenAPI v3 document +as it is a lossless representation of the CustomResourceDefinition OpenAPI v3 validation schema +while OpenAPI v2 represents a lossy conversion. The [kubectl](/docs/reference/kubectl/) command-line tool consumes the published schema to perform client-side validation (`kubectl create` and `kubectl apply`), schema explanation (`kubectl explain`) on custom resources. The published schema can be consumed for other purposes as well, like client generation or documentation. -The OpenAPI v3 validation schema is converted to OpenAPI v2 schema, and -show up in `definitions` and `paths` fields in the +#### Compatibility with OpenAPI V2 + +For compatibility with OpenAPI V2, the OpenAPI v3 validation schema performs a lossy conversion +to the OpenAPI v2 schema. The schema show up in `definitions` and `paths` fields in the [OpenAPI v2 spec](/docs/concepts/overview/kubernetes-api/#openapi-and-swagger-definitions). The following modifications are applied during the conversion to keep backwards compatibility with @@ -1366,8 +1401,7 @@ kubectl in previous 1.13 version. These modifications prevent kubectl from being valid OpenAPI schemas that it doesn't understand. The conversion won't modify the validation schema defined in CRD, and therefore won't affect [validation](#validation) in the API server. -1. The following fields are removed as they aren't supported by OpenAPI v2 - (in future versions OpenAPI v3 will be used without these restrictions) +1. The following fields are removed as they aren't supported by OpenAPI v2. - The fields `allOf`, `anyOf`, `oneOf` and `not` are removed @@ -1769,4 +1803,3 @@ crontabs/my-new-cron-object 3s * Serve [multiple versions](/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definition-versioning/) of a CustomResourceDefinition. - diff --git a/content/en/docs/tasks/inject-data-application/define-environment-variable-container.md b/content/en/docs/tasks/inject-data-application/define-environment-variable-container.md index 50cc57f1e5d..ba226f8f9f3 100644 --- a/content/en/docs/tasks/inject-data-application/define-environment-variable-container.md +++ b/content/en/docs/tasks/inject-data-application/define-environment-variable-container.md @@ -21,6 +21,22 @@ When you create a Pod, you can set environment variables for the containers that run in the Pod. To set environment variables, include the `env` or `envFrom` field in the configuration file. +The `env` and `envFrom` fields have different effects. + +`env` +: allows you to set environment variables for a container, specifying a value directly for each variable that you name. + +`envFrom` +: allows you to set environment variables for a container by referencing either a ConfigMap or a Secret. + When you use `envFrom`, all the key-value pairs in the referenced ConfigMap or Secret + are set as environment variables for the container. + You can also specify a common prefix string. + +You can read more about [ConfigMap](/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) +and [Secret](/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables). + +This page explains how to use `env`. + In this exercise, you create a Pod that runs one container. The configuration file for the Pod defines an environment variable with name `DEMO_GREETING` and value `"Hello from the environment"`. Here is the configuration manifest for the diff --git a/content/en/docs/tasks/job/pod-failure-policy.md b/content/en/docs/tasks/job/pod-failure-policy.md index 3cafd35ae98..124331847cc 100644 --- a/content/en/docs/tasks/job/pod-failure-policy.md +++ b/content/en/docs/tasks/job/pod-failure-policy.md @@ -28,6 +28,9 @@ You should already be familiar with the basic use of [Job](/docs/concepts/worklo {{< include "task-tutorial-prereqs.md" >}} {{< version-check >}} +Ensure that the [feature gates](/docs/reference/command-line-tools-reference/feature-gates/) +`PodDisruptionConditions` and `JobPodFailurePolicy` are both enabled in your cluster. + ## Using Pod failure policy to avoid unnecessary Pod retries With the following example, you can learn how to use Pod failure policy to @@ -129,6 +132,114 @@ kubectl delete jobs/job-pod-failure-policy-ignore The cluster automatically cleans up the Pods. +## Using Pod failure policy to avoid unnecessary Pod retries based on custom Pod Conditions + +With the following example, you can learn how to use Pod failure policy to +avoid unnecessary Pod restarts based on custom Pod Conditions. + +{{< note >}} +The example below works since version 1.27 as it relies on transitioning of +deleted pods, in the `Pending` phase, to a terminal phase +(see: [Pod Phase](/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase)). +{{< /note >}} + +1. First, create a Job based on the config: + + {{< codenew file="/controllers/job-pod-failure-policy-config-issue.yaml" >}} + + by running: + + ```sh + kubectl create -f job-pod-failure-policy-config-issue.yaml + ``` + + Note that, the image is misconfigured, as it does not exist. + +2. Inspect the status of the job's Pods by running: + + ```sh + kubectl get pods -l job-name=job-pod-failure-policy-config-issue -o yaml + ``` + + You will see output similar to this: + ```yaml + containerStatuses: + - image: non-existing-repo/non-existing-image:example + ... + state: + waiting: + message: Back-off pulling image "non-existing-repo/non-existing-image:example" + reason: ImagePullBackOff + ... + phase: Pending + ``` + + Note that the pod remains in the `Pending` phase as it fails to pull the + misconfigured image. This, in principle, could be a transient issue and the + image could get pulled. However, in this case, the image does not exist so + we indicate this fact by a custom condition. + +3. Add the custom condition. First prepare the patch by running: + + ```sh + cat < patch.yaml + status: + conditions: + - type: ConfigIssue + status: "True" + reason: "NonExistingImage" + lastTransitionTime: "$(date -u +"%Y-%m-%dT%H:%M:%SZ")" + EOF + ``` + Second, select one of the pods created by the job by running: + ``` + podName=$(kubectl get pods -l job-name=job-pod-failure-policy-config-issue -o jsonpath='{.items[0].metadata.name}') + ``` + + Then, apply the patch on one of the pods by running the following command: + + ```sh + kubectl patch pod $podName --subresource=status --patch-file=patch.yaml + ``` + + If applied successfully, you will get a notification like this: + + ```sh + pod/job-pod-failure-policy-config-issue-k6pvp patched + ``` + +4. Delete the pod to transition it to `Failed` phase, by running the command: + + ```sh + kubectl delete pods/$podName + ``` + +5. Inspect the status of the Job by running: + + ```sh + kubectl get jobs -l job-name=job-pod-failure-policy-config-issue -o yaml + ``` + + In the Job status, see a job `Failed` condition with the field `reason` + equal `PodFailurePolicy`. Additionally, the `message` field contains a + more detailed information about the Job termination, such as: + `Pod default/job-pod-failure-policy-config-issue-k6pvp has condition ConfigIssue matching FailJob rule at index 0`. + +{{< note >}} +In a production environment, the steps 3 and 4 should be automated by a +user-provided controller. +{{< /note >}} + +### Cleaning up + +Delete the Job you created: + +```sh +kubectl delete jobs/job-pod-failure-policy-config-issue +``` + +The cluster automatically cleans up the Pods. + ## Alternatives You could rely solely on the diff --git a/content/en/docs/tasks/manage-kubernetes-objects/declarative-config.md b/content/en/docs/tasks/manage-kubernetes-objects/declarative-config.md index 2b54f2f4094..cc06edbede9 100644 --- a/content/en/docs/tasks/manage-kubernetes-objects/declarative-config.md +++ b/content/en/docs/tasks/manage-kubernetes-objects/declarative-config.md @@ -12,16 +12,12 @@ retains writes made to live objects without merging the changes back into the object configuration files. `kubectl diff` also gives you a preview of what changes `apply` will make. - ## {{% heading "prerequisites" %}} - Install [`kubectl`](/docs/tasks/tools/). {{< include "task-tutorial-prereqs.md" >}} {{< version-check >}} - - ## Trade-offs @@ -52,7 +48,7 @@ Following are definitions for terms used in this document: - *live object configuration / live configuration*: The live configuration values of an object, as observed by the Kubernetes cluster. These are kept in the Kubernetes cluster storage, typically etcd. -- *declarative configuration writer / declarative writer*: A person or software component +- *declarative configuration writer / declarative writer*: A person or software component that makes updates to a live object. The live writers referred to in this topic make changes to object configuration files and run `kubectl apply` to write the changes. @@ -62,7 +58,7 @@ Use `kubectl apply` to create all objects, except those that already exist, defined by configuration files in a specified directory: ```shell -kubectl apply -f / +kubectl apply -f ``` This sets the `kubectl.kubernetes.io/last-applied-configuration: '{...}'` @@ -157,8 +153,8 @@ if those objects already exist. This approach accomplishes the following: 2. Clears fields removed from the configuration file in the live configuration. ```shell -kubectl diff -f / -kubectl apply -f / +kubectl diff -f +kubectl apply -f ``` {{< note >}} @@ -371,44 +367,114 @@ to result in the user deleting something unintentionally: kubectl delete -f ``` -### Alternative: `kubectl apply -f --prune -l your=label` +### Alternative: `kubectl apply -f --prune` -Only use this if you know what you are doing. +As an alternative to `kubectl delete`, you can use `kubectl apply` to identify objects to be deleted after +their manifests have been removed from a directory in the local filesystem. + +In Kubernetes {{< skew currentVersion >}}, there are two pruning modes available in kubectl apply: + +- Allowlist-based pruning: This mode has existed since kubectl v1.5 but is still + in alpha due to usability, correctness and performance issues with its design. + The ApplySet-based mode is designed to replace it. +- ApplySet-based pruning: An _apply set_ is a server-side object (by default, a Secret) + that kubectl can use to accurately and efficiently track set membership across **apply** + operations. This mode was introduced in alpha in kubectl v1.27 as a replacement for allowlist-based pruning. + +{{< tabs name="kubectl_apply_prune" >}} +{{% tab name="Allow list" %}} + +{{< feature-state for_k8s_version="v1.5" state="alpha" >}} {{< warning >}} -`kubectl apply --prune` is in alpha, and backwards incompatible -changes might be introduced in subsequent releases. +Take care when using `--prune` with `kubectl apply` in allow list mode. Which +objects are pruned depends on the values of the `--prune-allowlist`, `--selector` +and `--namespace` flags, and relies on dynamic discovery of the objects in scope. +Especially if flag values are changed between invocations, this can lead to objects +being unexpectedly deleted or retained. {{< /warning >}} -{{< warning >}} -You must be careful when using this command, so that you -do not delete objects unintentionally. -{{< /warning >}} +To use allowlist-based pruning, add the following flags to your `kubectl apply` invocation: -As an alternative to `kubectl delete`, you can use `kubectl apply` to identify objects to be deleted after their -configuration files have been removed from the directory. Apply with `--prune` -queries the API server for all objects matching a set of labels, and attempts -to match the returned live object configurations against the object -configuration files. If an object matches the query, and it does not have a -configuration file in the directory, and it has a `last-applied-configuration` annotation, +- `--prune`: Delete previously applied objects that are not in the set passed to the current invocation. +- `--prune-allowlist`: A list of group-version-kinds (GVKs) to consider for pruning. + This flag is optional but strongly encouraged, as its default value is a partial + list of both namespaced and cluster-scoped types, which can lead to surprising results. +- `--selector/-l`: Use a label selector to constrain the set of objects selected + for pruning. This flag is optional but strongly encouraged. +- `--all`: use instead of `--selector/-l` to explicitly select all previously + applied objects of the allowlisted types. + +Allowlist-based pruning queries the API server for all objects of the allowlisted GVKs that match the given labels (if any), and attempts to match the returned live object configurations against the object +manifest files. If an object matches the query, and it does not have a +manifest in the directory, and it has a `kubectl.kubernetes.io/last-applied-configuration` annotation, it is deleted. -{{< comment >}} -TODO(pwittrock): We need to change the behavior to prevent the user from running apply on subdirectories unintentionally. -{{< /comment >}} - ```shell -kubectl apply -f --prune -l +kubectl apply -f --prune -l --prune-allowlist= ``` {{< warning >}} Apply with prune should only be run against the root directory -containing the object configuration files. Running against sub-directories -can cause objects to be unintentionally deleted if they are returned -by the label selector query specified with `-l ` and -do not appear in the subdirectory. +containing the object manifests. Running against sub-directories +can cause objects to be unintentionally deleted if they were previously applied, +have the labels given (if any), and do not appear in the subdirectory. {{< /warning >}} +{{% /tab %}} + +{{% tab name="Apply set" %}} + +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + +{{< caution >}} +`kubectl apply --prune --applyset` is in alpha, and backwards incompatible +changes might be introduced in subsequent releases. +{{< /caution >}} + +To use ApplySet-based pruning, set the `KUBECTL_APPLYSET=true` environment variable, +and add the following flags to your `kubectl apply` invocation: +- `--prune`: Delete previously applied objects that are not in the set passed + to the current invocation. +- `--applyset`: The name of an object that kubectl can use to accurately and + efficiently track set membership across `apply` operations. + +```shell +KUBECTL_APPLYSET=true kubectl apply -f --prune --applyset= +``` + +By default, the type of the ApplySet parent object used is a Secret. However, +ConfigMaps can also be used in the format: `--applyset=configmaps/`. +When using a Secret or ConfigMap, kubectl will create the object if it does not already exist. + +It is also possible to use custom resources as ApplySet parent objects. To enable +this, label the Custom Resource Definition (CRD) that defines the resource you want +to use with the following: `applyset.kubernetes.io/is-parent-type: true`. Then, create +the object you want to use as an ApplySet parent (kubectl does not do this automatically +for custom resources). Finally, refer to that object in the applyset flag as follows: +`--applyset=./` (for example, `widgets.custom.example.com/widget-name`). + +With ApplySet-based pruning, kubectl adds the `applyset.kubernetes.io/part-of=` +label to each object in the set before they are sent to the server. For performance reasons, +it also collects the list of resource types and namespaces that the set contains and adds +these in annotations on the live parent object. Finally, at the end of the apply operation, +it queries the API server for objects of those types in those namespaces +(or in the cluster scope, as applicable) that belong to the set, as defined by the +`applyset.kubernetes.io/part-of=` label. + +Caveats and restrictions: + +- Each object may be a member of at most one set. +- The `--namespace` flag is required when using any namespaced parent, including + the default Secret. This means that ApplySets spanning multiple namespaces must + use a cluster-scoped custom resource as the parent object. +- To safely use ApplySet-based pruning with multiple directories, + use a unique ApplySet name for each. + +{{% /tab %}} + +{{< /tabs >}} + ## How to view an object You can use `kubectl get` with `-o yaml` to view the configuration of a live object: @@ -440,8 +506,10 @@ is used to identify fields that have been removed from the configuration file and need to be cleared from the live configuration. Here are the steps used to calculate which fields should be deleted or set: -1. Calculate the fields to delete. These are the fields present in `last-applied-configuration` and missing from the configuration file. -2. Calculate the fields to add or set. These are the fields present in the configuration file whose values don't match the live configuration. +1. Calculate the fields to delete. These are the fields present in + `last-applied-configuration` and missing from the configuration file. +2. Calculate the fields to add or set. These are the fields present in + the configuration file whose values don't match the live configuration. Here's an example. Suppose this is the configuration file for a Deployment object: @@ -496,11 +564,11 @@ Here are the merge calculations that would be performed by `kubectl apply`: regardless of whether they appear in the `last-applied-configuration`. In this example, `minReadySeconds` appears in the `last-applied-configuration` annotation, but does not appear in the configuration file. - **Action:** Clear `minReadySeconds` from the live configuration. + **Action:** Clear `minReadySeconds` from the live configuration. 2. Calculate the fields to set by reading values from the configuration file and comparing them to values in the live configuration. In this example, the value of `image` in the configuration file does not match - the value in the live configuration. **Action:** Set the value of `image` in the live configuration. + the value in the live configuration. **Action:** Set the value of `image` in the live configuration. 3. Set the `last-applied-configuration` annotation to match the value of the configuration file. 4. Merge the results from 1, 2, 3 into a single patch request to the API server. @@ -946,22 +1014,22 @@ configuration involves several manual steps: 1. Export the live object to a local configuration file: - ```shell - kubectl get / -o yaml > _.yaml - ``` + ```shell + kubectl get / -o yaml > _.yaml + ``` 1. Manually remove the `status` field from the configuration file. - {{< note >}} - This step is optional, as `kubectl apply` does not update the status field - even if it is present in the configuration file. - {{< /note >}} + {{< note >}} + This step is optional, as `kubectl apply` does not update the status field + even if it is present in the configuration file. + {{< /note >}} 1. Set the `kubectl.kubernetes.io/last-applied-configuration` annotation on the object: - ```shell - kubectl replace --save-config -f _.yaml - ``` + ```shell + kubectl replace --save-config -f _.yaml + ``` 1. Change processes to use `kubectl apply` for managing the object exclusively. @@ -973,9 +1041,9 @@ TODO(pwittrock): Why doesn't export remove the status field? Seems like it shou 1. Set the `kubectl.kubernetes.io/last-applied-configuration` annotation on the object: - ```shell - kubectl replace --save-config -f _.yaml - ``` + ```shell + kubectl replace --save-config -f _.yaml + ``` 1. Change processes to use `kubectl apply` for managing the object exclusively. @@ -1002,10 +1070,7 @@ template: ## {{% heading "whatsnext" %}} - * [Managing Kubernetes Objects Using Imperative Commands](/docs/tasks/manage-kubernetes-objects/imperative-command/) * [Imperative Management of Kubernetes Objects Using Configuration Files](/docs/tasks/manage-kubernetes-objects/imperative-config/) * [Kubectl Command Reference](/docs/reference/generated/kubectl/kubectl-commands/) * [Kubernetes API Reference](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/) - - diff --git a/content/en/docs/tasks/run-application/configure-pdb.md b/content/en/docs/tasks/run-application/configure-pdb.md index ed3eebe6270..b7e219d4ee9 100644 --- a/content/en/docs/tasks/run-application/configure-pdb.md +++ b/content/en/docs/tasks/run-application/configure-pdb.md @@ -241,10 +241,10 @@ These pods are tracked via `.status.currentHealthy` field in the PDB status. ## Unhealthy Pod Eviction Policy -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} {{< note >}} -In order to use this behavior, you must enable the `PDBUnhealthyPodEvictionPolicy` +This feature is enabled by default. You can disable it by disabling the `PDBUnhealthyPodEvictionPolicy` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) on the [API server](/docs/reference/command-line-tools-reference/kube-apiserver/). {{< /note >}} diff --git a/content/en/docs/tasks/run-application/horizontal-pod-autoscale.md b/content/en/docs/tasks/run-application/horizontal-pod-autoscale.md index 5027d07cf62..1611836d561 100644 --- a/content/en/docs/tasks/run-application/horizontal-pod-autoscale.md +++ b/content/en/docs/tasks/run-application/horizontal-pod-autoscale.md @@ -274,7 +274,7 @@ pod usage is still within acceptable limits. ### Container resource metrics -{{< feature-state for_k8s_version="v1.20" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} The HorizontalPodAutoscaler API also supports a container metric source where the HPA can track the resource usage of individual containers across a set of Pods, in order to scale the target resource. diff --git a/content/en/docs/tutorials/kubernetes-basics/update/update-intro.html b/content/en/docs/tutorials/kubernetes-basics/update/update-intro.html index 62d16e5851d..0c2a3eaca5b 100644 --- a/content/en/docs/tutorials/kubernetes-basics/update/update-intro.html +++ b/content/en/docs/tutorials/kubernetes-basics/update/update-intro.html @@ -144,7 +144,7 @@ description: |-

    First, check that the app is running. To find the exposed IP address and port, run the describe service command:

    kubectl describe services/kubernetes-bootcamp

    Create an environment variable called NODE_PORT that has the value of the Node port assigned:

    -

    export NODE_PORT="$(kubectl get services/kubernetes-bootcamp -o go-template='{{(index .spec.ports 0).nodePort}}')
    +

    export NODE_PORT="$(kubectl get services/kubernetes-bootcamp -o go-template='{{(index .spec.ports 0).nodePort}}')"
    echo "NODE_PORT=$NODE_PORT"

    Next, do a curl to the the exposed IP and port:

    curl http://"$(minikube ip):$NODE_PORT"

    diff --git a/content/en/docs/tutorials/security/seccomp.md b/content/en/docs/tutorials/security/seccomp.md index 3a445afacfe..7db5ffe6d3f 100644 --- a/content/en/docs/tutorials/security/seccomp.md +++ b/content/en/docs/tutorials/security/seccomp.md @@ -156,14 +156,12 @@ running within kind. ## Enable the use of `RuntimeDefault` as the default seccomp profile for all workloads -{{< feature-state state="beta" for_k8s_version="v1.25" >}} +{{< feature-state state="stable" for_k8s_version="v1.27" >}} -To use seccomp profile defaulting, you must run the kubelet with the `SeccompDefault` -[feature gate](/docs/reference/command-line-tools-reference/feature-gates/) enabled -(this is the default). You must also explicitly enable the defaulting behavior for each -node where you want to use this with the corresponding `--seccomp-default` -[command line flag](/docs/reference/command-line-tools-reference/kubelet). -Both have to be enabled simultaneously to use the feature. +To use seccomp profile defaulting, you must run the kubelet with the +`--seccomp-default` +[command line flag](/docs/reference/command-line-tools-reference/kubelet) +enabled for each node where you want to use it. If enabled, the kubelet will use the `RuntimeDefault` seccomp profile by default, which is defined by the container runtime, instead of using the `Unconfined` (seccomp disabled) mode. @@ -200,10 +198,8 @@ in the related Kubernetes Enhancement Proposal (KEP): Kubernetes {{< skew currentVersion >}} lets you configure the seccomp profile that applies when the spec for a Pod doesn't define a specific seccomp profile. -This is a beta feature and the corresponding `SeccompDefault` [feature -gate](/docs/reference/command-line-tools-reference/feature-gates/) is enabled by -default. However, you still need to enable this defaulting for each node where -you would like to use it. +However, you still need to enable this defaulting for each node where you would +like to use it. If you are running a Kubernetes {{< skew currentVersion >}} cluster and want to enable the feature, either run the kubelet with the `--seccomp-default` command @@ -216,8 +212,6 @@ the minimum required Kubernetes version and enables the `SeccompDefault` feature ```yaml kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 -featureGates: - SeccompDefault: true nodes: - role: control-plane image: kindest/node:v1.23.0@sha256:49824ab1727c04e56a21a5d8372a402fcd32ea51ac96a2706a12af38934f81ac @@ -234,7 +228,6 @@ nodes: kind: JoinConfiguration nodeRegistration: kubeletExtraArgs: - feature-gates: SeccompDefault=true seccomp-default: "true" ``` @@ -272,7 +265,7 @@ or not. You can adopt these defaults for your workload by setting the seccomp type in the security context of a pod or container to `RuntimeDefault`. {{< note >}} -If you have the `SeccompDefault` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) +If you have the `seccompDefault` [configuration](/docs/reference/config-api/kubelet-config.v1beta1/) enabled, then Pods use the `RuntimeDefault` seccomp profile whenever no other seccomp profile is specified. Otherwise, the default is `Unconfined`. {{< /note >}} @@ -313,17 +306,11 @@ Here's a manifest for that Pod: {{< codenew file="pods/security/seccomp/ga/audit-pod.yaml" >}} {{< note >}} -The functional support for the already deprecated seccomp annotations -`seccomp.security.alpha.kubernetes.io/pod` (for the whole pod) and -`container.seccomp.security.alpha.kubernetes.io/[name]` (for a single container) -is going to be removed with a future release of Kubernetes. Please always use -the native API fields in favor of the annotations. - -Since Kubernetes v1.25, kubelets no longer support the annotations, use of the -annotations in static pods is no longer supported, and the seccomp annotations -are no longer auto-populated when pods with seccomp fields are created. -Auto-population of the seccomp fields from the annotations is planned to be -removed in a future release. +Older versions of Kubernetes allowed you to configure seccomp +behavior using {{< glossary_tooltip text="annotations" term_id="annotation" >}}. +Kubernetes {{< skew currentVersion >}} only supports using fields within +`.spec.securityContext` to configure seccomp, and this tutorial explains that +approach. {{< /note >}} Create the Pod in the cluster: diff --git a/content/en/examples/access/deployment-replicas-policy.yaml b/content/en/examples/access/deployment-replicas-policy.yaml new file mode 100644 index 00000000000..e12a8a0961f --- /dev/null +++ b/content/en/examples/access/deployment-replicas-policy.yaml @@ -0,0 +1,19 @@ +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicy +metadata: + name: "deploy-replica-policy.example.com" +spec: + paramKind: + apiVersion: rules.example.com/v1 + kind: ReplicaLimit + matchConstraints: + resourceRules: + - apiGroups: ["apps"] + apiVersions: ["v1"] + operations: ["CREATE", "UPDATE"] + resources: ["deployments"] + validations: + - expression: "object.spec.replicas <= params.maxReplicas" + messageExpression: "'object.spec.replicas must be no greater than ' + string(params.maxReplicas)" + reason: Invalid + diff --git a/content/en/examples/access/validating-admission-policy-audit-annotation.yaml b/content/en/examples/access/validating-admission-policy-audit-annotation.yaml new file mode 100644 index 00000000000..5a7a20ac56a --- /dev/null +++ b/content/en/examples/access/validating-admission-policy-audit-annotation.yaml @@ -0,0 +1,16 @@ +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicy +metadata: + name: "demo-policy.example.com" +spec: + failurePolicy: Fail + matchConstraints: + resourceRules: + - apiGroups: ["apps"] + apiVersions: ["v1"] + operations: ["CREATE", "UPDATE"] + resources: ["deployments"] + validations: + - key: "high-replica-count" + expression: "object.spec.replicas > 50" + messageExpression: "'Deployment spec.replicas set to ' + string(object.spec.replicas)" diff --git a/content/en/examples/access/validating-admission-policy-match-conditions.yaml b/content/en/examples/access/validating-admission-policy-match-conditions.yaml new file mode 100644 index 00000000000..9a49adf1521 --- /dev/null +++ b/content/en/examples/access/validating-admission-policy-match-conditions.yaml @@ -0,0 +1,22 @@ +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicy +metadata: + name: "demo-policy.example.com" +spec: + failurePolicy: Fail + matchConstraints: + resourceRules: + - apiGroups: ["*"] + apiVersions: ["*"] + operations: ["CREATE", "UPDATE"] + resources: ["*"] + matchConditions: + - name: 'exclude-leases' # Each match condition must have a unique name + expression: '!(request.resource.group == "coordination.k8s.io" && request.resource.resource == "leases")' # Match non-lease resources. + - name: 'exclude-kubelet-requests' + expression: '!("system:nodes" in request.userInfo.groups)' # Match requests made by non-node users. + - name: 'rbac' # Skip RBAC requests. + expression: 'request.resource.group != "rbac.authorization.k8s.io"' + validations: + - expression: "!object.metadata.name.contains('demo') || object.metadata.namespace == 'demo'" + diff --git a/content/en/examples/admin/konnectivity/konnectivity-agent.yaml b/content/en/examples/admin/konnectivity/konnectivity-agent.yaml index 0eb47e1c58b..cbcbf89114a 100644 --- a/content/en/examples/admin/konnectivity/konnectivity-agent.yaml +++ b/content/en/examples/admin/konnectivity/konnectivity-agent.yaml @@ -22,7 +22,7 @@ spec: - key: "CriticalAddonsOnly" operator: "Exists" containers: - - image: us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent:v0.0.16 + - image: us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent:v0.0.37 name: konnectivity-agent command: ["/proxy-agent"] args: [ diff --git a/content/en/examples/admin/konnectivity/konnectivity-server.yaml b/content/en/examples/admin/konnectivity/konnectivity-server.yaml index 9f583740bd8..4dfbf5db9d1 100644 --- a/content/en/examples/admin/konnectivity/konnectivity-server.yaml +++ b/content/en/examples/admin/konnectivity/konnectivity-server.yaml @@ -8,12 +8,13 @@ spec: hostNetwork: true containers: - name: konnectivity-server-container - image: registry.k8s.io/kas-network-proxy/proxy-server:v0.0.32 + image: registry.k8s.io/kas-network-proxy/proxy-server:v0.0.37 command: ["/proxy-server"] args: [ "--logtostderr=true", # This needs to be consistent with the value set in egressSelectorConfiguration. "--uds-name=/etc/kubernetes/konnectivity-server/konnectivity-server.socket", + "--delete-existing-uds-file", # The following two lines assume the Konnectivity server is # deployed on the same machine as the apiserver, and the certs and # key of the API Server are at the specified location. diff --git a/content/en/examples/controllers/job-pod-failure-policy-config-issue.yaml b/content/en/examples/controllers/job-pod-failure-policy-config-issue.yaml new file mode 100644 index 00000000000..fc82ca188c0 --- /dev/null +++ b/content/en/examples/controllers/job-pod-failure-policy-config-issue.yaml @@ -0,0 +1,19 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: job-pod-failure-policy-config-issue +spec: + completions: 8 + parallelism: 2 + template: + spec: + restartPolicy: Never + containers: + - name: main + image: "non-existing-repo/non-existing-image:example" + backoffLimit: 6 + podFailurePolicy: + rules: + - action: FailJob + onPodConditions: + - type: ConfigIssue diff --git a/content/en/examples/examples_test.go b/content/en/examples/examples_test.go index 82c2fdc14aa..4bc95fadcd3 100644 --- a/content/en/examples/examples_test.go +++ b/content/en/examples/examples_test.go @@ -34,6 +34,9 @@ import ( "k8s.io/apimachinery/pkg/util/yaml" "k8s.io/kubernetes/pkg/api/legacyscheme" + "k8s.io/kubernetes/pkg/apis/admissionregistration" + admreg_validation "k8s.io/kubernetes/pkg/apis/admissionregistration/validation" + "k8s.io/kubernetes/pkg/apis/apps" apps_validation "k8s.io/kubernetes/pkg/apis/apps/validation" @@ -65,6 +68,7 @@ import ( "k8s.io/kubernetes/pkg/registry/batch/job" // initialize install packages + _ "k8s.io/kubernetes/pkg/apis/admissionregistration/install" _ "k8s.io/kubernetes/pkg/apis/apps/install" _ "k8s.io/kubernetes/pkg/apis/autoscaling/install" _ "k8s.io/kubernetes/pkg/apis/batch/install" @@ -102,6 +106,7 @@ func (g TestGroup) Codec() runtime.Codec { func initGroups() { Groups = make(map[string]TestGroup) groupNames := []string{ + admissionregistration.GroupName, api.GroupName, apps.GroupName, autoscaling.GroupName, @@ -152,7 +157,6 @@ func getCodecForObject(obj runtime.Object) (runtime.Codec, error) { func validateObject(obj runtime.Object) (errors field.ErrorList) { podValidationOptions := validation.PodValidationOptions{ - AllowDownwardAPIHugePages: true, AllowInvalidPodDeletionCost: false, AllowIndivisibleHugePagesValues: true, AllowExpandedDNSConfig: true, @@ -170,6 +174,10 @@ func validateObject(obj runtime.Object) (errors field.ErrorList) { // Enable CustomPodDNS for testing // feature.DefaultFeatureGate.Set("CustomPodDNS=true") switch t := obj.(type) { + case *admissionregistration.ValidatingWebhookConfiguration: + errors = admreg_validation.ValidateValidatingWebhookConfiguration(t) + case *admissionregistration.ValidatingAdmissionPolicy: + errors = admreg_validation.ValidateValidatingAdmissionPolicy(t) case *api.ConfigMap: if t.Namespace == "" { t.Namespace = api.NamespaceDefault @@ -390,7 +398,10 @@ func TestExampleObjectSchemas(t *testing.T) { // Please help maintain the alphabeta order in the map cases := map[string]map[string][]runtime.Object{ "access": { - "endpoints-aggregated": {&rbac.ClusterRole{}}, + "deployment-replicas-policy": {&admissionregistration.ValidatingAdmissionPolicy{}}, + "endpoints-aggregated": {&rbac.ClusterRole{}}, + "validating-admission-policy-audit-annotation": {&admissionregistration.ValidatingAdmissionPolicy{}}, + "validating-admission-policy-match-conditions": {&admissionregistration.ValidatingAdmissionPolicy{}}, }, "access/certificate-signing-request": { "clusterrole-approve": {&rbac.ClusterRole{}}, @@ -544,20 +555,21 @@ func TestExampleObjectSchemas(t *testing.T) { "configure-pod": {&api.Pod{}}, }, "controllers": { - "daemonset": {&apps.DaemonSet{}}, - "fluentd-daemonset": {&apps.DaemonSet{}}, - "fluentd-daemonset-update": {&apps.DaemonSet{}}, - "frontend": {&apps.ReplicaSet{}}, - "hpa-rs": {&autoscaling.HorizontalPodAutoscaler{}}, - "job": {&batch.Job{}}, - "job-pod-failure-policy-example": {&batch.Job{}}, - "job-pod-failure-policy-failjob": {&batch.Job{}}, - "job-pod-failure-policy-ignore": {&batch.Job{}}, - "replicaset": {&apps.ReplicaSet{}}, - "replication": {&api.ReplicationController{}}, - "replication-nginx-1.14.2": {&api.ReplicationController{}}, - "replication-nginx-1.16.1": {&api.ReplicationController{}}, - "nginx-deployment": {&apps.Deployment{}}, + "daemonset": {&apps.DaemonSet{}}, + "fluentd-daemonset": {&apps.DaemonSet{}}, + "fluentd-daemonset-update": {&apps.DaemonSet{}}, + "frontend": {&apps.ReplicaSet{}}, + "hpa-rs": {&autoscaling.HorizontalPodAutoscaler{}}, + "job": {&batch.Job{}}, + "job-pod-failure-policy-config-issue": {&batch.Job{}}, + "job-pod-failure-policy-example": {&batch.Job{}}, + "job-pod-failure-policy-failjob": {&batch.Job{}}, + "job-pod-failure-policy-ignore": {&batch.Job{}}, + "replicaset": {&apps.ReplicaSet{}}, + "replication": {&api.ReplicationController{}}, + "replication-nginx-1.14.2": {&api.ReplicationController{}}, + "replication-nginx-1.16.1": {&api.ReplicationController{}}, + "nginx-deployment": {&apps.Deployment{}}, }, "debug": { "counter-pod": {&api.Pod{}}, @@ -627,6 +639,7 @@ func TestExampleObjectSchemas(t *testing.T) { "qos-pod-2": {&api.Pod{}}, "qos-pod-3": {&api.Pod{}}, "qos-pod-4": {&api.Pod{}}, + "qos-pod-5": {&api.Pod{}}, }, "pods/resource": { "cpu-request-limit": {&api.Pod{}}, @@ -678,13 +691,15 @@ func TestExampleObjectSchemas(t *testing.T) { "mysecretname": {&api.Secret{}}, }, "security": { + "example-baseline-pod": {&api.Pod{}}, "podsecurity-baseline": {&api.Namespace{}}, "podsecurity-privileged": {&api.Namespace{}}, "podsecurity-restricted": {&api.Namespace{}}, }, "service": { - "nginx-service": {&api.Service{}}, - "load-balancer-example": {&apps.Deployment{}}, + "nginx-service": {&api.Service{}}, + "load-balancer-example": {&apps.Deployment{}}, + "pod-with-graceful-termination": {&apps.Deployment{}}, }, "service/access": { "backend-deployment": {&apps.Deployment{}}, diff --git a/content/en/examples/pods/pod-with-scheduling-gates.yaml b/content/en/examples/pods/pod-with-scheduling-gates.yaml index b0b012fb72c..de761d96946 100644 --- a/content/en/examples/pods/pod-with-scheduling-gates.yaml +++ b/content/en/examples/pods/pod-with-scheduling-gates.yaml @@ -4,8 +4,8 @@ metadata: name: test-pod spec: schedulingGates: - - name: foo - - name: bar + - name: example.com/foo + - name: example.com/bar containers: - name: pause image: registry.k8s.io/pause:3.6 diff --git a/content/en/examples/pods/qos/qos-pod-5.yaml b/content/en/examples/pods/qos/qos-pod-5.yaml new file mode 100644 index 00000000000..c9b0c00c7ee --- /dev/null +++ b/content/en/examples/pods/qos/qos-pod-5.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Pod +metadata: + name: qos-demo-5 + namespace: qos-example +spec: + containers: + - name: qos-demo-ctr-5 + image: nginx + resources: + limits: + memory: "200Mi" + cpu: "700m" + requests: + memory: "200Mi" + cpu: "700m" diff --git a/content/en/releases/version-skew-policy.md b/content/en/releases/version-skew-policy.md index c0a1528af2c..0cc10a37d89 100644 --- a/content/en/releases/version-skew-policy.md +++ b/content/en/releases/version-skew-policy.md @@ -170,7 +170,6 @@ Running a cluster with `kubelet` instances that are persistently two minor versi ### kube-proxy -* `kube-proxy` must be the same minor version as `kubelet` on the node. * `kube-proxy` must not be newer than `kube-apiserver`. * `kube-proxy` must be at most two minor versions older than `kube-apiserver.` diff --git a/content/es/docs/concepts/overview/working-with-objects/labels.md b/content/es/docs/concepts/overview/working-with-objects/labels.md index 7420aac5c6d..2b0954ff193 100644 --- a/content/es/docs/concepts/overview/working-with-objects/labels.md +++ b/content/es/docs/concepts/overview/working-with-objects/labels.md @@ -151,7 +151,7 @@ Como ya se ha comentado, los requisitos _basados en conjunto_ son más expresivo kubectl get pods -l 'environment in (production, qa)' ``` -o restringir la coincidencia negativa mediante el operador _exists_: +o restringir la coincidencia negativa mediante el operador _notin_: ```shell kubectl get pods -l 'environment,environment notin (frontend)' diff --git a/content/fr/docs/concepts/cluster-administration/certificates.md b/content/fr/docs/concepts/cluster-administration/certificates.md index 46637f2fda5..8e82e075bb5 100644 --- a/content/fr/docs/concepts/cluster-administration/certificates.md +++ b/content/fr/docs/concepts/cluster-administration/certificates.md @@ -21,7 +21,7 @@ manuellement grâce à `easyrsa`, `openssl` ou `cfssl`. 1. Téléchargez, décompressez et initialisez la version corrigée de easyrsa3. - curl -LO https://storage.googleapis.com/kubernetes-release/easy-rsa/easy-rsa.tar.gz + curl -LO https://dl.k8s.io/easy-rsa/easy-rsa.tar.gz tar xzf easy-rsa.tar.gz cd easy-rsa-master/easyrsa3 ./easyrsa init-pki diff --git a/content/fr/docs/concepts/services-networking/ingress.md b/content/fr/docs/concepts/services-networking/ingress.md index d8b489aa51b..f7a1f0c2404 100644 --- a/content/fr/docs/concepts/services-networking/ingress.md +++ b/content/fr/docs/concepts/services-networking/ingress.md @@ -94,7 +94,7 @@ spec: Comme pour toutes les autres ressources Kubernetes, un Ingress (une entrée) a besoin des champs `apiVersion`, `kind` et `metadata`.  Pour des informations générales sur l'utilisation des fichiers de configuration, voir [déployer des applications](/docs/tasks/run-application/run-stateless-application-deployment/), [configurer des conteneurs](/docs/tasks/configure-pod-container/configure-pod-configmap/), [gestion des ressources](/docs/concepts/cluster-administration/manage-deployment/).  Ingress utilise fréquemment des annotations pour configurer certaines options en fonction du contrôleur Ingress, dont un exemple - est l'annotation [rewrite-target](https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md). + est l'annotation [rewrite-target](https://github.com/kubernetes/ingress-nginx/blob/main/docs/examples/rewrite/README.md).  Différents [Ingress controller](/docs/concepts/services-networking/ingress-controllers) prennent en charge différentes annotations. Consultez la documentation du contrôleur Ingress de votre choix pour savoir quelles annotations sont prises en charge. La [spécification de la ressource Ingress](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status) dispose de toutes les informations nécessaires pour configurer un loadbalancer ou un serveur proxy. Plus important encore, il diff --git a/content/hi/docs/contribute/_index.md b/content/hi/docs/contribute/_index.md index dc652738acc..c6f748bbda0 100644 --- a/content/hi/docs/contribute/_index.md +++ b/content/hi/docs/contribute/_index.md @@ -68,7 +68,7 @@ end subgraph second[समीक्षा] direction TB T[ ] -.- - D[K8s/website
    रिपॉजिटरी
    को देखें] --- E[Hugo स्टैटिक साइट
    जनरेटर
    को देखें] + D[kubernetes/website
    रिपॉजिटरी
    को देखें] --- E[Hugo स्टैटिक साइट
    जनरेटर
    को देखें] E --- F[मूलभूत GitHub
    कमांड समझें] F --- G[ओपन PR की समीक्षा करे
    और समीक्षा प्रक्रिया
    को बदलें] end @@ -115,7 +115,7 @@ flowchart LR direction TB S[ ] -.- G[दूसरे K8s मेम्बर्स के
    PRs की समीक्षा करें] --> - A[अपने पहले इशू (गुफ फर्स्ट इशू)
    के लिए K8s/website
    की इशू सूची पर जाएं] --> B[PR ओपन करें!!] + A[अपने पहले इशू (गुफ फर्स्ट इशू)
    के लिए kubernetes/website
    की इशू सूची पर जाएं] --> B[PR ओपन करें!!] end subgraph first[सूचित तैयारी] direction TB diff --git a/content/id/docs/concepts/overview/working-with-objects/labels.md b/content/id/docs/concepts/overview/working-with-objects/labels.md index 90f58d5a5a5..dc4c16da733 100644 --- a/content/id/docs/concepts/overview/working-with-objects/labels.md +++ b/content/id/docs/concepts/overview/working-with-objects/labels.md @@ -172,7 +172,7 @@ Seperti yang telah disebutkan sebelumnya, kondisi _set-based_ lebih ekspresif. kubectl get pods -l 'environment in (production, qa)' ``` -atau membatasi pencocokan negatif dengan operator _exists_: +atau membatasi pencocokan negatif dengan operator _notin_: ```shell kubectl get pods -l 'environment,environment notin (frontend)' diff --git a/content/id/docs/concepts/services-networking/connect-applications-service.md b/content/id/docs/concepts/services-networking/connect-applications-service.md index f2264ed9aa6..5fcd5593b34 100644 --- a/content/id/docs/concepts/services-networking/connect-applications-service.md +++ b/content/id/docs/concepts/services-networking/connect-applications-service.md @@ -93,8 +93,12 @@ Labels: run=my-nginx Annotations: Selector: run=my-nginx Type: ClusterIP +IP Family Policy: SingleStack +IP Families: IPv4 IP: 10.0.162.149 +IPs: 10.0.162.149 Port: 80/TCP +TargetPort: 80/TCP Endpoints: 10.244.2.5:80,10.244.3.4:80 Session Affinity: None Events: diff --git a/content/id/docs/concepts/services-networking/ingress.md b/content/id/docs/concepts/services-networking/ingress.md index 6baae2adc96..84db01b37e8 100644 --- a/content/id/docs/concepts/services-networking/ingress.md +++ b/content/id/docs/concepts/services-networking/ingress.md @@ -91,7 +91,7 @@ spec: Seperti layaknya *resource* Kubernetes yang lain, sebuah Ingress membutuhkan *field* `apiVersion`, `kind`, dan `metadata`. Untuk informasi umum soal bagaimana cara bekerja dengan menggunakan berkas konfigurasi, silahkan merujuk pada [melakukan deploy aplikasi](/docs/tasks/run-application/run-stateless-application-deployment/), [konfigurasi kontainer](/id/docs/tasks/configure-pod-container/configure-pod-configmap/), [mengatur *resource*](/id/docs/concepts/cluster-administration/manage-deployment/). Ingress seringkali menggunakan anotasi untuk melakukan konfigurasi beberapa opsi yang ada bergantung pada kontroler Ingress yang digunakan, sebagai contohnya - adalah [anotasi rewrite-target](https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md). + adalah [anotasi rewrite-target](https://github.com/kubernetes/ingress-nginx/blob/main/docs/examples/rewrite/README.md). [Kontroler Ingress](/id/docs/concepts/services-networking/ingress-controllers) yang berbeda memiliki jenis anotasi yang berbeda. Pastikan kamu sudah terlebih dahulu memahami dokumentasi kontroler Ingress yang akan kamu pakai untuk mengetahui jenis anotasi apa sajakah yang disediakan. diff --git a/content/id/docs/tasks/administer-cluster/network-policy-provider/calico-network-policy.md b/content/id/docs/tasks/administer-cluster/network-policy-provider/calico-network-policy.md index 9eb79e76769..a7a7bb457da 100644 --- a/content/id/docs/tasks/administer-cluster/network-policy-provider/calico-network-policy.md +++ b/content/id/docs/tasks/administer-cluster/network-policy-provider/calico-network-policy.md @@ -42,7 +42,7 @@ Putuskan apakah kamu ingin menggelar (_deploy_) sebuah klaster di [_cloud_](#mem Untuk membuat satu klaster Calico dengan hos tunggal dalam waktu lima belas menit dengan menggunakan kubeadm, silakan merujuk pada -[Memulai cepat Calico](https://docs.projectcalico.org/latest/getting-started/kubernetes/). +[Memulai cepat Calico](https://projectcalico.docs.tigera.io/getting-started/kubernetes/). ## {{% heading "whatsnext" %}} diff --git a/content/ja/blog/_posts/2023-03-10-forensic-container-analysis/index.md b/content/ja/blog/_posts/2023-03-10-forensic-container-analysis/index.md new file mode 100644 index 00000000000..a78cd333332 --- /dev/null +++ b/content/ja/blog/_posts/2023-03-10-forensic-container-analysis/index.md @@ -0,0 +1,315 @@ +--- +layout: blog +title: "フォレンジックコンテナ分析" +date: 2023-03-10 +slug: forensic-container-analysis +--- + +**Authors:** Adrian Reber (Red Hat) + +前回投稿した[Kubernetesにおけるフォレンジックコンテナチェックポイント処理][forensic-blog]では、Kubernetesでのチェックポイントの作成や、それがどのようにセットアップされ、どのように使用されるのかを紹介しました。 +機能の名前はフォレンジックコンテナチェックポイントですが、Kubernetesによって作成されたチェックポイントの実際の分析方法については、詳細を説明しませんでした。 +この記事では、チェックポイントがどのように分析されるのかについての詳細を提供します。 + +チェックポイントの作成はまだKubernetesでalpha機能であり、この記事ではその機能が将来どのように動作するのかについてのプレビューを提供します。 + +## 準備 + +チェックポイント作成のサポートを有効にするためのKubernetesの設定方法や、基盤となるCRI実装方法についての詳細は[Kubernetesにおけるフォレンジックコンテナチェックポイント処理][forensic-blog]を参照してください。 + +一例として、この記事内でチェックポイントを作成し分析するコンテナイメージ(`quay.io/adrianreber/counter:blog`)を準備しました。 +このコンテナはコンテナ内でファイルを作成することができ、後でチェックポイント内で探したい情報をメモリーに格納しておくこともできます。 + +コンテナを実行するためにはPodが必要であり、この例では下記のPodマニフェストを使用します。 + +```yaml +apiVersion: v1 +kind: Pod +metadata: + name: counters +spec: + containers: + - name: counter + image: quay.io/adrianreber/counter:blog +``` + +この結果、`counter`と呼ばれるコンテナが`counters`と呼ばれるPod内で実行されます。 + +一度コンテナが実行されると、コンテナで下記アクションが行えます。 + +```console +$ kubectl get pod counters --template '{{.status.podIP}}' +10.88.0.25 +$ curl 10.88.0.25:8088/create?test-file +$ curl 10.88.0.25:8088/secret?RANDOM_1432_KEY +$ curl 10.88.0.25:8088 +``` + +最初のアクセスはコンテナ内で`test-file`という内容で`test-file`と呼ばれるファイルを作成します。 +次のアクセスで、コンテナのメモリー内のどこかにシークレット情報(`RANDOM_1432_KEY`)を記憶します。 +最後のアクセスは内部のログファイルに1行追加するだけです。 + +チェックポイントを分析する前の最後のステップは、チェックポイントを作成することをKubernetesに指示することです。 +前回の記事で説明したように、これには*kubelet*限定の`チェックポイント`APIエンドポイントへのアクセスを必要とします。 + +*default*名前空間内の*counters*という名前のPod内の*counter*という名前のコンテナに対して、*kubelet* APIエンドポイントが次の場所で到達可能です。 +```shell +# Podが実行されているNode上で実行する +curl -X POST "https://localhost:10250/checkpoint/default/counters/counter" +``` + +厳密には、*kubelet*の自己署名証明書を許容し*kubelet* `チェックポイント`APIの使用を認可するために、下記の`curl`コマンドのオプションが必要です。 + +```shell +--insecure --cert /var/run/kubernetes/client-admin.crt --key /var/run/kubernetes/client-admin.key +``` + +チェックポイントの作成が終了すると、`/var/lib/kubelet/checkpoints/checkpoint-_--.tar`でチェックポイントが利用可能になります。 + +この記事の後述のステップでは、チェックポイントアーカイブを分析する際に`checkpoint.tar`という名前を使用します。 + +## `checkpointctl`を使用したチェックポイントアーカイブの分析 + +チェックポイントが作成したコンテナに関するいくつかの初期情報を得るためには、このように[checkpointctl][checkpointctl]を使用します。 + +```console +$ checkpointctl show checkpoint.tar --print-stats ++-----------+----------------------------------+--------------+---------+---------------------+--------+------------+------------+-------------------+ +| CONTAINER | IMAGE | ID | RUNTIME | CREATED | ENGINE | IP | CHKPT SIZE | ROOT FS DIFF SIZE | ++-----------+----------------------------------+--------------+---------+---------------------+--------+------------+------------+-------------------+ +| counter | quay.io/adrianreber/counter:blog | 059a219a22e5 | runc | 2023-03-02T06:06:49 | CRI-O | 10.88.0.23 | 8.6 MiB | 3.0 KiB | ++-----------+----------------------------------+--------------+---------+---------------------+--------+------------+------------+-------------------+ +CRIU dump statistics ++---------------+-------------+--------------+---------------+---------------+---------------+ +| FREEZING TIME | FROZEN TIME | MEMDUMP TIME | MEMWRITE TIME | PAGES SCANNED | PAGES WRITTEN | ++---------------+-------------+--------------+---------------+---------------+---------------+ +| 100809 us | 119627 us | 11602 us | 7379 us | 7800 | 2198 | ++---------------+-------------+--------------+---------------+---------------+---------------+ +``` + +これによって、チェックポイントアーカイブ内のチェックポイントについてのいくつかの情報が、すでに取得できています。 +コンテナの名前やコンテナランタイムやコンテナエンジンについての情報を見ることができます。 +チェックポイントのサイズ(`CHKPT SIZE`)もリスト化されます。 +これは大部分がチェックポイントに含まれるメモリーページのサイズですが、コンテナ内の全ての変更されたファイルのサイズ(`ROOT FS DIFF SIZE`)についての情報もあります。 + +追加のパラメーター`--print-stats`はチェックポイントアーカイブ内の情報を復号化し、2番目のテーブル(*CRIU dump statistics*)で表示します。 +この情報はチェックポイント作成中に収集され、CRIUがコンテナ内のプロセスをチェックポイントするために必要な時間と、チェックポイント作成中に分析され書き込まれたメモリーページ数の概要を示します。 + +## より深く掘り下げる + +`checkpointctl`の助けを借りて、チェックポイントアーカイブについてのハイレベルな情報を得ることができます。 +チェックポイントアーカイブをさらに分析するには、それを展開する必要があります。 +チェックポイントアーカイブは*tar*アーカイブであり、`tar xf checkpoint.tar`の助けを借りて展開可能です。 + +チェックポイントアーカイブを展開すると、下記のファイルやディレクトリが作成されます。 + +* `bind.mounts` - このファイルにはバインドマウントについての情報が含まれており、復元中に全ての外部ファイルとディレクトリを正しい場所にマウントするために必要になります。 +* `checkpoint/` - このディレクトリにはCRIUによって作成された実際のチェックポイントが含まれています。 +* `config.dump`と`spec.dump` - これらのファイルには、復元中に必要とされるコンテナについてのメタデータが含まれています。 +* `dump.log` - このファイルにはチェックポイント作成中に作成されたCRIUのデバッグ出力が含まれています。 +* `stats-dump` - このファイルには、`checkpointctl`が`--print-stats`でダンプ統計情報を表示するために使用するデータが含まれています。 +* `rootfs-diff.tar` - このファイルには、コンテナのファイルシステム上で変更された全てのファイルが含まれています。 + +### ファイルシステムの変更 - `rootfs-diff.tar` + +コンテナのチェックポイントをさらに分析するための最初のステップは、コンテナ内で変更されたファイルを見ることです。 +これは`rootfs-diff.tar`ファイルを参照することで行えます。 + +```console +$ tar xvf rootfs-diff.tar +home/counter/logfile +home/counter/test-file +``` + +これでコンテナ内で変更されたファイルを調べられます。 + +```console +$ cat home/counter/logfile +10.88.0.1 - - [02/Mar/2023 06:07:29] "GET /create?test-file HTTP/1.1" 200 - +10.88.0.1 - - [02/Mar/2023 06:07:40] "GET /secret?RANDOM_1432_KEY HTTP/1.1" 200 - +10.88.0.1 - - [02/Mar/2023 06:07:43] "GET / HTTP/1.1" 200 - +$ cat home/counter/test-file +test-file  +``` + +このコンテナのベースになっているコンテナイメージ(`quay.io/adrianreber/counter:blog`)と比較すると、コンテナが提供するサービスへの全てのアクセス情報を含んだ`logfile`や予想通り作成された`test-file`ファイルを確認することができます。 + +`rootfs-diff.tar`の助けを借りることで、作成または変更された全てのファイルを、コンテナのベースイメージと比較して検査することが可能です。 + +### チェックポイント処理したプロセスを分析する - `checkpoint/` + +ディレクトリ`checkpoint/`はコンテナ内でプロセスをチェックポイントしている間にCRIUによって作成されたデータを含んでいます。 +ディレクトリ`checkpoint/`の内容は、CRIUの一部として配布されている[CRIT][crit]ツールを使用して分析できるさまざまな[イメージファイル][image-files]で構成されています。 + +まず、コンテナの内部プロセスの概要を取得してみましょう。 + +```console +$ crit show checkpoint/pstree.img | jq .entries[].pid +1 +7 +8 +``` + +この出力はコンテナのPID名前空間の内部に3つのプロセス(PIDが1と7と8)があることを意味しています。 + +これはコンテナのPID名前空間の内部からの視界を表示しているだけです。 +復元中に正確にそれらのPIDが再作成されます。 +コンテナのPID名前空間の外部からPIDは復元後に変更されます。 + +次のステップは、それらの3つのプロセスについての追加情報を取得することです。 + +```console +$ crit show checkpoint/core-1.img | jq .entries[0].tc.comm +"bash" +$ crit show checkpoint/core-7.img | jq .entries[0].tc.comm +"counter.py" +$ crit show checkpoint/core-8.img | jq .entries[0].tc.comm +"tee" +``` + +これは、コンテナ内の3つのプロセスが`bash`と`counter.py`(Pythonインタプリター)と`tee`であることを意味しています。 +プロセスの親子関係についての詳細は、`checkpoint/pstree.img`に分析するデータがさらにあります。 + +ここまでで収集した情報をまだ実行中のコンテナと比較してみましょう。 + +```console +$ crictl inspect --output go-template --template "{{(index .info.pid)}}" 059a219a22e56 +722520 +$ ps auxf | grep -A 2 722520 +fedora 722520 \_ bash -c /home/counter/counter.py 2>&1 | tee /home/counter/logfile +fedora 722541 \_ /usr/bin/python3 /home/counter/counter.py +fedora 722542 \_ /usr/bin/coreutils --coreutils-prog-shebang=tee /usr/bin/tee /home/counter/logfile +$ cat /proc/722520/comm +bash +$ cat /proc/722541/comm +counter.py +$ cat /proc/722542/comm +tee +``` + +この出力では、まずコンテナ内の最初のプロセスのPIDを取得しています。 +そしてコンテナを実行しているシステム上で、そのPIDと子プロセスを探しています。 +3つのプロセスが表示され、最初のものはコンテナPID名前空間の中でPID 1である"bash"です。 +次に`/proc//comm`を見ると、チェックポイントイメージと正確に同じ値を見つけることができます。 + +覚えておく重要なことは、チェックポイントはコンテナのPID名前空間内の視界が含まれていることです。 +なぜなら、これらの情報はプロセスを復元するために重要だからです。 + +`crit`がコンテナについて教えてくれる最後の例は、UTS名前空間に関する情報です。 + +```console +$ crit show checkpoint/utsns-12.img +{ + "magic": "UTSNS", + "entries": [ + { + "nodename": "counters", + "domainname": "(none)" + } + ] +} +``` + +UTS名前空間内のホストネームが`counters`であることを教えてくれます。 + +チェックポイント作成中に収集された各リソースCRIUについて、`checkpoint/`ディレクトリは対応するイメージファイルを含んでいます。 +このイメージファイルは`crit`を使用することで分析可能です。 + +#### メモリーページを見る + +CRITを使用して復号化できるCRIUからの情報に加えて、CRIUがディスクに書き込んだ生のメモリーページを含んでいるファイルもあります。 + +```console +$ ls checkpoint/pages-* +checkpoint/pages-1.img checkpoint/pages-2.img checkpoint/pages-3.img +``` + +最初にコンテナを使用した際に、メモリー内のどこかにランダムキー(`RANDOM_1432_KEY`)を保存しました。 +見つけることができるかどうか見てみましょう。 + +```console +$ grep -ao RANDOM_1432_KEY checkpoint/pages-* +checkpoint/pages-2.img:RANDOM_1432_KEY +``` + +そして実際に、私のデータがあります。 +この方法で、コンテナ内のプロセスの全てのメモリーページの内容を簡単に見ることができます。 +しかし、チェックポイントアーカイブにアクセスできるなら誰でも、コンテナのプロセスのメモリー内に保存された全ての情報にアクセスできることを覚えておくことも重要です。 + +#### さらなる分析のためにgdbを使用する + +チェックポイントイメージを見るための他の方法は`gdb`です。 +CRIUリポジトリは、チェックポイントをコアダンプファイルに変換する[coredump][criu-coredump]スクリプトを含んでいます。 + +```console +$ /home/criu/coredump/coredump-python3 +$ ls -al core* +core.1 core.7 core.8 +``` + +`coredump-python3`スクリプトを実行すると、チェックポイントイメージがコンテナ内の各プロセスに対し1つのコアダンプファイルに変換されます。 +`gdb`を使用してプロセスの詳細を見ることもできます。 + +```console +$ echo info registers | gdb --core checkpoint/core.1 -q + +[New LWP 1] + +Core was generated by `bash -c /home/counter/counter.py 2>&1 | tee /home/counter/logfile'. + +#0 0x00007fefba110198 in ?? () +(gdb) +rax 0x3d 61 +rbx 0x8 8 +rcx 0x7fefba11019a 140667595587994 +rdx 0x0 0 +rsi 0x7fffed9c1110 140737179816208 +rdi 0xffffffff 4294967295 +rbp 0x1 0x1 +rsp 0x7fffed9c10e8 0x7fffed9c10e8 +r8 0x1 1 +r9 0x0 0 +r10 0x0 0 +r11 0x246 582 +r12 0x0 0 +r13 0x7fffed9c1170 140737179816304 +r14 0x0 0 +r15 0x0 0 +rip 0x7fefba110198 0x7fefba110198 +eflags 0x246 [ PF ZF IF ] +cs 0x33 51 +ss 0x2b 43 +ds 0x0 0 +es 0x0 0 +fs 0x0 0 +gs 0x0 0 +``` + +この例では、チェックポイント中の全てのレジストリの値を見ることができ、コンテナのPID 1のプロセスの完全なコマンドライン(`bash -c /home/counter/counter.py 2>&1 | tee /home/counter/logfile`)を見ることもできます。 + +## まとめ + +コンテナチェックポイントを作成することで、コンテナを停止することやチェックポイントが作成されたことを知ることなく、実行中のコンテナのチェックポイントを作成することが可能です。 +Kubernetesにおいてコンテナのチェックポイントを作成した結果がチェックポイントアーカイブです。 +`checkpointctl`や`tar`、`crit`、`gdb`のような異なるツールを使用して、チェックポイントを分析できます。 +`grep`のようなシンプルなツールでさえ、チェックポイントアーカイブ内の情報を見つけることが可能です。 + +この記事で示したチェックポイントの分析方法のさまざまな例は出発点にすぎません。 +この記事ではチェックポイントの分析を始める方法を紹介しましたが、要件によってはかなり詳細に特定の物事を見ることも可能です。 + +## 参加するためにはどうすればよいですか? + +SIG Nodeにはいくつかの方法でアクセスできます。 + +* Slack: [#sig-node][slack-sig-node] +* Slack: [#sig-security][slack-sig-security] +* [メーリングリスト][sig-node-ml] + +[forensic-blog]: https://kubernetes.io/ja/blog/2022/12/05/forensic-container-checkpointing-alpha/ +[checkpointctl]: https://github.com/checkpoint-restore/checkpointctl +[image-files]: https://criu.org/Images +[crit]: https://criu.org/CRIT +[slack-sig-node]: https://kubernetes.slack.com/messages/sig-node +[slack-sig-security]: https://kubernetes.slack.com/messages/sig-security +[sig-node-ml]: https://groups.google.com/forum/#!forum/kubernetes-sig-node +[criu-coredump]: https://github.com/checkpoint-restore/criu/tree/criu-dev/coredump diff --git a/content/ja/docs/concepts/overview/_index.md b/content/ja/docs/concepts/overview/_index.md index 89935936589..d4f4a91e473 100644 --- a/content/ja/docs/concepts/overview/_index.md +++ b/content/ja/docs/concepts/overview/_index.md @@ -70,7 +70,7 @@ Kubernetesを使うとデプロイしたコンテナのあるべき状態を記 * **自己修復** Kubernetesは、処理が失敗したコンテナを再起動し、コンテナを入れ替え、定義したヘルスチェックに応答しないコンテナを強制終了します。処理の準備ができるまでは、クライアントに通知しません。 * **機密情報と構成管理** -Kubernetesは、パスワードやOAuthトークン、SSHキーのよう機密の情報を保持し、管理することができます。機密情報をデプロイし、コンテナイメージを再作成することなくアプリケーションの構成情報を更新することができます。スタック構成の中で機密情報を晒してしまうこともありません。 +Kubernetesは、パスワードやOAuthトークン、SSHキーなどの機密の情報を保持し、管理することができます。機密情報をデプロイし、コンテナイメージを再作成することなくアプリケーションの構成情報を更新することができます。スタック構成の中で機密情報を晒してしまうこともありません。 ## Kubernetesにないもの diff --git a/content/ja/docs/concepts/overview/working-with-objects/labels.md b/content/ja/docs/concepts/overview/working-with-objects/labels.md index fbe8432b453..0af7384a6ad 100644 --- a/content/ja/docs/concepts/overview/working-with-objects/labels.md +++ b/content/ja/docs/concepts/overview/working-with-objects/labels.md @@ -192,7 +192,7 @@ kubectl get pods -l 'environment in (production),tier in (frontend)' kubectl get pods -l 'environment in (production, qa)' ``` -もしくは、_exists_ オペレーターを介して、否定マッチングによる制限もできます。 +もしくは、_notin_ オペレーターを介して、否定マッチングによる制限もできます。 ```shell kubectl get pods -l 'environment,environment notin (frontend)' diff --git a/content/ja/docs/concepts/services-networking/connect-applications-service.md b/content/ja/docs/concepts/services-networking/connect-applications-service.md index fbdce825c01..0f6049ca173 100644 --- a/content/ja/docs/concepts/services-networking/connect-applications-service.md +++ b/content/ja/docs/concepts/services-networking/connect-applications-service.md @@ -118,8 +118,12 @@ Labels: run=my-nginx Annotations: Selector: run=my-nginx Type: ClusterIP +IP Family Policy: SingleStack +IP Families: IPv4 IP: 10.0.162.149 +IPs: 10.0.162.149 Port: 80/TCP +TargetPort: 80/TCP Endpoints: 10.244.2.5:80,10.244.3.4:80 Session Affinity: None Events: diff --git a/content/ja/docs/concepts/services-networking/ingress.md b/content/ja/docs/concepts/services-networking/ingress.md index 1ffa2299131..620a4580d29 100644 --- a/content/ja/docs/concepts/services-networking/ingress.md +++ b/content/ja/docs/concepts/services-networking/ingress.md @@ -51,7 +51,7 @@ Ingressリソースの最小構成の例は以下のとおりです。 {{< codenew file="service/networking/minimal-ingress.yaml" >}} -Ingressには`apiVersion`、`kind`、`metadata`や`spec`フィールドが必要です。Ingressオブジェクトの名前は、有効な[DNSサブドメイン名](/ja/docs/concepts/overview/working-with-objects/names#dns-subdomain-names)である必要があります。設定ファイルに関する一般的な情報は、[アプリケーションのデプロイ](/ja/docs/tasks/run-application/run-stateless-application-deployment/)、[コンテナの設定](/ja/docs/tasks/configure-pod-container/configure-pod-configmap/)、[リソースの管理](/ja/docs/concepts/cluster-administration/manage-deployment/)を参照してください。Ingressでは、Ingressコントローラーに依存しているいくつかのオプションの設定をするためにアノテーションを一般的に使用します。例としては、[rewrite-targetアノテーション](https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md)などがあります。[Ingressコントローラー](/ja/docs/concepts/services-networking/ingress-controllers)の種類が異なれば、サポートするアノテーションも異なります。サポートされているアノテーションについて学ぶためには、使用するIngressコントローラーのドキュメントを確認してください。 +Ingressには`apiVersion`、`kind`、`metadata`や`spec`フィールドが必要です。Ingressオブジェクトの名前は、有効な[DNSサブドメイン名](/ja/docs/concepts/overview/working-with-objects/names#dns-subdomain-names)である必要があります。設定ファイルに関する一般的な情報は、[アプリケーションのデプロイ](/ja/docs/tasks/run-application/run-stateless-application-deployment/)、[コンテナの設定](/ja/docs/tasks/configure-pod-container/configure-pod-configmap/)、[リソースの管理](/ja/docs/concepts/cluster-administration/manage-deployment/)を参照してください。Ingressでは、Ingressコントローラーに依存しているいくつかのオプションの設定をするためにアノテーションを一般的に使用します。例としては、[rewrite-targetアノテーション](https://github.com/kubernetes/ingress-nginx/blob/main/docs/examples/rewrite/README.md)などがあります。[Ingressコントローラー](/ja/docs/concepts/services-networking/ingress-controllers)の種類が異なれば、サポートするアノテーションも異なります。サポートされているアノテーションについて学ぶためには、使用するIngressコントローラーのドキュメントを確認してください。 Ingress [Spec](https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status)は、ロードバランサーやプロキシーサーバーを設定するために必要な全ての情報を持っています。最も重要なものとして、外部からくる全てのリクエストに対して一致したルールのリストを含みます。IngressリソースはHTTP(S)トラフィックに対してのルールのみサポートしています。 diff --git a/content/ja/docs/reference/command-line-tools-reference/feature-gates.md b/content/ja/docs/reference/command-line-tools-reference/feature-gates.md index 86932e212f6..aea5a38f307 100644 --- a/content/ja/docs/reference/command-line-tools-reference/feature-gates.md +++ b/content/ja/docs/reference/command-line-tools-reference/feature-gates.md @@ -264,9 +264,6 @@ content_type: concept | `ExpandPersistentVolumes` | `false` | Alpha | 1.8 | 1.10 | | `ExpandPersistentVolumes` | `true` | Beta | 1.11 | 1.23 | | `ExpandPersistentVolumes` | `true` | GA | 1.24 |- | -| `IdentifyPodOS` | `false` | Alpha | 1.23 | 1.23 | -| `IdentifyPodOS` | `true` | Beta | 1.24 | 1.24 | -| `IdentifyPodOS` | `true` | GA | 1.25 | - | | `JobTrackingWithFinalizers` | `false` | Alpha | 1.22 | 1.22 | | `JobTrackingWithFinalizers` | `false` | Beta | 1.23 | 1.24 | | `JobTrackingWithFinalizers` | `true` | Beta | 1.25 | 1.25 | diff --git a/content/ja/docs/setup/production-environment/turnkey/_index.md b/content/ja/docs/setup/production-environment/turnkey/_index.md deleted file mode 100644 index 6b9dabb7ab6..00000000000 --- a/content/ja/docs/setup/production-environment/turnkey/_index.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: ターンキークラウドソリューション -weight: 30 ---- diff --git a/content/ja/docs/setup/production-environment/turnkey/alibaba-cloud.md b/content/ja/docs/setup/production-environment/turnkey/alibaba-cloud.md deleted file mode 100644 index 4506e9cba0b..00000000000 --- a/content/ja/docs/setup/production-environment/turnkey/alibaba-cloud.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -title: Alibaba CloudでKubernetesを動かす ---- - -## Alibaba Cloud Container Service - -[Alibaba Cloud Container Service](https://www.alibabacloud.com/product/container-service)はAlibaba Cloud ECSインスタンスのクラスター上もしくはサーバーレスの形態でDockerアプリケーションを起動して管理します。著名なオープンソースのコンテナオーケストレーターであるDocker SwarmおよびKubernetesをサポートしています。 - -クラスターの構築と管理を簡素化するために、[Alibaba Cloud Container ServiceのためのKubernetesサポート](https://www.alibabacloud.com/product/kubernetes)を使用します。[Kubernetes walk-through](https://www.alibabacloud.com/help/doc-detail/86737.htm)に従ってすぐに始めることができ、中国語の[Alibaba CloudにおけるKubernetesサポートのためのチュートリアル](https://yq.aliyun.com/teams/11/type_blog-cid_200-page_1)もあります。 - -カスタムバイナリもしくはオープンソースKubernetesを使用する場合は、以下の手順に従って下さい。 - -## 構築のカスタム - -[Alibaba Cloudプロバイダーが実装されたKubernetesのソースコード](https://github.com/AliyunContainerService/kubernetes)はオープンソースであり、GitHubから入手可能です。 - -さらなる情報は英語の[Kubernetesのクイックデプロイメント - Alibaba CloudのVPC環境](https://www.alibabacloud.com/forum/read-830)をご覧下さい。 diff --git a/content/ja/docs/setup/production-environment/turnkey/aws.md b/content/ja/docs/setup/production-environment/turnkey/aws.md deleted file mode 100644 index f7ec4bd0123..00000000000 --- a/content/ja/docs/setup/production-environment/turnkey/aws.md +++ /dev/null @@ -1,82 +0,0 @@ ---- -title: AWS EC2上でKubernetesを動かす -content_type: task ---- - - - -このページでは、AWS上でKubernetesクラスターをインストールする方法について説明します。 - - - -## {{% heading "prerequisites" %}} - - -AWS上でKubernetesクラスターを作成するには、AWSからアクセスキーIDおよびシークレットアクセスキーを入手する必要があります。 - -### サポートされているプロダクショングレードのツール - -* [conjure-up](https://docs.conjure-up.io/stable/en/cni/k8s-and-aws)はUbuntu上でネイティブなAWSインテグレーションを用いてKubernetesクラスターを作成するオープンソースのインストーラーです。 - -* [Kubernetes Operations](https://github.com/kubernetes/kops) - プロダクショングレードなKubernetesのインストール、アップグレード、管理が可能です。AWS上のDebian、Ubuntu、CentOS、RHELをサポートしています。 - -* [kube-aws](https://github.com/kubernetes-incubator/kube-aws) EC2、CloudFormation、Auto Scalingを使用して、[Flatcar Linux](https://www.flatcar-linux.org/)ノードでKubernetesクラスターを作成および管理します。 - -* [KubeOne](https://github.com/kubermatic/kubeone)は可用性の高いKubernetesクラスターを作成、アップグレード、管理するための、オープンソースのライフサイクル管理ツールです。 - - - - - -## クラスターの始まり - -### コマンドライン管理ツール: kubectl - -クラスターの起動スクリプトによってワークステーション上に`kubernetes`ディレクトリが作成されます。もしくは、Kubernetesの最新リリースを[こちら](https://github.com/kubernetes/kubernetes/releases)からダウンロードすることも可能です。 - -次に、kubectlにアクセスするために適切なバイナリフォルダーを`PATH`へ追加します: - -```shell -# macOS -export PATH=/platforms/darwin/amd64:$PATH - -# Linux -export PATH=/platforms/linux/amd64:$PATH -``` - -ツールに関する最新のドキュメントページはこちらです: [kubectl manual](/docs/reference/kubectl/kubectl/) - -デフォルトでは、`kubectl`はクラスターの起動中に生成された`kubeconfig`ファイルをAPIに対する認証に使用します。 -詳細な情報は、[kubeconfig files](/ja/docs/tasks/access-application-cluster/configure-access-multiple-clusters/)を参照してください。 - -### 例 - -新しいクラスターを試すには、[簡単なnginxの例](/ja/docs/tasks/run-application/run-stateless-application-deployment/)を参照してください。 - -"Guestbook"アプリケーションは、Kubernetesを始めるもう一つのポピュラーな例です: [guestbookの例](https://github.com/kubernetes/examples/tree/master/guestbook/) - -より完全なアプリケーションについては、[examplesディレクトリ](https://github.com/kubernetes/examples/tree/master/)を参照してください。 - -## クラスターのスケーリング - -`kubectl`を使用したノードの追加および削除はサポートしていません。インストール中に作成された[Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/latest/userguide/as-manual-scaling.html)内の'Desired'および'Max'プロパティを手動で調整することで、ノード数をスケールさせることができます。 - -## クラスターの解体 - -クラスターのプロビジョニングに使用した環境変数がexportされていることを確認してから、`kubernetes`ディレクトリ内で以下のスクリプトを実行してください: - -```shell -cluster/kube-down.sh -``` - -## サポートレベル - - -IaaS プロバイダー | 構成管理 | OS | ネットワーク | ドキュメント | 適合 | サポートレベル --------------------- | ------------ | ------------- | ------------ | --------------------------------------------- | ---------| ---------------------------- -AWS | kops | Debian | k8s (VPC) | [docs](https://github.com/kubernetes/kops) | | Community ([@justinsb](https://github.com/justinsb)) -AWS | CoreOS | CoreOS | flannel | - | | Community -AWS | Juju | Ubuntu | flannel, calico, canal | - | 100% | Commercial, Community -AWS | KubeOne | Ubuntu, CoreOS, CentOS | canal, weavenet | [docs](https://github.com/kubermatic/kubeone) | 100% | Commercial, Community - - diff --git a/content/ja/docs/setup/production-environment/turnkey/azure.md b/content/ja/docs/setup/production-environment/turnkey/azure.md deleted file mode 100644 index dcf4a4ffb00..00000000000 --- a/content/ja/docs/setup/production-environment/turnkey/azure.md +++ /dev/null @@ -1,33 +0,0 @@ ---- -title: Azure 上で Kubernetes を動かす ---- - -## Azure Kubernetes Service (AKS) - -[Azure Kubernetes Service](https://azure.microsoft.com/ja-jp/services/kubernetes-service/)は、Kubernetesクラスターのためのシンプルなデプロイ機能を提供します。 - -Azure Kubernetes Serviceを利用してAzure上にKubernetesクラスターをデプロイする例: - -**[Microsoft Azure Kubernetes Service](https://docs.microsoft.com/ja-jp/azure/aks/intro-kubernetes)** - -## デプロイのカスタマイズ: AKS-Engine - -Azure Kubernetes Serviceのコア部分は**オープンソース**であり、コミュニティのためにGitHub上で公開され、利用およびコントリビュートすることができます: **[AKS-Engine](https://github.com/Azure/aks-engine)**。レガシーな [ACS-Engine](https://github.com/Azure/acs-engine) のコードベースはAKS-engineのために廃止となりました。 - -AKS-Engineは、Azure Kubernetes Serviceが公式にサポートしている機能を超えてデプロイをカスタマイズしたい場合に適した選択肢です。 -既存の仮想ネットワークへのデプロイや、複数のagent poolを利用するなどのカスタマイズをすることができます。 -コミュニティによるAKS-Engineへのコントリビュートが、Azure Kubernetes Serviceに組み込まれる場合もあります。 - -AKS-Engineへの入力は、Kubernetesクラスターを記述するapimodelのJSONファイルです。これはAzure Kubernetes Serviceを使用してクラスターを直接デプロイするために使用されるAzure Resource Manager (ARM) のテンプレート構文と似ています。 -処理結果はARMテンプレートとして出力され、ソース管理に組み込んだり、AzureにKubernetesクラスターをデプロイするために使うことができます。 - -**[AKS-Engine Kubernetes Tutorial](https://github.com/Azure/aks-engine/blob/master/docs/tutorials/README.md)** を参照して始めることができます。 - -## Azure上でCoreOS Tectonicを動かす - -Azureで利用できるCoreOS Tectonic Installerは**オープンソース**であり、コミュニティのためにGitHub上で公開され、利用およびコントリビュートすることができます: **[Tectonic Installer](https://github.com/coreos/tectonic-installer)**. - -Tectonic Installerは、 [Hashicorp が提供する Terraform](https://www.terraform.io/docs/providers/azurerm/)のAzure Resource Manager(ARM)プロバイダーを用いてクラスターをカスタマイズしたい場合に適した選択肢です。 -これを利用することにより、Terraformと親和性の高いツールを使用してカスタマイズしたり連携したりすることができます。 - -[Tectonic Installer for Azure Guide](https://coreos.com/tectonic/docs/latest/install/azure/azure-terraform.html)を参照して、すぐに始めることができます。 diff --git a/content/ja/docs/setup/production-environment/turnkey/gce.md b/content/ja/docs/setup/production-environment/turnkey/gce.md deleted file mode 100644 index 39e03efc941..00000000000 --- a/content/ja/docs/setup/production-environment/turnkey/gce.md +++ /dev/null @@ -1,217 +0,0 @@ ---- -title: Google Compute Engine上でKubernetesを動かす -content_type: task ---- - - - -The example below creates a Kubernetes cluster with 3 worker node Virtual Machines and a master Virtual Machine (i.e. 4 VMs in your cluster). This cluster is set up and controlled from your workstation (or wherever you find convenient). - - - -## {{% heading "prerequisites" %}} - - -If you want a simplified getting started experience and GUI for managing clusters, please consider trying [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine/) for hosted cluster installation and management. - -For an easy way to experiment with the Kubernetes development environment, click the button below -to open a Google Cloud Shell with an auto-cloned copy of the Kubernetes source repo. - -[![Open in Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.png)](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/kubernetes/kubernetes&page=editor&open_in_editor=README.md) - -If you want to use custom binaries or pure open source Kubernetes, please continue with the instructions below. - -### 前提条件 - -1. You need a Google Cloud Platform account with billing enabled. Visit the [Google Developers Console](https://console.cloud.google.com) for more details. -1. Install `gcloud` as necessary. `gcloud` can be installed as a part of the [Google Cloud SDK](https://cloud.google.com/sdk/). -1. Enable the [Compute Engine Instance Group Manager API](https://console.developers.google.com/apis/api/replicapool.googleapis.com/overview) in the [Google Cloud developers console](https://console.developers.google.com/apis/library). -1. Make sure that gcloud is set to use the Google Cloud Platform project you want. You can check the current project using `gcloud config list project` and change it via `gcloud config set project `. -1. Make sure you have credentials for GCloud by running `gcloud auth login`. -1. (Optional) In order to make API calls against GCE, you must also run `gcloud auth application-default login`. -1. Make sure you can start up a GCE VM from the command line. At least make sure you can do the [Create an instance](https://cloud.google.com/compute/docs/instances/#startinstancegcloud) part of the GCE Quickstart. -1. Make sure you can SSH into the VM without interactive prompts. See the [Log in to the instance](https://cloud.google.com/compute/docs/instances/#sshing) part of the GCE Quickstart. - - - - - -## クラスターの起動 - -You can install a client and start a cluster with either one of these commands (we list both in case only one is installed on your machine): - - -```shell -curl -sS https://get.k8s.io | bash -``` - -or - -```shell -wget -q -O - https://get.k8s.io | bash -``` - -Once this command completes, you will have a master VM and four worker VMs, running as a Kubernetes cluster. - -By default, some containers will already be running on your cluster. Containers like `fluentd` provide [logging](/docs/concepts/cluster-administration/logging/), while `heapster` provides [monitoring](https://releases.k8s.io/master/cluster/addons/cluster-monitoring/README.md) services. - -The script run by the commands above creates a cluster with the name/prefix "kubernetes". It defines one specific cluster config, so you can't run it more than once. - -Alternately, you can download and install the latest Kubernetes release from [this page](https://github.com/kubernetes/kubernetes/releases), then run the `/cluster/kube-up.sh` script to start the cluster: - -```shell -cd kubernetes -cluster/kube-up.sh -``` - -If you want more than one cluster running in your project, want to use a different name, or want a different number of worker nodes, see the `/cluster/gce/config-default.sh` file for more fine-grained configuration before you start up your cluster. - -If you run into trouble, please see the section on [troubleshooting](/ja/docs/setup/production-environment/turnkey/gce/#troubleshooting), post to the -[Kubernetes Forum](https://discuss.kubernetes.io), or come ask questions on `#gke` Slack channel. - -The next few steps will show you: - -1. How to set up the command line client on your workstation to manage the cluster -1. Examples of how to use the cluster -1. How to delete the cluster -1. How to start clusters with non-default options (like larger clusters) - -## ワークステーション上でのKubernetesコマンドラインツールのインストール - -The cluster startup script will leave you with a running cluster and a `kubernetes` directory on your workstation. - -The [kubectl](/docs/reference/kubectl/kubectl/) tool controls the Kubernetes cluster -manager. It lets you inspect your cluster resources, create, delete, and update -components, and much more. You will use it to look at your new cluster and bring -up example apps. - -You can use `gcloud` to install the `kubectl` command-line tool on your workstation: - -```shell -gcloud components install kubectl -``` - -{{< note >}} -The kubectl version bundled with `gcloud` may be older than the one -The [kubectl](/ja/docs/reference/kubectl/kubectl/) tool controls the Kubernetes cluster -document to see how you can set up the latest `kubectl` on your workstation. -{{< /note >}} - -## クラスターの始まり - -### クラスターの様子を見る - -Once `kubectl` is in your path, you can use it to look at your cluster. E.g., running: - -```shell -kubectl get --all-namespaces services -``` - -should show a set of [services](/docs/concepts/services-networking/service/) that look something like this: - -```shell -NAMESPACE NAME TYPE CLUSTER_IP EXTERNAL_IP PORT(S) AGE -default kubernetes ClusterIP 10.0.0.1 443/TCP 1d -kube-system kube-dns ClusterIP 10.0.0.2 53/TCP,53/UDP 1d -kube-system kube-ui ClusterIP 10.0.0.3 80/TCP 1d -... -``` - -Similarly, you can take a look at the set of [pods](/ja/docs/concepts/workloads/pods/) that were created during cluster startup. -You can do this via the - -```shell -kubectl get --all-namespaces pods -``` - -command. - -You'll see a list of pods that looks something like this (the name specifics will be different): - -```shell -NAMESPACE NAME READY STATUS RESTARTS AGE -kube-system coredns-5f4fbb68df-mc8z8 1/1 Running 0 15m -kube-system fluentd-cloud-logging-kubernetes-minion-63uo 1/1 Running 0 14m -kube-system fluentd-cloud-logging-kubernetes-minion-c1n9 1/1 Running 0 14m -kube-system fluentd-cloud-logging-kubernetes-minion-c4og 1/1 Running 0 14m -kube-system fluentd-cloud-logging-kubernetes-minion-ngua 1/1 Running 0 14m -kube-system kube-ui-v1-curt1 1/1 Running 0 15m -kube-system monitoring-heapster-v5-ex4u3 1/1 Running 1 15m -kube-system monitoring-influx-grafana-v1-piled 2/2 Running 0 15m -``` - -Some of the pods may take a few seconds to start up (during this time they'll show `Pending`), but check that they all show as `Running` after a short period. - -### いくつかの例の実行 - -Then, see [a simple nginx example](/ja/docs/tasks/run-application/run-stateless-application-deployment/) to try out your new cluster. - -For more complete applications, please look in the [examples directory](https://github.com/kubernetes/examples/tree/master/). The [guestbook example](https://github.com/kubernetes/examples/tree/master/guestbook/) is a good "getting started" walkthrough. - -## クラスターの解体 - -To remove/delete/teardown the cluster, use the `kube-down.sh` script. - -```shell -cd kubernetes -cluster/kube-down.sh -``` - -Likewise, the `kube-up.sh` in the same directory will bring it back up. You do not need to rerun the `curl` or `wget` command: everything needed to setup the Kubernetes cluster is now on your workstation. - -## カスタマイズ - -The script above relies on Google Storage to stage the Kubernetes release. It -then will start (by default) a single master VM along with 3 worker VMs. You -can tweak some of these parameters by editing `kubernetes/cluster/gce/config-default.sh` -You can view a transcript of a successful cluster creation -[here](https://gist.github.com/satnam6502/fc689d1b46db9772adea). - -## トラブルシューティング - -### プロジェクトの設定 - -You need to have the Google Cloud Storage API, and the Google Cloud Storage -JSON API enabled. It is activated by default for new projects. Otherwise, it -can be done in the Google Cloud Console. See the [Google Cloud Storage JSON -API Overview](https://cloud.google.com/storage/docs/json_api/) for more -details. - -Also ensure that-- as listed in the [Prerequisites section](#前提条件)-- you've enabled the `Compute Engine Instance Group Manager API`, and can start up a GCE VM from the command line as in the [GCE Quickstart](https://cloud.google.com/compute/docs/quickstart) instructions. - -### クラスター初期化のハング - -If the Kubernetes startup script hangs waiting for the API to be reachable, you can troubleshoot by SSHing into the master and node VMs and looking at logs such as `/var/log/startupscript.log`. - -**Once you fix the issue, you should run `kube-down.sh` to cleanup** after the partial cluster creation, before running `kube-up.sh` to try again. - -### SSH - -If you're having trouble SSHing into your instances, ensure the GCE firewall -isn't blocking port 22 to your VMs. By default, this should work but if you -have edited firewall rules or created a new non-default network, you'll need to -expose it: `gcloud compute firewall-rules create default-ssh --network= ---description "SSH allowed from anywhere" --allow tcp:22` - -Additionally, your GCE SSH key must either have no passcode or you need to be -using `ssh-agent`. - -### ネットワーク - -The instances must be able to connect to each other using their private IP. The -script uses the "default" network which should have a firewall rule called -"default-allow-internal" which allows traffic on any port on the private IPs. -If this rule is missing from the default network or if you change the network -being used in `cluster/config-default.sh` create a new rule with the following -field values: - -* Source Ranges: `10.0.0.0/8` -* Allowed Protocols and Port: `tcp:1-65535;udp:1-65535;icmp` - -## サポートレベル - - -IaaS Provider | Config. Mgmt | OS | Networking | Docs | Conforms | Support Level --------------------- | ------------ | ------ | ---------- | --------------------------------------------- | ---------| ---------------------------- -GCE | Saltstack | Debian | GCE | [docs](/ja/docs/setup/production-environment/turnkey/gce/) | | Project - diff --git a/content/ja/docs/setup/production-environment/turnkey/icp.md b/content/ja/docs/setup/production-environment/turnkey/icp.md deleted file mode 100644 index 1313f37ff0c..00000000000 --- a/content/ja/docs/setup/production-environment/turnkey/icp.md +++ /dev/null @@ -1,63 +0,0 @@ ---- -title: IBM Cloud Privateを使ってマルチクラウドでKubernetesを動かす ---- - -IBM® Cloud Private is a turnkey cloud solution and an on-premises turnkey cloud solution. IBM Cloud Private delivers pure upstream Kubernetes with the typical management components that are required to run real enterprise workloads. These workloads include health management, log management, audit trails, and metering for tracking usage of workloads on the platform. - -IBM Cloud Private is available in a community edition and a fully supported enterprise edition. The community edition is available at no charge from [Docker Hub](https://hub.docker.com/r/ibmcom/icp-inception/). The enterprise edition supports high availability topologies and includes commercial support from IBM for Kubernetes and the IBM Cloud Private management platform. If you want to try IBM Cloud Private, you can use either the hosted trial, the tutorial, or the self-guided demo. You can also try the free community edition. For details, see [Get started with IBM Cloud Private](https://www.ibm.com/cloud/private/get-started). - -For more information, explore the following resources: - -* [IBM Cloud Private](https://www.ibm.com/cloud/private) -* [Reference architecture for IBM Cloud Private](https://github.com/ibm-cloud-architecture/refarch-privatecloud) -* [IBM Cloud Private documentation](https://www.ibm.com/support/knowledgecenter/SSBS6K/product_welcome_cloud_private.html) - -## IBM Cloud PrivateとTerraform - -The following modules are available where you can deploy IBM Cloud Private by using Terraform: - -* AWS: [Deploy IBM Cloud Private to AWS](https://github.com/ibm-cloud-architecture/terraform-icp-aws) -* Azure: [Deploy IBM Cloud Private to Azure](https://github.com/ibm-cloud-architecture/terraform-icp-azure) -* IBM Cloud: [Deploy IBM Cloud Private cluster to IBM Cloud](https://github.com/ibm-cloud-architecture/terraform-icp-ibmcloud) -* OpenStack: [Deploy IBM Cloud Private to OpenStack](https://github.com/ibm-cloud-architecture/terraform-icp-openstack) -* Terraform module: [Deploy IBM Cloud Private on any supported infrastructure vendor](https://github.com/ibm-cloud-architecture/terraform-module-icp-deploy) -* VMware: [Deploy IBM Cloud Private to VMware](https://github.com/ibm-cloud-architecture/terraform-icp-vmware) - -## AWS上でのIBM Cloud Private - -You can deploy an IBM Cloud Private cluster on Amazon Web Services (AWS) using Terraform. - -IBM Cloud Private can also run on the AWS cloud platform by using Terraform. To deploy IBM Cloud Private in an AWS EC2 environment, see [Installing IBM Cloud Private on AWS](https://github.com/ibm-cloud-architecture/terraform-icp-aws). - -## Azure上でのIBM Cloud Private - -You can enable Microsoft Azure as a cloud provider for IBM Cloud Private deployment and take advantage of all the IBM Cloud Private features on the Azure public cloud. For more information, see [IBM Cloud Private on Azure](https://www.ibm.com/support/knowledgecenter/SSBS6K_3.2.0/supported_environments/azure_overview.html). - -## Red Hat OpenShiftを用いたIBM Cloud Private - -You can deploy IBM certified software containers that are running on IBM Cloud Private onto Red Hat OpenShift. - -Integration capabilities: - -* Supports Linux® 64-bit platform in offline-only installation mode -* Single-master configuration -* Integrated IBM Cloud Private cluster management console and catalog -* Integrated core platform services, such as monitoring, metering, and logging -* IBM Cloud Private uses the OpenShift image registry - -For more information see, [IBM Cloud Private on OpenShift](https://www.ibm.com/support/knowledgecenter/SSBS6K_3.2.0/supported_environments/openshift/overview.html). - -## VirtualBox上でのIBM Cloud Private - -To install IBM Cloud Private to a VirtualBox environment, see [Installing IBM Cloud Private on VirtualBox](https://github.com/ibm-cloud-architecture/refarch-privatecloud-virtualbox). - -## VMware上でのIBM Cloud Private - -You can install IBM Cloud Private on VMware with either Ubuntu or RHEL images. For details, see the following projects: - -* [Installing IBM Cloud Private with Ubuntu](https://github.com/ibm-cloud-architecture/refarch-privatecloud/blob/master/Installing_ICp_on_prem_ubuntu.md) -* [Installing IBM Cloud Private with Red Hat Enterprise](https://github.com/ibm-cloud-architecture/refarch-privatecloud/tree/master/icp-on-rhel) - -The IBM Cloud Private Hosted service automatically deploys IBM Cloud Private Hosted on your VMware vCenter Server instances. This service brings the power of microservices and containers to your VMware environment on IBM Cloud. With this service, you can extend the same familiar VMware and IBM Cloud Private operational model and tools from on-premises into the IBM Cloud. - -For more information, see [IBM Cloud Private Hosted service](https://cloud.ibm.com/docs/vmwaresolutions?topic=vmwaresolutions-icp_overview). diff --git a/content/ja/docs/tasks/access-application-cluster/_index.md b/content/ja/docs/tasks/access-application-cluster/_index.md index dc48e622465..cc0f539baa5 100644 --- a/content/ja/docs/tasks/access-application-cluster/_index.md +++ b/content/ja/docs/tasks/access-application-cluster/_index.md @@ -1,5 +1,5 @@ --- title: "クラスター内アプリケーションへのアクセス" description: クラスター内アプリケーションへアクセスできるようにするために、ロードバランシングやポートフォワーディングの設定、ファイアウォールやDNS設定のセットアップを行います。 -weight: 60 +weight: 100 --- diff --git a/content/ja/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume.md b/content/ja/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume.md index 8a0d37d28e3..540cbab72a1 100644 --- a/content/ja/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume.md +++ b/content/ja/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume.md @@ -1,7 +1,7 @@ --- title: 共有ボリュームを使用して同じPod内のコンテナ間で通信する content_type: task -weight: 110 +weight: 120 --- diff --git a/content/ja/docs/tasks/access-application-cluster/ingress-minikube.md b/content/ja/docs/tasks/access-application-cluster/ingress-minikube.md index be267080996..3c3f7526642 100644 --- a/content/ja/docs/tasks/access-application-cluster/ingress-minikube.md +++ b/content/ja/docs/tasks/access-application-cluster/ingress-minikube.md @@ -1,7 +1,7 @@ --- title: Minikube上でNGINX Ingressコントローラーを使用してIngressをセットアップする content_type: task -weight: 100 +weight: 110 --- diff --git a/content/ja/docs/tasks/configmap-secret/_index.md b/content/ja/docs/tasks/configmap-secret/_index.md index 18a8018ce56..39e607f6cf3 100644 --- a/content/ja/docs/tasks/configmap-secret/_index.md +++ b/content/ja/docs/tasks/configmap-secret/_index.md @@ -1,6 +1,6 @@ --- title: "Secretの管理" -weight: 28 +weight: 60 description: Secretを使用した機密設定データの管理 --- diff --git a/content/ja/docs/tasks/configure-pod-container/_index.md b/content/ja/docs/tasks/configure-pod-container/_index.md index 324a19b22b4..c40ed206666 100644 --- a/content/ja/docs/tasks/configure-pod-container/_index.md +++ b/content/ja/docs/tasks/configure-pod-container/_index.md @@ -1,6 +1,6 @@ --- title: "Podとコンテナの設定" description: Podとコンテナの一般的な設定のタスクを行います。 -weight: 20 +weight: 30 --- diff --git a/content/ja/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity.md b/content/ja/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity.md index 77caf9a13c4..d0599138dcd 100644 --- a/content/ja/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity.md +++ b/content/ja/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity.md @@ -2,7 +2,7 @@ title: Node Affinityを利用してPodをノードに割り当てる min-kubernetes-server-version: v1.10 content_type: task -weight: 120 +weight: 160 --- diff --git a/content/ja/docs/tasks/configure-pod-container/assign-pods-nodes.md b/content/ja/docs/tasks/configure-pod-container/assign-pods-nodes.md index 4e09dbaf932..a1ed76638b8 100644 --- a/content/ja/docs/tasks/configure-pod-container/assign-pods-nodes.md +++ b/content/ja/docs/tasks/configure-pod-container/assign-pods-nodes.md @@ -1,7 +1,7 @@ --- title: Podをノードに割り当てる content_type: task -weight: 120 +weight: 150 --- diff --git a/content/ja/docs/tasks/configure-pod-container/attach-handler-lifecycle-event.md b/content/ja/docs/tasks/configure-pod-container/attach-handler-lifecycle-event.md index 1aa194a745a..b7cfb624e7a 100644 --- a/content/ja/docs/tasks/configure-pod-container/attach-handler-lifecycle-event.md +++ b/content/ja/docs/tasks/configure-pod-container/attach-handler-lifecycle-event.md @@ -1,7 +1,7 @@ --- title: コンテナライフサイクルイベントへのハンドラー紐付け content_type: task -weight: 140 +weight: 180 --- diff --git a/content/ja/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md b/content/ja/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md index 0c14c79bb6b..c5dc0869c7a 100644 --- a/content/ja/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md +++ b/content/ja/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md @@ -1,7 +1,7 @@ --- title: Liveness Probe、Readiness ProbeおよびStartup Probeを使用する content_type: task -weight: 110 +weight: 140 --- diff --git a/content/ja/docs/tasks/configure-pod-container/configure-pod-configmap.md b/content/ja/docs/tasks/configure-pod-container/configure-pod-configmap.md index 7bcacd13a4c..61c8225fe14 100644 --- a/content/ja/docs/tasks/configure-pod-container/configure-pod-configmap.md +++ b/content/ja/docs/tasks/configure-pod-container/configure-pod-configmap.md @@ -1,7 +1,7 @@ --- title: Podを構成してConfigMapを使用する content_type: task -weight: 150 +weight: 190 card: name: tasks weight: 50 diff --git a/content/ja/docs/tasks/configure-pod-container/configure-projected-volume-storage.md b/content/ja/docs/tasks/configure-pod-container/configure-projected-volume-storage.md index 4c70662d424..1fd7172bc27 100644 --- a/content/ja/docs/tasks/configure-pod-container/configure-projected-volume-storage.md +++ b/content/ja/docs/tasks/configure-pod-container/configure-projected-volume-storage.md @@ -1,7 +1,7 @@ --- title: ストレージにProjectedボリュームを使用するようPodを設定する content_type: task -weight: 70 +weight: 100 --- diff --git a/content/ja/docs/tasks/configure-pod-container/configure-volume-storage.md b/content/ja/docs/tasks/configure-pod-container/configure-volume-storage.md index 5fb2769bdd3..140336d0db7 100644 --- a/content/ja/docs/tasks/configure-pod-container/configure-volume-storage.md +++ b/content/ja/docs/tasks/configure-pod-container/configure-volume-storage.md @@ -1,7 +1,7 @@ --- title: ストレージにボリュームを使用するPodを構成する content_type: task -weight: 50 +weight: 80 --- diff --git a/content/ja/docs/tasks/configure-pod-container/extended-resource.md b/content/ja/docs/tasks/configure-pod-container/extended-resource.md index b056fc73898..7a0114582a1 100644 --- a/content/ja/docs/tasks/configure-pod-container/extended-resource.md +++ b/content/ja/docs/tasks/configure-pod-container/extended-resource.md @@ -1,7 +1,7 @@ --- title: 拡張リソースをコンテナに割り当てる content_type: task -weight: 40 +weight: 70 --- diff --git a/content/ja/docs/tasks/configure-pod-container/quality-service-pod.md b/content/ja/docs/tasks/configure-pod-container/quality-service-pod.md index 012921d2bfc..ceb917d6227 100644 --- a/content/ja/docs/tasks/configure-pod-container/quality-service-pod.md +++ b/content/ja/docs/tasks/configure-pod-container/quality-service-pod.md @@ -1,7 +1,7 @@ --- title: PodにQuality of Serviceを設定する content_type: task -weight: 30 +weight: 60 --- diff --git a/content/ja/docs/tasks/configure-pod-container/security-context.md b/content/ja/docs/tasks/configure-pod-container/security-context.md index c4e1523af4f..68ce416b5fa 100644 --- a/content/ja/docs/tasks/configure-pod-container/security-context.md +++ b/content/ja/docs/tasks/configure-pod-container/security-context.md @@ -1,7 +1,7 @@ --- title: Podとコンテナにセキュリティコンテキストを設定する content_type: task -weight: 80 +weight: 110 --- diff --git a/content/ja/docs/tasks/configure-pod-container/share-process-namespace.md b/content/ja/docs/tasks/configure-pod-container/share-process-namespace.md index b5fd61777e6..b6be6e07e1d 100644 --- a/content/ja/docs/tasks/configure-pod-container/share-process-namespace.md +++ b/content/ja/docs/tasks/configure-pod-container/share-process-namespace.md @@ -2,7 +2,7 @@ title: Pod内のコンテナ間でプロセス名前空間を共有する min-kubernetes-server-version: v1.10 content_type: task -weight: 160 +weight: 200 --- diff --git a/content/ja/docs/tasks/configure-pod-container/static-pod.md b/content/ja/docs/tasks/configure-pod-container/static-pod.md index 8c5f9f67c82..851ef4e1610 100644 --- a/content/ja/docs/tasks/configure-pod-container/static-pod.md +++ b/content/ja/docs/tasks/configure-pod-container/static-pod.md @@ -1,6 +1,6 @@ --- title: static Podを作成する -weight: 170 +weight: 220 content_type: task --- diff --git a/content/ja/docs/tasks/debug/_index.md b/content/ja/docs/tasks/debug/_index.md index 21e34075fd2..7013b3ec48b 100644 --- a/content/ja/docs/tasks/debug/_index.md +++ b/content/ja/docs/tasks/debug/_index.md @@ -1,7 +1,7 @@ --- title: "監視、ログ、デバッグ" description: クラスターのトラブルシューティングや、コンテナ化したアプリケーションのデバッグのために、監視とログをセットアップします。 -weight: 20 +weight: 40 content_type: concept no_list: true --- diff --git a/content/ja/docs/tasks/debug/debug-application/determine-reason-pod-failure.md b/content/ja/docs/tasks/debug/debug-application/determine-reason-pod-failure.md index 1fbdb763aad..8f9c9c361bf 100644 --- a/content/ja/docs/tasks/debug/debug-application/determine-reason-pod-failure.md +++ b/content/ja/docs/tasks/debug/debug-application/determine-reason-pod-failure.md @@ -1,6 +1,7 @@ --- title: Pod障害の原因を特定する content_type: task +weight: 30 --- diff --git a/content/ja/docs/tasks/inject-data-application/_index.md b/content/ja/docs/tasks/inject-data-application/_index.md index a28c380a268..46e24f4ff88 100644 --- a/content/ja/docs/tasks/inject-data-application/_index.md +++ b/content/ja/docs/tasks/inject-data-application/_index.md @@ -1,5 +1,5 @@ --- title: "アプリケーションへのデータ注入" description: ワークロードを実行するPodの構成とその他のデータを指定します。 -weight: 30 +weight: 70 --- diff --git a/content/ja/docs/tasks/job/_index.md b/content/ja/docs/tasks/job/_index.md index bde073017bc..a8773cebf52 100644 --- a/content/ja/docs/tasks/job/_index.md +++ b/content/ja/docs/tasks/job/_index.md @@ -1,6 +1,6 @@ --- title: "Jobの実行" description: 並列処理を使用してJobを実行します。 -weight: 50 +weight: 90 --- diff --git a/content/ja/docs/tasks/manage-kubernetes-objects/_index.md b/content/ja/docs/tasks/manage-kubernetes-objects/_index.md index 16150cf3d77..09c10037431 100644 --- a/content/ja/docs/tasks/manage-kubernetes-objects/_index.md +++ b/content/ja/docs/tasks/manage-kubernetes-objects/_index.md @@ -1,5 +1,5 @@ --- title: "Kubernetesオブジェクトの管理" description: Kubernetes APIと対話するための宣言型および命令型のパラダイム。 -weight: 25 +weight: 50 --- diff --git a/content/ja/docs/tasks/network/_index.md b/content/ja/docs/tasks/network/_index.md index 1d5796f7b7d..09669b981b3 100644 --- a/content/ja/docs/tasks/network/_index.md +++ b/content/ja/docs/tasks/network/_index.md @@ -1,6 +1,6 @@ --- title: "ネットワーク" description: クラスターのネットワークの設定方法を学びます。 -weight: 160 +weight: 140 --- diff --git a/content/ja/docs/tasks/run-application/_index.md b/content/ja/docs/tasks/run-application/_index.md index 17d2339e7e1..fc1a4e9de90 100644 --- a/content/ja/docs/tasks/run-application/_index.md +++ b/content/ja/docs/tasks/run-application/_index.md @@ -1,6 +1,6 @@ --- title: "アプリケーションの実行" description: ステートレスアプリケーションとステートフルアプリケーションの両方を実行および管理します。 -weight: 40 +weight: 80 --- diff --git a/content/ja/docs/tasks/tls/_index.md b/content/ja/docs/tasks/tls/_index.md index 42234c709ea..11844cf63dc 100644 --- a/content/ja/docs/tasks/tls/_index.md +++ b/content/ja/docs/tasks/tls/_index.md @@ -1,6 +1,6 @@ --- title: "TLS" -weight: 100 +weight: 120 description: Transport Layer Security(TLS)を使用して、クラスター内のトラフィックを保護する方法について理解します。 --- diff --git a/content/pl/_index.html b/content/pl/_index.html index 5c9c8ed9618..1fa0f72c4cd 100644 --- a/content/pl/_index.html +++ b/content/pl/_index.html @@ -33,6 +33,8 @@ Niezależnie, czy prowadzisz tylko testy, czy globalny koncern, dzięki elastycz Kubernetes jako projekt open-source daje Ci wolność wyboru ⏤ skorzystaj z prywatnego centrum danych, infrastruktury hybrydowej lub chmury publicznej. Bez wysiłku możesz przenieść swoje aplikacje tam, gdzie są najbardziej potrzebne. +Żeby pobrać Kubernetesa, odwiedź sekcję [pobierania](/releases/download/). + {{% /blocks/feature %}} {{< /blocks/section >}} @@ -44,13 +46,12 @@ Kubernetes jako projekt open-source daje Ci wolność wyboru ⏤ skorzystaj z pr

    - Weź udział w KubeCon North America 24-28.10.2022 + Weź udział w KubeCon + CloudNativeCon Europe 18-21.04.2023



    - Weź udział w KubeCon Europe 17-21.04.2023 - + Weź udział w KubeCon + CloudNativeCon North America 6-9.11.2023
    diff --git a/content/pt-br/docs/reference/glossary/daemonset.md b/content/pt-br/docs/reference/glossary/daemonset.md new file mode 100644 index 00000000000..ab93250efde --- /dev/null +++ b/content/pt-br/docs/reference/glossary/daemonset.md @@ -0,0 +1,18 @@ +--- +title: DaemonSet +id: daemonset +date: 2018-04-12 +full_link: /docs/concepts/workloads/controllers/daemonset +short_description: > + Garante que uma cópia de um Pod esteja sendo executada em um conjunto de nós em um cluster. + +aka: +tags: +- fundamental +- core-object +- workload +--- + Garante que uma cópia de um {{< glossary_tooltip text="Pod" term_id="pod" >}} esteja sendo executada em um conjunto de nós em um {{< glossary_tooltip text="cluster" term_id="cluster" >}}. + + +Usado para instalar daemons do sistema como coletores de log e agentes de monitoramento que normalmente devem ser executados em todos os {{< glossary_tooltip text="nós" term_id="node" >}}. \ No newline at end of file diff --git a/content/pt-br/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_pull.md b/content/pt-br/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_pull.md index 15b6fd9195c..a4f3864a434 100644 --- a/content/pt-br/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_pull.md +++ b/content/pt-br/docs/reference/setup-tools/kubeadm/generated/kubeadm_config_images_pull.md @@ -59,7 +59,7 @@ kubeadm config images pull [flags] ---image-repository string     Padrão: "k8s.gcr.io" +--image-repository string     Padrão: "registry.k8s.io"

    Escolha um registro de contêineres para baixar imagens da camada de gerenciamento

    diff --git a/content/pt-br/docs/tasks/configure-pod-container/_index.md b/content/pt-br/docs/tasks/configure-pod-container/_index.md new file mode 100644 index 00000000000..9fa656fb20a --- /dev/null +++ b/content/pt-br/docs/tasks/configure-pod-container/_index.md @@ -0,0 +1,5 @@ +--- +title: "Configurar Pods e Contêineres" +description: Realizar tarefas comuns de configuração de Pods e contêineres +weight: 30 +--- \ No newline at end of file diff --git a/content/pt-br/docs/tasks/configure-pod-container/share-process-namespace.md b/content/pt-br/docs/tasks/configure-pod-container/share-process-namespace.md new file mode 100644 index 00000000000..e26f1f4895f --- /dev/null +++ b/content/pt-br/docs/tasks/configure-pod-container/share-process-namespace.md @@ -0,0 +1,128 @@ +--- +title: Compartilhando o Namespace de Processo Entre Contêineres em um Pod +reviewers: +- verb +- yujuhong +- dchen1107 +content_type: task +weight: 160 +--- + + + +Esta página mostra como configurar o compartilhamento de namespace de processos para um Pod. Quando +O compartilhamento de namespace de processos está ativado, os processos em um Contêiner são visíveis +para todos os outros Contêineres no mesmo Pod. + +Você pode usar este recurso para configurar Contêineres de cooperação, como um manipulador de log +`sidecar` de contêiner, ou para solucionar problemas em imagens de contêiner que não +incluem utilitários de depuração como um shell. + +## {{% heading "prerequisites" %}} + +{{< include "task-tutorial-prereqs.md" >}} + + + +## Configure um pod + +O compartilhamento de namespace de processos é ativado usando o campo `shareProcessNamespace` da +`.spec` para um Pod. Por exemplo: + +{{< codenew file="pods/share-process-namespace.yaml" >}} + +1. Crie o pod `nginx` no seu cluster: + + ```shell + kubectl apply -f https://k8s.io/examples/pods/share-process-namespace.yaml + ``` + +1. Conecte ao `shell` do contêiner e execute o comando `ps`: + + ```shell + kubectl attach -it nginx -c shell + ``` + + Se você não vir um prompt de comando, tente pressionar Enter. No shell do Contêiner execute: + + ```shell + # execute este comando dentro do "shell" do contêiner + ps ax + ``` + + A saída é semelhante a esta: + + ```none + PID USER TIME COMMAND + 1 root 0:00 /pause + 8 root 0:00 nginx: master process nginx -g daemon off; + 14 101 0:00 nginx: worker process + 15 root 0:00 sh + 21 root 0:00 ps ax + ``` + +Você pode sinalizar processos em outros Contêineres. Por exemplo, mandando `SIGHUP` ao +`nginx` para restartar o processo `worker`. Isso requer a capacidade `SYS_PTRACE`. + +```shell +# execute este comando dentro do "shell" do contêiner +kill -HUP 8 # substitua o "8" pelo PID do processo principal do nginx, se necessário +ps ax +``` + +A saída é semelhante a esta: + +```none +PID USER TIME COMMAND + 1 root 0:00 /pause + 8 root 0:00 nginx: master process nginx -g daemon off; + 15 root 0:00 sh + 22 101 0:00 nginx: worker process + 23 root 0:00 ps ax +``` + +É até possível acessar o sistema de arquivos de outro contêiner usando o link +`/proc/$pid/root`. + +```shell +# execute este comando dentro do "shell" do contêiner +# substitua o "8" pelo PID do processo Nginx, se necessario +head /proc/8/root/etc/nginx/nginx.conf +``` + +A saída é semelhante a esta: + +```none +user nginx; +worker_processes 1; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +``` + + + +## Compreendendo o compartilhamento de namespace de processos + +Os Pods compartilham muitos recursos, por isso faz sentido que eles também compartilhem um namespace de processo. +Alguns Contêineres podem esperar serem isolados de outros, no entanto, +por isso, é importante entender as diferenças: + +1. **O processo de contêiner não tem mais o PID 1.** Alguns Contêineres recusam + começar sem o PID 1 (por exemplo, contêineres usando `systemd`) ou executando comandos + como `kill -HUP 1` para sinalizar o processo de Contêiner. Em pods com um + namespace de processos compartilhado, `kill -HUP 1` irá sinalizar a `sandbox` + (`/pause` no exemplo acima). + +1. **Os processos são visíveis para outros contêineres no Pod.** Isso inclui todas + informações visíveis em `/proc`, como senhas que foram passadas como argumentos + ou variáveis de ambiente. Estes são protegidos apenas por permissões regulares do Unix. + +1. **Sistema de arquivos do Contêiner são visíveis para outros Contêineres do pod através do link + `/proc/$pid/root`.** Isso facilita a depuração, mas também significa + que os segredos do sistema de arquivos, são protegidos apenas por permissões de sistema de arquivos. + diff --git a/content/pt-br/docs/tasks/configure-pod-container/static-pod.md b/content/pt-br/docs/tasks/configure-pod-container/static-pod.md new file mode 100644 index 00000000000..805e6d04949 --- /dev/null +++ b/content/pt-br/docs/tasks/configure-pod-container/static-pod.md @@ -0,0 +1,245 @@ +--- +title: Criando Pods Estáticos +weight: 170 +content_type: task +reviewers: +- jsafrane +--- + + + + +*Pods Estáticos* são gerenciados diretamente pelo `daemon` kubelet em um nó específico, +sem o {{< glossary_tooltip text="servidor de API" term_id="kube-apiserver" >}} +observando-os. +Ao contrário dos pods que são gerenciados pelo `Control Plane` (por exemplo, uma +{{< glossary_tooltip text="Implantação" term_id="deployment" >}}); +em vez disso, o kubelet observa cada Pod estático +(e reinicia-os se falharem). + +Pods estáticos estão sempre ligados a um {{< glossary_tooltip term_id="kubelet" >}} em um nó específico. + +O Kubelet tenta automaticamente criar um {{< glossary_tooltip text="mirror Pod" term_id="mirror-pod" >}} +no servidor de API do Kubernetes para cada Pod estático. +Isso significa que os pods em execução em um nó são visíveis no servidor de API, +mas não podem ser controlados a partir daí. +Aos nomes de Pods será sufixados com o nome de host do nó, com um hífem a esquerda. + + +{{< note >}} +Se você está executando um cluster Kubernetes, usando Pods estáticos para executar um Pod em cada Nó, +provávelmente você deveria estar usando um {{< glossary_tooltip text="DaemonSet" term_id="daemonset" >}} em substituição. +{{< /note >}} + +{{< note >}} +A `especificação` de um Pod estático não pode referir-se à outros objetos da API +(ex., {{< glossary_tooltip text="ServiceAccount" term_id="service-account" >}}, +{{< glossary_tooltip text="ConfigMap" term_id="configmap" >}}, +{{< glossary_tooltip text="Secret" term_id="secret" >}}, etc). +{{< /note >}} + +## {{% heading "prerequisites" %}} + +{{< include "task-tutorial-prereqs.md" >}} {{< version-check >}} + +Esta página assume que você está usando um {{< glossary_tooltip term_id="cri-o" >}} para executar os Pods, +e que seus nós estão executando o sistema operacional Fedora. +Instruções para outras distribuições, ou instalações de Kubernetes, podem variar. + + + +## Crie um pod estático {#static-pod-creation} + +Você pode configurar um Pod estático com um [arquivo de configuração hospedado no sistema de arquivos](/docs/tasks/configure-pod-container/static-pod/#configuration-files) ou um [arquivo de configuração hospedado na Web](/docs/tasks/configure-pod-container/static-pod/#pods-created-via-http). + +### Manifesto do Pod estático hospedado no sistema de arquivos {#configuration-files} + +Os manifestos, são definições de Pod padrão em formato JSON ou YAML em um diretório específico. Use o campo `staticPodPath: ` no +[arquivo de configuração do kubelet](/docs/reference/config-api/kubelet-config.v1beta1/), +que periodicamente varre o diretório e cria/exclui Pods estáticos conforme os arquivos YAML/JSON aparecem/desaparecem. +Observe que o Kubelet ignorará os arquivos começando com pontos ao varrer o diretório especificado. + +Por exemplo, como iniciar um servidor Web simples como um Pod estático + +1. Escolha um nó onde você deseja executar um Pod estático. Neste exemplo, é `my-node1`. + + ```shell + ssh my-node1 + ``` + +2. Escolha um diretório, digamos `/etc/kubernetes/manifests` e coloque uma definição de pod para um servidor web lá, por exemplo `/etc/kubernetes/manifests/static-web.yaml`: + + ```shell + # Execute este comando no nó onde o Kubelet está funcionando + mkdir -p /etc/kubernetes/manifests/ + cat </etc/kubernetes/manifests/static-web.yaml + apiVersion: v1 + kind: Pod + metadata: + name: static-web + labels: + role: myrole + spec: + containers: + - name: web + image: nginx + ports: + - name: web + containerPort: 80 + protocol: TCP + EOF + ``` + +3. Configure seu kubelet no nó para usar este diretório executando-o com o argumento `--pod-manifest-path=/etc/kubernetes/manifests/`. No Fedora, edite o arquivo `/etc/kubernetes/kubelet` para incluir esta linha: + + ``` + KUBELET_ARGS="--cluster-dns=10.254.0.10 --cluster-domain=kube.local --pod-manifest-path=/etc/kubernetes/manifests/" + ``` + ou adicione o campo `staticPodPath: ` no + [arquivo de configuração do kubelet](/docs/reference/config-api/kubelet-config.v1beta1/). + +4. Reinicie o kubelet. No Fedora, você poderia executar: + + ```shell + # Execute este comando no nó onde o kubelet está funcionando + systemctl restart kubelet + ``` + +### Manifesto do Pod estático hospedado na Web {#pods-created-via-http} + +O Kubelet baixa periodicamente um arquivo especificado pelo argumento `--manifest-url=` +e interpreta-o como um arquivo JSON/YAML que contém as definições do Pod. +Similar ao que [manifestos hospedados no sistema de arquivos](#configuration-files) fazem, o kubelet +reexamina o manifesto em um agendamento. Se houver alterações na lista de Pods estáticos, o kubelet aplica-os. + +Para usar esta abordagem: + +1. Crie um arquivo YAML e armazene-o em um servidor da Web, para que você possa passar o URL desse arquivo para o Kubelet. + + ```yaml + apiVersion: v1 + kind: Pod + metadata: + name: static-web + labels: + role: myrole + spec: + containers: + - name: web + image: nginx + ports: + - name: web + containerPort: 80 + protocol: TCP + ``` + +2. Configure o kubelet no seu nó selecionado para usar este manifesto da Web, executando-o com `--manifest-url=`. No Fedora, edite `/etc/kubernetes/kubelet` para incluir esta linha: + + ``` + KUBELET_ARGS="--cluster-dns=10.254.0.10 --cluster-domain=kube.local --manifest-url=" + ``` + +3. Reinicie o Kubelet. No Fedora, você usaria: + + ```shell + # Execute este comando no nó onde o kubelet está funcionando + systemctl restart kubelet + ``` + +## Observe o comportamento do Pod estático {#behavior-of-static-pods} + +Quando o kubelet começa, inicia automaticamente todos os pods estáticos definidos. +Como você definiu um Pod estático e reiniciou o kubelet, o novo pod estático deveria +já estar em execução. + +Você pode ver os Contêineres em execução (incluindo os Pods estáticos) ao executar (no Nó): + +```shell +# Execute este comando no nó onde o kubelet está funcionando +crictl ps +``` + +A saída pode ser algo como: + +```console +CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID +129fd7d382018 docker.io/library/nginx@sha256:... 11 minutes ago Running web 0 34533c6729106 +``` + +{{< note >}} +`crictl` mostra a URI da imagem e o checksum SHA-256. O `NAME` vai parecer mais como: +`docker.io/library/nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31`. +{{< /note >}} + +Você pode ver o Pod espelho no servidor de API: + +```shell +kubectl get pods +``` +``` +NAME READY STATUS RESTARTS AGE +static-web 1/1 Running 0 2m +``` + +{{< note >}} +Verifique se o Kubelet tem permissão para criar o Pod espelho no servidor de API. Caso contrário, a solicitação de criação é rejeitada pelo servidor de API. Veja [Admissão de segurança do pod](/docs/concepts/security/pod-security-admission) e [Políticas de Segurança de Pod](/docs/concepts/security/pod-security-policy/). +{{< /note >}} + +Os {{< glossary_tooltip term_id="label" text="Rótulos" >}} dos pods estáticos são +propagados no Pod espelho. Você pode usar esses rótulos como +{{< glossary_tooltip term_id="selector" text="seletores" >}} via normal, etc. + +Se você tentar usar o `kubectl` para excluir o Pod espelho do servidor de API, +o kubelet _não_ remove o Pod estático: + +```shell +kubectl delete pod static-web +``` +``` +pod "static-web" deleted +``` +Você pode ver que o Pod ainda está funcionando: +```shell +kubectl get pods +``` +``` +NAME READY STATUS RESTARTS AGE +static-web 1/1 Running 0 4s +``` + +De volta ao seu nó, onde o kubelet está funcionando, você pode tentar parar o Contêiner manualmente. +Você verá que, depois de algum tempo, o Kubelet notará e reiniciará o Pod +automaticamente: + +```shell +# Execute esses comandos no nó onde o Kubelet está funcionando +crictl stop 129fd7d382018 # substitua pelo ID do seu contêiner +sleep 20 +crictl ps +``` +```console +CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID +89db4553e1eeb docker.io/library/nginx@sha256:... 19 seconds ago Running web 1 34533c6729106 +``` + +## Adição e remoção dinâmica de Pods estáticos + +O Kubelet em execução varre periodicamente o diretório configurado (`/etc/kubernetes/manifests` em nosso exemplo) por alterações, e adiciona/remove os pods à medida que os arquivos aparecem/desaparecem neste diretório. + +```shell +# Pressupondo que você esteja usando a configuração de Pod estático hospedada no sistema de arquivos +# Execute esses comandos no nó onde o Kubelet está funcionando +# +mv /etc/kubelet.d/static-web.yaml /tmp +sleep 20 +crictl ps +# Você vê que nenhum contêiner nginx está funcionando +# +mv /tmp/static-web.yaml /etc/kubelet.d/ +sleep 20 +crictl ps +``` +```console +CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID +f427638871c35 docker.io/library/nginx@sha256:... 19 seconds ago Running web 1 34533c6729106 +``` diff --git a/content/pt-br/examples/pods/share-process-namespace.yaml b/content/pt-br/examples/pods/share-process-namespace.yaml new file mode 100644 index 00000000000..bd48bf0ff6e --- /dev/null +++ b/content/pt-br/examples/pods/share-process-namespace.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: nginx +spec: + shareProcessNamespace: true + containers: + - name: nginx + image: nginx + - name: shell + image: busybox:1.28 + securityContext: + capabilities: + add: + - SYS_PTRACE + stdin: true + tty: true diff --git a/content/ru/docs/concepts/_index.md b/content/ru/docs/concepts/_index.md index 93fbc731a10..19e42ed49e9 100644 --- a/content/ru/docs/concepts/_index.md +++ b/content/ru/docs/concepts/_index.md @@ -17,7 +17,7 @@ weight: 40 Чтобы работать с Kubernetes, вы используете *объекты API Kubernetes* для описания *желаемого состояния вашего кластера*: какие приложения или другие рабочие нагрузки вы хотите запустить, какие образы контейнеров они используют, количество реплик, какие сетевые и дисковые ресурсы вы хотите использовать и сделать доступными и многое другое. Вы устанавливаете желаемое состояние, создавая объекты с помощью API Kubernetes, обычно через интерфейс командной строки `kubectl`. Вы также можете напрямую использовать API Kubernetes для взаимодействия с кластером и установки или изменения желаемого состояния. -После того, как вы установили желаемое состояние, *Плоскость управления Kubernetes* заставляет текущее состояние кластера соответствовать желаемому состоянию с помощью генератора событий жизненного цикла подов ([Pod Lifecycle Event Generator, PLEG](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/node/pod-lifecycle-event-generator.md)). Для этого Kubernetes автоматически выполняет множество задач, таких как запуск или перезапуск контейнеров, масштабирование количества реплик данного приложения и многое другое. Плоскость управления Kubernetes состоит из набора процессов, запущенных в вашем кластере: +После того, как вы установили желаемое состояние, *Плоскость управления Kubernetes* заставляет текущее состояние кластера соответствовать желаемому состоянию с помощью генератора событий жизненного цикла подов ([Pod Lifecycle Event Generator, PLEG](https://github.com/kubernetes/design-proposals-archive/blob/main/node/pod-lifecycle-event-generator.md)). Для этого Kubernetes автоматически выполняет множество задач, таких как запуск или перезапуск контейнеров, масштабирование количества реплик данного приложения и многое другое. Плоскость управления Kubernetes состоит из набора процессов, запущенных в вашем кластере: * **Мастер Kubernetes** — это коллекция из трех процессов, которые выполняются на одном узле в вашем кластере, который обозначен как главный узел. Это процессы: [kube-apiserver](/docs/admin/kube-apiserver/), [kube-controller-manager](/docs/admin/kube-controller-manager/) и [kube-scheduler](/docs/admin/kube-scheduler/). * Каждый отдельный неосновной узел в вашем кластере выполняет два процесса: diff --git a/content/ru/docs/concepts/cluster-administration/networking.md b/content/ru/docs/concepts/cluster-administration/networking.md new file mode 100644 index 00000000000..3fc6964aac0 --- /dev/null +++ b/content/ru/docs/concepts/cluster-administration/networking.md @@ -0,0 +1,32 @@ +--- +reviewers: +title: Сеть в кластере +content_type: concept +weight: 50 +--- + + +Сеть — важная часть Kubernetes, но понять, как именно она работает, бывает непросто. Существует 4 уникальных сетевых проблемы, которые требуют внимнаия: + +1. Высокосвязанные коммуникации между контейнерами: решается организацией коммуникации между {{< glossary_tooltip text="Pod'ами" term_id="pod" >}} и `localhost`. +2. Связь Pod'ов друг с другом (Pod-to-Pod): именно ей уделяется основное внимание в этом документе. +3. Связь Pod'ов с сервисами (Pod-to-Service): подробнее об этом можно почитать в разделе [Сервисы](/docs/concepts/services-networking/service/). +4. Связь внешних систем с сервисами (External-to-Service): информация о данных коммуникациях также приведена в разделе [Сервисы](/docs/concepts/services-networking/service/). + + + +Суть Kubernetes — в организации совместного использования хостов приложениями. Обычно совместное использование подразумевает, что два приложения не могут задействовать одни и те же порты. Создать единую глобальную схему использования портов очень сложно. В результате пользователи рискуют получить сложноустранимые проблемы на уровне кластера. + +Динамическое распределение портов значительно усложняет систему: каждое приложение должно уметь принимать порты в виде флагов-параметров, серверы API должны уметь вставлять динамические номера портов в конфигурационные блоки, сервисы должны знать, как найти друг друга и т.п. Вместо того чтобы пытаться разобраться со всем этим, Kubernetes использует иной подход. + +Больше узнать о сетевой модели Kubernetes можно в [соответствующем разделе](/docs/concepts/services-networking/). + +## Реализация сетевой модели Kubernetes + +Сетевая модель реализуется средой исполнения для контейнеров на узлах. Наиболее распространенные среды исполнения используют плагины [Container Network Interface](https://github.com/containernetworking/cni) (CNI) для управления сетью и обеспечения безопаснояти коммуникаций. Существует множество различных плагинов CNI от разных разработчиков. Некоторые из них предлагают только базовые функции, такие как добавление и удаление сетевых интерфейсов. Другие позволяют проводить интеграцию с различныеми системами оркестрации контейнеров, поддерживают запуск нескольких CNI-плагинов/расширенные функции IPAM и т.д. + +Неполный список сетевых аддонов, поддерживаемых Kubernetes, приведен [на соответствующей странице в разделе "Сеть и сетевая политика"](/docs/concepts/cluster-administration/addons/#networking-and-network-policy). + +## {{% heading "whatsnext" %}} + +Подробнее о разработке сетевой модели, принципах, лежащих в ее основе, и некоторых планах на будущее можно узнать из соответствующего [документа](https://git.k8s.io/design-proposals-archive/network/networking.md). diff --git a/content/ru/docs/concepts/overview/working-with-objects/labels.md b/content/ru/docs/concepts/overview/working-with-objects/labels.md index 572454f1815..6e1bdb5fbce 100644 --- a/content/ru/docs/concepts/overview/working-with-objects/labels.md +++ b/content/ru/docs/concepts/overview/working-with-objects/labels.md @@ -166,7 +166,7 @@ kubectl get pods -l 'environment in (production),tier in (frontend)' kubectl get pods -l 'environment in (production, qa)' ``` -Либо можно воспользоваться исключающим сопоставлением с помощью оператора _exists_: +Либо можно воспользоваться исключающим сопоставлением с помощью оператора _notin_: ```shell kubectl get pods -l 'environment,environment notin (frontend)' diff --git a/content/ru/docs/tasks/administer-cluster/certificates.md b/content/ru/docs/tasks/administer-cluster/certificates.md index dfb94c44c8e..3170f5b4120 100644 --- a/content/ru/docs/tasks/administer-cluster/certificates.md +++ b/content/ru/docs/tasks/administer-cluster/certificates.md @@ -17,7 +17,7 @@ weight: 20 1. Скачайте, распакуйте и инициализируйте пропатченную версию `easyrsa3`. ```shell - curl -LO https://storage.googleapis.com/kubernetes-release/easy-rsa/easy-rsa.tar.gz + curl -LO curl -LO https://dl.k8s.io/easy-rsa/easy-rsa.tar.gz tar xzf easy-rsa.tar.gz cd easy-rsa-master/easyrsa3 ./easyrsa init-pki diff --git a/content/zh-cn/blog/_posts/2022-12-27-cpumanager-goes-GA.md b/content/zh-cn/blog/_posts/2022-12-27-cpumanager-goes-GA.md index 9e7b876d103..48f66608bb9 100644 --- a/content/zh-cn/blog/_posts/2022-12-27-cpumanager-goes-GA.md +++ b/content/zh-cn/blog/_posts/2022-12-27-cpumanager-goes-GA.md @@ -88,11 +88,11 @@ compatible behavior when disabled, and to document how to interact with each oth 这使得 Kubernetes 项目能够将 CPU 管理器核心组件和核心 CPU 分配算法进阶至 GA,同时也开启了该领域新的实验时代。 在 Kubernetes v1.26 中,CPU -管理器支持[三个不同的策略选项](/zh-cn/docs/tasks/administer-cluster/cpu-management-policies.md#static-policy-options): +管理器支持[三个不同的策略选项](/zh-cn/docs/tasks/administer-cluster/cpu-management-policies#static-policy-options): + + + +**作者**:[Jordan Liggitt](https://github.com/liggitt) (Google) + +**译者**:顾欣 (ICBC) + +### 问题 {#the-problem} + + +从 2020 年发布的 v1.19 版本以来,Kubernetes 项目为每个次要版本提供 12-14 个月的补丁维护期。 +这使得用户可以按照年度升级周期来评估和选用 Kubernetes 版本,并持续一年获得安全修复。 + + +[Go 项目](https://github.com/golang/go/wiki/Go-Release-Cycle#release-maintenance)每年发布两个新的次要版本, +并为最近的两个版本提供安全修复,每个 Go 版本的维护期约为一年。 +尽管每个新的 Kubernetes 次要版本在最初发布时都是使用受支持的 Go 版本编译构建的, +但在这一 Kubernetes 次要版本被停止支持之前,对应的 Go 版本就已经不被支持, +并且由于 Kubernetes 从 v1.19 开始延长了补丁支持期,这个差距被进一步扩大。 + + +在编写本文时,包含了可能对安全产生影响的问题修复的 [Go 补丁发布版本](https://go.dev/doc/devel/release) +刚刚过半(88/171)。尽管这些问题中很多都与 Kubernetes 无关,但有些确实相关, +因此使用受支持的、已包含了这类修复的 Go 版本是非常重要的。 + + +显而易见的解决方案之一是直接更新 Kubernetes 的发布分支,使用 Go 的新次要版本。 +然而,Kubernetes 避免在[补丁发布中引入破坏稳定性的变更](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-release/cherry-picks.md#what-kind-of-prs-are-good-for-cherry-picks), +过去,因为这些变更被认为包含过高的复杂性、风险或破坏性,不适合包含在补丁发布中, +所以不能将现有发布分支更新到 Go 的新次要版本。 +示例包括: + + +* Go 1.6: 默认支持 http/2 +* Go 1.14: EINTR 问题处理 +* Go 1.17: 取消 x509 CN 支持, ParseIP 更改 +* Go 1.18: 默认禁用 x509 SHA-1 证书支持 +* Go 1.19: 取消当前目录 LookPath 行为 + + +其中一些更改可以基本不会影响 Kubernetes 代码, +有些只能通过用户指定的 `GODEBUG` 环境变量来选择放弃更新, +而其他变更则需要侵入式的代码变更或完全无法避免。 +由于这种不一致性,Kubernetes 的发布分支通常保持使用某个固定的 Go 次要版本, +并在每个 Kubernetes 次要版本支持生命周期的最后几个月内,面临无法得到重要的 Go 安全修复的风险。 + + +当某项重要的 Go 安全修复仅出现在较新的 Kubernetes 次要版本时, +用户必须在旧的 Kubernetes 次要版本的 12-14 个月支持期结束之前完成升级,以获取这些修复。 +如果用户没有准备好升级,可能导致 Kubernetes 集群的安全漏洞。 +即使用户可以接受这种意外升级,这种不确定性也使得 Kubernetes 在年度支持从规划角度看变得不太可靠。 + +### 解决方案 {#the-solution} + + +我们很高兴地宣布,自2023年1月起,受支持的 Kubernetes 版本与受支持的 Go 版本之间的差距已得到解决。 + + +在过去的一年里,我们与 Go 团队密切合作,以解决采用新的 Go 版本的困难。 +这些工作推动了一场[讨论](https://github.com/golang/go/discussions/55090)、 +[提案](https://github.com/golang/go/issues/56986)、 +[GopherCon 演讲](https://www.youtube.com/watch?v=v24wrd3RwGo)和[设计](https://go.dev/design/56986-godebug), +以提高 Go 的向后兼容性, +确保新的 Go 版本至少在两年(四个 Go 版本)内能够与之前的 Go 版本保持兼容的运行时行为。 +这使得像 Kubernetes 这样的项目能够将发布分支更新到受支持的 Go 版本, +而不是将行为上的变更暴露给用户。 + + +所提议的改进正按计划[包含在 Go 1.21 中](https://tip.golang.org/doc/godebug), +而且 Go 团队已经在 2022 年底的 Go 1.19 补丁发布中提供了针对兼容性的改进。 +这些更改使 Kubernetes 1.23+ 在 2023 年 1 月升级到 Go 1.19,并避免了任何用户可见的配置或行为变化。 +现在所有受支持的 Kubernetes 发布分支都使用受支持的 Go 版本, +并且可以使用包含可用的安全修复的、新的 Go 补丁发布。 + + +展望未来,Kubernetes 维护者仍致力于使 Kubernetes 补丁发布尽可能安全且不会造成破坏, +因此在现有的 Kubernetes 发布分支更新使用新的 Go 次要版本之前,新的 Go 次要版本必须满足几个要求: + + +1. 新的 Go 版本必须至少已经推出 3 个月。 + 这给了 Go 社区足够的时间进行报告并解决问题。 +2. 新的 Go 版本在新的 Kubernetes 次要版本中至少已经使用了 1 个月。 + 这确保 Kubernetes 所有可能阻塞发布的测试都需要能在新的 Go 版本下通过, + 并在早期为 Kubernetes 社区对发布候选版本和新次要版本提供反馈时间。 +3. 与先前的 Go 版本相比,不能出现新的已知会影响 Kubernetes 的问题。 +4. 默认情况下必须保持运行时行为,而无需 Kubernetes 用户/管理员采取任何操作。 +5. Kubernetes 库,如 `k8s.io/client-go` 必须与每个次要版本最初使用的 Go 版本保持兼容, + 以便在获取库补丁时,用户不必更新 Go 版本(不过还是鼓励他们使用受支持的 Go 版本构建, + 因为 Go 1.21 计划中的[兼容性改进](https://go.dev/design/56986-godebug)会使得这一操作变简单)。 + + +所有这些工作的目标是在不引人注意的情况下使 Kubernetes 补丁发布更加安全可靠, +并确保在整个支持周期内 Kubernetes 次要版本用起来都是安全的。 + + +非常感谢 Go 团队,尤其是 Russ Cox,他们推动了这些改进, +使所有 Go 用户受益,而不仅仅是 Kubernetes。 + diff --git a/content/zh-cn/blog/_posts/2023-04-20-read-write-once-pod-access-mode-beta.md b/content/zh-cn/blog/_posts/2023-04-20-read-write-once-pod-access-mode-beta.md new file mode 100644 index 00000000000..acb6db74c19 --- /dev/null +++ b/content/zh-cn/blog/_posts/2023-04-20-read-write-once-pod-access-mode-beta.md @@ -0,0 +1,205 @@ +--- +layout: blog +title: "Kubernetes 1.27: Single Pod Access Mode for PersistentVolumes Graduates to Beta" +date: 2023-04-20 +slug: read-write-once-pod-access-mode-beta +--- + + + +**作者**:Chris Henzie (Google) + +**译者**:顾欣 (ICBC) + + +随着 Kubernetes v1.27 的发布,ReadWriteOncePod 功能已经升级为 Beta 版。 +在这篇博客文章中,我们将更详细地介绍这个功能,作用以及在 Beta 版本中的发展。 + + +## 什么是 ReadWriteOncePod {#what-is-readwriteoncepod} + + +ReadWriteOncePod 是 Kubernetes 在 v1.22 中引入的一种新的访问模式, +适用于 [PersistentVolume](/zh-cn/docs/concepts/storage/persistent-volumes/#persistent-volumes)(PVs) +和 [PersistentVolumeClaim](/zh-cn/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)(PVCs)。 +此访问模式使你能够将存储卷访问限制在集群中的单个 Pod 上,确保一次只有一个 Pod 可以写入存储卷。 +这可能对需要单一写入者访问存储的有状态工作负载特别有用。 + + +要了解有关访问模式和 ReadWriteOncePod 如何工作的更多背景信息, +请阅读 2021 年介绍 PersistentVolume 的单个 Pod 访问模式的文章中的[什么是访问模式和为什么它们如此重要?](/blog/2021/09/13/read-write-once-pod-access-mode-alpha/#what-are-access-modes-and-why-are-they-important)。 + + +## ReadWriteOncePod 的 Beta 版中变化 {#changes-in-the-readwriteoncepod-beta} + + +ReadWriteOncePod Beta 版为使用 ReadWriteOncePod PVC 的 Pod 添加[调度器抢占](/zh-cn/docs/concepts/scheduling-eviction/pod-priority-preemption/)。 + + +调度器抢占允许更高优先级的 Pod 抢占较低优先级的 Pod,以便它们可以在同一节点上运行。 +在此版本中,如果更高优先级的 Pod 需要相同的 PVC,使用 ReadWriteOncePod PVCs 的 Pod 也可以被抢占。 + + +## 如何开始使用 ReadWriteOncePod? {#how-can-i-start-using-readwriteoncepod} + + +随着 ReadWriteOncePod 现已升级为 Beta 版,在 v1.27 及更高版本的集群中将默认启用该功能。 + + +请注意,ReadWriteOncePod [仅支持 CSI 卷](/zh-cn/docs/concepts/storage/persistent-volumes/#access-modes)。 +在使用此功能之前,你需要将以下 [CSI Sidecars](https://kubernetes-csi.github.io/docs/sidecar-containers.html)更新至以下版本或更高版本: + + +- [csi-provisioner:v3.0.0+](https://github.com/kubernetes-csi/external-provisioner/releases/tag/v3.0.0) +- [csi-attacher:v3.3.0+](https://github.com/kubernetes-csi/external-attacher/releases/tag/v3.3.0) +- [csi-resizer:v1.3.0+](https://github.com/kubernetes-csi/external-resizer/releases/tag/v1.3.0) + + +要开始使用 ReadWriteOncePod,请创建具有 ReadWriteOncePod 访问模式的 PVC: + +```yaml +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: single-writer-only +spec: + accessModes: + - ReadWriteOncePod #仅允许一个容器访问且独占写入权限。 + resources: + requests: + storage: 1Gi +``` + + +如果你的存储插件支持[动态制备](/zh-cn/docs/concepts/storage/dynamic-provisioning/), +新创建的持久卷将应用 ReadWriteOncePod 访问模式。 + +阅读[迁移现有持久卷](/blog/2021/09/13/read-write-once-pod-access-mode-alpha/#migrating-existing-persistentvolumes) +以了解如何迁移现有卷以使用 ReadWriteOncePod。 + + +## 如何了解更多信息? {#how-can-i-learn-more} + + +请查看 [Alpha 版博客](/blog/2021/09/13/read-write-once-pod-access-mode-alpha)和 +[KEP-2485](https://github.com/kubernetes/enhancements/blob/master/keps/sig-storage/2485-read-write-once-pod-pv-access-mode/README.md) +以了解关于 ReadWriteOncePod 访问模式的更多详细信息以及对 CSI 规约作更改的动机。 + + +## 如何参与? {#how-do-i-get-involved} + + +[Kubernetes #csi Slack](https://kubernetes.slack.com/messages/csi)频道以及任何常规的 +[SIG 存储沟通渠道](https://github.com/kubernetes/community/blob/master/sig-storage/README.md#contact) +都是联系 SIG 存储和 CSI 团队的最佳途径。 + + +特别感谢以下人士的仔细的审查和反馈,帮助完成了这个功能: + + +* Abdullah Gharaibeh (ahg-g) +* Aldo Culquicondor (alculquicondor) +* Antonio Ojea (aojea) +* David Eads (deads2k) +* Jan Šafránek (jsafrane) +* Joe Betz (jpbetz) +* Kante Yin (kerthcet) +* Michelle Au (msau42) +* Tim Bannister (sftim) +* Xing Yang (xing-yang) + + +如果您有兴趣参与 CSI 或 Kubernetes 存储系统的任何部分的设计和开发, +请加入 [Kubernetes 存储特别兴趣小组](https://github.com/kubernetes/community/tree/master/sig-storage)(SIG)。 +我们正在迅速发展,始终欢迎新的贡献者。 \ No newline at end of file diff --git a/content/zh-cn/docs/concepts/architecture/garbage-collection.md b/content/zh-cn/docs/concepts/architecture/garbage-collection.md index 4c18685ec23..bcde52e62a4 100644 --- a/content/zh-cn/docs/concepts/architecture/garbage-collection.md +++ b/content/zh-cn/docs/concepts/architecture/garbage-collection.md @@ -351,9 +351,9 @@ configure garbage collection: * 进一步了解 [Kubernetes 对象的属主关系](/zh-cn/docs/concepts/overview/working-with-objects/owners-dependents/)。 * 进一步了解 Kubernetes [finalizers](/zh-cn/docs/concepts/overview/working-with-objects/finalizers/)。 -* 进一步了解 [TTL 控制器](/zh-cn/docs/concepts/workloads/controllers/ttlafterfinished/) (Beta), +* 进一步了解 [TTL 控制器](/zh-cn/docs/concepts/workloads/controllers/ttlafterfinished/), 该控制器负责清理已完成的 Job。 diff --git a/content/zh-cn/docs/concepts/architecture/nodes.md b/content/zh-cn/docs/concepts/architecture/nodes.md index 655b017d9d3..e7c9c5a6adf 100644 --- a/content/zh-cn/docs/concepts/architecture/nodes.md +++ b/content/zh-cn/docs/concepts/architecture/nodes.md @@ -158,11 +158,6 @@ For self-registration, the kubelet is started with the following options: {{< glossary_tooltip text="taints" term_id="taint" >}} (comma separated `=:`). No-op if `register-node` is false. -- `--node-ip` - IP address of the node. -- `--node-labels` - {{< glossary_tooltip text="Labels" term_id="label" >}} to add when registering the node - in the cluster (see label restrictions enforced by the - [NodeRestriction admission plugin](/docs/reference/access-authn-authz/admission-controllers/#noderestriction)). -- `--node-status-update-frequency` - Specifies how often kubelet posts its node status to the API server. --> - `--kubeconfig` - 用于向 API 服务器执行身份认证所用的凭据的路径。 - `--cloud-provider` - 与某{{< glossary_tooltip text="云驱动" term_id="cloud-provider" >}} @@ -170,7 +165,29 @@ For self-registration, the kubelet is started with the following options: - `--register-node` - 自动向 API 服务注册。 - `--register-with-taints` - 使用所给的{{< glossary_tooltip text="污点" term_id="taint" >}}列表 (逗号分隔的 `=:`)注册节点。当 `register-node` 为 false 时无效。 -- `--node-ip` - 节点 IP 地址。 + +- `--node-ip` - 可选的以英文逗号隔开的节点 IP 地址列表。你只能为每个地址簇指定一个地址。 + 例如在单协议栈 IPv4 集群中,需要将此值设置为 kubelet 应使用的节点 IPv4 地址。 + 参阅[配置 IPv4/IPv6 双协议栈](/zh-cn/docs/concepts/services-networking/dual-stack/#configure-ipv4-ipv6-dual-stack)了解运行双协议栈集群的详情。 + + 如果你未提供这个参数,kubelet 将使用节点默认的 IPv4 地址(如果有); + 如果节点没有 IPv4 地址,则 kubelet 使用节点的默认 IPv6 地址。 + - `--node-labels` - 在集群中注册节点时要添加的{{< glossary_tooltip text="标签" term_id="label" >}}。 (参见 [NodeRestriction 准入控制插件](/zh-cn/docs/reference/access-authn-authz/admission-controllers/#noderestriction)所实施的标签限制)。 - `--node-status-update-frequency` - 指定 kubelet 向 API 服务器发送其节点状态的频率。 @@ -389,66 +406,39 @@ of the Node resource. For example, the following JSON structure describes a heal ] ``` - -如果 Ready 状况的 `status` 处于 `Unknown` 或者 `False` 状态的时间超过了 -`pod-eviction-timeout` 值(一个传递给 -{{< glossary_tooltip text="kube-controller-manager" term_id="kube-controller-manager" >}} -的参数),[节点控制器](#node-controller)会对节点上的所有 Pod 触发 -{{< glossary_tooltip text="API 发起的驱逐" term_id="api-eviction" >}}。 -默认的逐出超时时长为 **5 分钟**。 - - -某些情况下,当节点不可达时,API 服务器不能和其上的 kubelet 通信。 -删除 Pod 的决定不能传达给 kubelet,直到它重新建立和 API 服务器的连接为止。 -与此同时,被计划删除的 Pod 可能会继续在游离的节点上运行。 - - -节点控制器在确认 Pod 在集群中已经停止运行前,不会强制删除它们。 -你可以看到可能在这些无法访问的节点上运行的 Pod 处于 `Terminating` 或者 `Unknown` 状态。 -如果 Kubernetes 不能基于下层基础设施推断出某节点是否已经永久离开了集群, -集群管理员可能需要手动删除该节点对象。 -从 Kubernetes 删除节点对象将导致 API 服务器删除节点上所有运行的 Pod 对象并释放它们的名字。 - 当节点上出现问题时,Kubernetes 控制面会自动创建与影响节点的状况对应的 [污点](/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration/)。 -调度器在将 Pod 指派到某 Node 时会考虑 Node 上的污点设置。 -Pod 也可以设置{{< glossary_tooltip text="容忍度" term_id="toleration" >}}, -以便能够在设置了特定污点的 Node 上运行。 +例如当 Ready 状况的 `status` 保持 `Unknown` 或 `False` 的时间长于 +kube-controller-manager 的 `NodeMonitorGracePeriod`(默认为 40 秒)时, +会造成 `Unknown` 状态下为节点添加 `node.kubernetes.io/unreachable` 污点或在 +`False` 状态下为节点添加 `node.kubernetes.io/not-ready` 污点。 +这些污点会影响悬决的 Pod,因为调度器在将 Pod 分配到 Node 时会考虑 Node 的污点。 +已调度到节点的当前 Pod 可能会由于施加的 `NoExecute` 污点被驱逐。 +Pod 还可以设置{{< glossary_tooltip text="容忍度" term_id="toleration" >}}, +使得这些 Pod 仍然能够调度到且继续运行在设置了特定污点的 Node 上。 + + -进一步的细节可参阅[根据状况为节点设置污点](/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration/#taint-nodes-by-condition)。 +进一步的细节可参阅[基于污点的驱逐](/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration/#taint-based-evictions) +和[根据状况为节点设置污点](/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration/#taint-nodes-by-condition)。 +## 日志查询 {#log-query} + +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + + +为了帮助在节点上调试问题,Kubernetes v1.27 引入了一个特性来查看节点上当前运行服务的日志。 +要使用此特性,请确保已为节点启用了 `NodeLogQuery` +[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/), +且 kubelet 配置选项 `enableSystemLogHandler` 和 `enableSystemLogQuery` 均被设置为 true。 +在 Linux 上,我们假设可以通过 journald 查看服务日志。 +在 Windows 上,我们假设可以在应用日志提供程序中查看服务日志。 +在两种操作系统上,都可以通过读取 `/var/log/` 内的文件查看日志。 + + +假如你被授权与节点对象交互,你可以在所有节点或只是某个子集上试用此 Alpha 特性。 +这里有一个从节点中检索 kubelet 服务日志的例子: + +```shell +# 从名为 node-1.example 的节点中获取 kubelet 日志 +kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet" +``` + + +你也可以获取文件,前提是日志文件位于 kubelet 允许进行日志获取的目录中。 +例如你可以从 Linux 节点上的 `/var/log` 中获取日志。 + +```shell +kubectl get --raw "/api/v1/nodes//proxy/logs/?query=/" +``` + + +kubelet 使用启发方式来检索日志。 +如果你还未意识到给定的系统服务正将日志写入到操作系统的原生日志记录程序(例如 journald) +或 `/var/log/` 中的日志文件,这会很有帮助。 +这种启发方式先检查原生的日志记录程序,如果不可用,则尝试从 +`/var/log/`、`/var/log/.log` 或 `/var/log//.log` +中检索第一批日志。 + +可用选项的完整列表如下: + + +选项 | 描述 +------ | ----------- +`boot` | `boot` 显示来自特定系统引导的消息 +`pattern` | `pattern` 通过提供的兼容 PERL 的正则表达式来过滤日志条目 +`query` | `query` 是必需的,指定返回日志的服务或文件 +`sinceTime` | 显示日志的 [RFC3339](https://www.rfc-editor.org/rfc/rfc3339) 起始时间戳(包含) +`untilTime` | 显示日志的 [RFC3339](https://www.rfc-editor.org/rfc/rfc3339) 结束时间戳(包含) +`tailLines` | 指定要从日志的末尾检索的行数;默认为获取全部日志 + + +更复杂的查询示例: + +```shell +# 从名为 node-1.example 且带有单词 "error" 的节点中获取 kubelet 日志 +kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet&pattern=error" +``` + ## {{% heading "whatsnext" %}} -{{< feature-state for_k8s_version="v1.22" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} 默认情况下,Kubernetes 组件使用 gRPC 的 OTLP 导出器来导出追踪信息,将信息写到 [IANA OpenTelemetry 端口](https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=opentelemetry)。 -举例来说,如果收集器以 Kubernetes 组件的边车模式运行,以下接收器配置会收集 span 信息,并将它们写入到标准输出。 +举例来说,如果收集器以 Kubernetes 组件的边车模式运行, +以下接收器配置会收集 span 信息,并将它们写入到标准输出。 ```yaml receivers: @@ -105,38 +120,43 @@ kube-apiserver 为传入的 HTTP 请求、传出到 webhook 和 etcd 的请求 #### 在 kube-apiserver 中启用追踪 {#enabling-tracing-in-the-kube-apiserver} -要启用追踪特性,需要启用 kube-apiserver 上的 `APIServerTracing` -[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)。 -然后,使用 `--tracing-config-file=<<配置文件路径>` 为 kube-apiserver 提供追踪配置文件。 -下面是一个示例配置,它为万分之一的请求记录 spans,并使用了默认的 OpenTelemetry 端口。 ```yaml -apiVersion: apiserver.config.k8s.io/v1alpha1 +apiVersion: apiserver.config.k8s.io/v1beta1 kind: TracingConfiguration # default value #endpoint: localhost:4317 samplingRatePerMillion: 100 ``` +--> +要启用追踪特性,需要使用 `--tracing-config-file=<<配置文件路径>` 为 +kube-apiserver 提供追踪配置文件。下面是一个示例配置,它为万分之一的请求记录 +span,并使用了默认的 OpenTelemetry 端点。 + +```yaml +apiVersion: apiserver.config.k8s.io/v1beta1 +kind: TracingConfiguration +# 默认值 +#endpoint: localhost:4317 +samplingRatePerMillion: 100 +``` 有关 TracingConfiguration 结构体的更多信息,请参阅 -[API 服务器配置 API (v1alpha1)](/zh-cn/docs/reference/config-api/apiserver-config.v1alpha1/#apiserver-k8s-io-v1alpha1-TracingConfiguration)。 +[API 服务器配置 API (v1beta1)](/zh-cn/docs/reference/config-api/apiserver-config.v1beta1/#apiserver-k8s-io-v1beta1-TracingConfiguration)。 -### kubelet 追踪 {#kubelet-traces} +### kubelet 追踪 {#kubelet-traces} -{{< feature-state for_k8s_version="v1.25" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} #### 在 kubelet 中启用追踪 {#enabling-tracing-in-the-kubelet} -要启用 span,需在 kubelet 上启用 `KubeletTracing` -[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)。 -另外,为 kubelet 提供[追踪配置](https://github.com/kubernetes/component-base/blob/release-1.25/tracing/api/v1/types.go)。 -以下是 kubelet 配置的示例代码片段,每 10000 个请求中记录一个请求的 span,并使用默认的 OpenTelemetry 端点: +要启用追踪,需应用[追踪配置](https://github.com/kubernetes/component-base/blob/release-1.27/tracing/api/v1/types.go)。 +以下是 kubelet 配置的示例代码片段,每 10000 个请求中记录一个请求的 +span,并使用默认的 OpenTelemetry 端点: ```yaml apiVersion: kubelet.config.k8s.io/v1beta1 @@ -178,6 +206,34 @@ tracing: samplingRatePerMillion: 100 ``` + +如果 `samplingRatePerMillion` 被设置为一百万 (`1000000`),则所有 span 都将被发送到导出器。 + + +Kubernetes v{{< skew currentVersion >}} 中的 kubelet 从垃圾回收、Pod +同步例程以及每个 gRPC 方法中收集 span。CRI-O 和 containerd +这类关联的容器运行时可以将链路链接到其导出的 span,以提供更多上下文信息。 + + +请注意导出 span 始终会对网络和 CPU 产生少量性能开销,具体取决于系统的总体配置。 +如果在启用追踪的集群中出现类似性能问题,可以通过降低 `samplingRatePerMillion` +或通过移除此配置来彻底禁用追踪来缓解问题。 + @@ -198,4 +254,4 @@ there are no guarantees of backwards compatibility for tracing instrumentation. -* 阅读[Getting Started with the OpenTelemetry Collector](https://opentelemetry.io/docs/collector/getting-started/) +* 阅读 [Getting Started with the OpenTelemetry Collector](https://opentelemetry.io/docs/collector/getting-started/) diff --git a/content/zh-cn/docs/concepts/containers/images.md b/content/zh-cn/docs/concepts/containers/images.md index 2c7292201f9..cb30af9d8f3 100644 --- a/content/zh-cn/docs/concepts/containers/images.md +++ b/content/zh-cn/docs/concepts/containers/images.md @@ -38,7 +38,7 @@ This page provides an outline of the container image concept. 如果你正在寻找 Kubernetes 某个发行版本(如最新次要版本 v{{< skew latestVersion >}}) 的容器镜像,请访问[下载 Kubernetes](/zh-cn/releases/download/)。 @@ -55,8 +55,8 @@ and possibly a port number as well; for example: `fictional.registry.example:104 If you don't specify a registry hostname, Kubernetes assumes that you mean the Docker public registry. -After the image name part you can add a _tag_ (in the same way you would when using with commands like `docker` or `podman`). -Tags let you identify different versions of the same series of images. +After the image name part you can add a _tag_ (in the same way you would when using with commands +like `docker` or `podman`). Tags let you identify different versions of the same series of images. --> ## 镜像名称 {#image-names} @@ -71,9 +71,9 @@ Tags let you identify different versions of the same series of images. 镜像标签可以包含小写字母、大写字母、数字、下划线(`_`)、句点(`.`)和连字符(`-`)。 @@ -199,7 +199,7 @@ running the same code no matter what tag changes happen at the registry. 在创建 Pod(和 Pod 模板)时产生变更,这样运行的工作负载就是根据镜像摘要,而不是标签来定义的。 无论镜像仓库上的标签发生什么变化,你都想确保你所有的工作负载都运行相同的代码,那么指定镜像摘要会很有用。 - +## 串行和并行镜像拉取 {#serial-and-parallel-image-pulls} + + +默认情况下,kubelet 以串行方式拉取镜像。 +也就是说,kubelet 一次只向镜像服务发送一个镜像拉取请求。 +其他镜像拉取请求必须等待,直到正在处理的那个请求完成。 + + +节点独立地做出镜像拉取的决策。即使你使用串行的镜像拉取,两个不同的节点也可以并行拉取相同的镜像。 + + +如果你想启用并行镜像拉取,可以在 [kubelet 配置](/zh-cn/docs/reference/config-api/kubelet-config.v1beta1/) +中将字段 `serializeImagePulls` 设置为 false。 + +当`serializeImagePulls` 设置为 false 时,kubelet 会立即向镜像服务发送镜像拉取请求,多个镜像将同时被拉动。 + + +启用并行镜像拉取时,请确保你的容器运行时的镜像服务可以处理并行镜像拉取。 + + +kubelet 从不代表一个 Pod 并行地拉取多个镜像。 + +例如,如果你有一个 Pod,它有一个初始容器和一个应用容器,那么这两个容器的镜像拉取将不会并行。 +但是,如果你有两个使用不同镜像的 Pod,当启用并行镜像拉取时,kubelet 会代表两个不同的 Pod 并行拉取镜像。 + + +### 最大并行镜像拉取数量 {#maximum-parallel-image-pulls} + +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + + +当 `serializeImagePulls` 被设置为 false 时,kubelet 默认对同时拉取的最大镜像数量没有限制。 +如果你想限制并行镜像拉取的数量,可以在 kubelet 配置中设置字段 `maxParallelImagePulls`。 +当 `maxParallelImagePulls` 设置为 _n_ 时,只能同时拉取 _n_ 个镜像, +超过 _n_ 的任何镜像都必须等到至少一个正在进行拉取的镜像拉取完成后,才能拉取。 + + +当启用并行镜像拉取时,限制并行镜像拉取的数量可以防止镜像拉取消耗过多的网络带宽或磁盘 I/O。 + + +你可以将 `maxParallelImagePulls` 设置为大于或等于 1 的正数。 +如果将 `maxParallelImagePulls` 设置为大于等于 2,则必须将 `serializeImagePulls` 设置为 false。 +kubelet 在无效的 `maxParallelImagePulls` 设置下会启动失败。 + ## 使用私有仓库 {#using-a-private-registry} @@ -340,7 +425,7 @@ Credentials can be provided in several ways: - all pods can read any configured private registries - requires node configuration by cluster administrator - Kubelet Credential Provider to dynamically fetch credentials for private registries - - kubelet can be configured to use credential provider exec plugin + - kubelet can be configured to use credential provider exec plugin for the respective private registry. - Pre-pulled Images - all pods can use any images cached on a node @@ -376,7 +461,7 @@ These options are explained in more detail below. Specific instructions for setting credentials depends on the container runtime and registry you chose to use. You should refer to your solution's documentation for the most accurate information. --> -### 配置 Node 对私有仓库认证 {#configuring-nodes-to-authenticate-to-a-private-registry} +### 配置 Node 对私有仓库认证 {#configuring-nodes-to-authenticate-to-a-private-registry} 设置凭据的具体说明取决于你选择使用的容器运行时和仓库。 你应该参考解决方案的文档来获取最准确的信息。 @@ -390,6 +475,11 @@ task. That example uses a private registry in Docker Hub. 请参阅任务[从私有镜像库中拉取镜像](/zh-cn/docs/tasks/configure-pod-container/pull-image-private-registry)。 该示例使用 Docker Hub 中的私有镜像仓库。 + +### 用于认证镜像拉取的 kubelet 凭据提供程序 {#kubelet-credential-provider} + {{< note >}} diff --git a/content/zh-cn/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md b/content/zh-cn/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md index 2b0a54b4e2d..cd03b2d62b0 100644 --- a/content/zh-cn/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md +++ b/content/zh-cn/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md @@ -371,6 +371,16 @@ identifying containers using `pod`, `namespace`, and `container` prometheus labe kubelet 提供了 gRPC 服务来使得正在使用中的设备被发现,并且还为这些设备提供了元数据: @@ -380,6 +390,7 @@ kubelet 提供了 gRPC 服务来使得正在使用中的设备被发现,并且 service PodResourcesLister { rpc List(ListPodResourcesRequest) returns (ListPodResourcesResponse) {} rpc GetAllocatableResources(AllocatableResourcesRequest) returns (AllocatableResourcesResponse) {} + rpc Get(GetPodResourcesRequest) returns (GetPodResourcesResponse) {} } ``` @@ -398,6 +409,89 @@ information about memory and hugepages reserved for a container. CPU ID、设备插件所报告的设备 ID 以及这些设备分配所处的 NUMA 节点 ID。 此外,对于基于 NUMA 的机器,它还会包含为容器保留的内存和大页的信息。 + +从 Kubernetes v1.27 开始,`List` 端点可以通过 `DynamicResourceAllocation` API 提供在 +`ResourceClaims` 中分配的当前运行 Pod 的资源信息。 +要启用此特性,必须使用以下标志启动 `kubelet`: + +``` +--feature-gates=DynamicResourceAllocation=true,KubeletPodResourcesDynamiceResources=true +``` + + ```gRPC // ListPodResourcesResponse 是 List 函数的响应 message ListPodResourcesResponse { @@ -417,6 +511,7 @@ message ContainerResources { repeated ContainerDevices devices = 2; repeated int64 cpu_ids = 3; repeated ContainerMemory memory = 4; + repeated DynamicResource dynamic_resources = 5; } // ContainerMemory 包含分配给容器的内存和大页信息 @@ -442,6 +537,28 @@ message ContainerDevices { repeated string device_ids = 2; TopologyInfo topology = 3; } + +// DynamicResource 包含通过 Dynamic Resource Allocation 分配到容器的设备信息 +message DynamicResource { + string class_name = 1; + string claim_name = 2; + string claim_namespace = 3; + repeated ClaimResource claim_resources = 4; +} + +// ClaimResource 包含每个插件的资源信息 +message ClaimResource { + repeated CDIDevice cdi_devices = 1 [(gogoproto.customname) = "CDIDevices"]; +} + +// CDIDevice 指定 CDI 设备信息 +message CDIDevice { + // 完全合格的 CDI 设备名称 + // 例如:vendor.com/gpu=gpudevice1 + // 参阅 CDI 规范中的更多细节: + // https://github.com/container-orchestrated-devices/container-device-interface/blob/main/SPEC.md + string name = 1; +} ``` {{< note >}} @@ -560,6 +677,59 @@ gRPC 服务通过 `/var/lib/kubelet/pod-resources/kubelet.sock` 的 UNIX 套接 [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)。 从 Kubernetes 1.15 开始默认启用,自从 Kubernetes 1.20 开始为 v1。 + +### `Get` gRPC 端点 {#grpc-endpoint-get} + +{{< feature-state state="alpha" for_k8s_version="v1.27" >}} + + +`Get` 端点提供了当前运行 Pod 的资源信息。它会暴露与 `List` 端点中所述类似的信息。 +`Get` 端点需要当前运行 Pod 的 `PodName` 和 `PodNamespace`。 + + +```gRPC +// GetPodResourcesRequest 包含 Pod 相关信息 +message GetPodResourcesRequest { + string pod_name = 1; + string pod_namespace = 2; +} +``` + + +要启用此特性,你必须使用以下标志启动 kubelet 服务: + +``` +--feature-gates=KubeletPodResourcesGet=true +``` + + +`Get` 端点可以提供与动态资源分配 API 所分配的动态资源相关的 Pod 信息。 +要启用此特性,你必须确保使用以下标志启动 kubelet 服务: + +``` +--feature-gates=KubeletPodResourcesGet=true,DynamicResourceAllocation=true,KubeletPodResourcesDynamiceResources=true +``` + @@ -639,7 +809,8 @@ Here are some examples of device plugin implementations: 下面是一些设备插件实现的示例: * [AMD GPU 设备插件](https://github.com/RadeonOpenCompute/k8s-device-plugin) -* [Intel 设备插件](https://github.com/intel/intel-device-plugins-for-kubernetes)支持 Intel GPU、FPGA、QAT、VPU、SGX、DSA、DLB 和 IAA 设备 +* [Intel 设备插件](https://github.com/intel/intel-device-plugins-for-kubernetes)支持 + Intel GPU、FPGA、QAT、VPU、SGX、DSA、DLB 和 IAA 设备 * [KubeVirt 设备插件](https://github.com/kubevirt/kubernetes-device-plugins) 用于硬件辅助的虚拟化 * [为 Container-Optimized OS 所提供的 NVIDIA GPU 设备插件](https://github.com/GoogleCloudPlatform/container-engine-accelerators/tree/master/cmd/nvidia_gpu) * [RDMA 设备插件](https://github.com/hustcat/k8s-rdma-device-plugin) diff --git a/content/zh-cn/docs/concepts/scheduling-eviction/assign-pod-node.md b/content/zh-cn/docs/concepts/scheduling-eviction/assign-pod-node.md index 5af2dfc0449..ade103cf432 100644 --- a/content/zh-cn/docs/concepts/scheduling-eviction/assign-pod-node.md +++ b/content/zh-cn/docs/concepts/scheduling-eviction/assign-pod-node.md @@ -419,7 +419,7 @@ Pods, the default Kubernetes scheduler places those Pods and honors any DaemonSet 控制器[为 DaemonSet 创建 Pod](/zh-cn/docs/concepts/workloads/controllers/daemonset/#how-daemon-pods-are-scheduled), 但该控制器不理会调度方案。 DaemonSet 控制器创建 Pod 时,默认的 Kubernetes 调度器负责放置 Pod, -并遵从 DaemonSet 控制器中奢侈的 `nodeAffinity` 规则。 +并遵从 DaemonSet 控制器中设置的 `nodeAffinity` 规则。 {{< /note >}} -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} -新的 `resource.k8s.io/v1alpha1` +`resource.k8s.io/v1alpha2` {{< glossary_tooltip text="API 组" term_id="api-group" >}}提供四种新类型: +## 监控资源 {#monitoring-resources} + + +kubelet 提供了一个 gRPC 服务,以便发现正在运行的 Pod 的动态资源。 +有关 gRPC 端点的更多信息,请参阅[资源分配报告](/zh-cn/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/#monitoring-device-plugin-resources)。 + @@ -279,7 +292,7 @@ future. Dynamic resource allocation is an *alpha feature* and only enabled when the `DynamicResourceAllocation` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/) and the -`resource.k8s.io/v1alpha1` {{< glossary_tooltip text="API group" +`resource.k8s.io/v1alpha2` {{< glossary_tooltip text="API group" term_id="api-group" >}} are enabled. For details on that, see the `--feature-gates` and `--runtime-config` [kube-apiserver parameters](/docs/reference/command-line-tools-reference/kube-apiserver/). @@ -322,10 +335,11 @@ error: the server doesn't have a resource type "resourceclasses" -kube-scheduler 的默认配置仅在启用特性门控时才启用 "DynamicResources" 插件。 +kube-scheduler 的默认配置仅在启用特性门控且使用 v1 配置 API 时才启用 "DynamicResources" 插件。 自定义配置可能需要被修改才能启用它。 数字。Pod SchedulingGates" class="diagram-large" link="https://mermaid.live/edit#pako:eNplkktTwyAUhf8KgzuHWpukaYszutGlK3caFxQuCVMCGSDVTKf_XfKyPlhxz4HDB9wT5lYAptgHFuBRsdKxenFMClMYFIdfUdRYgbiD6ItJTEbR8wpEq5UpUfnDTf-5cbPoJjcbXdcaE61RVJIiqJvQ_Y30D-OCt-t3tFjcR5wZayiVnIGmkv4NiEfX9jijKTmmRH5jf0sRugOP0HyHUc1m6KGMFP27cM28fwSJDluPpNKaXqVJzmFNfHD2APRKSjnNFx9KhIpmzSfhVls3eHdTRrwG8QnxKfEZUUNeYTDBNbiaKRF_5dSfX-BQQQ0FpnEqQLJWhwIX5hyXsjbYl85wTINrgeC2EZd_xFQy7b_VJ6GCdd-itkxALE84dE3fAqXyIUZya6Qqe711OspVCI2ny2Vv35QqVO3-htt66ZWomAvVcZcv8yTfsiSFfJOydZoKvl_ttjLJVlJsblcJw-czwQ0zr9ZeqGDgeR77b2jD8xdtjtDn" >}} +{{< figure src="/docs/images/podSchedulingGates.svg" alt="pod-scheduling-gates-diagram" caption="图:Pod SchedulingGates" class="diagram-large" link="https://mermaid.live/edit#pako:eNplkktTwyAUhf8KgzuHWpukaYszutGlK3caFxQuCVMCGSDVTKf_XfKyPlhxz4HDB9wT5lYAptgHFuBRsdKxenFMClMYFIdfUdRYgbiD6ItJTEbR8wpEq5UpUfnDTf-5cbPoJjcbXdcaE61RVJIiqJvQ_Y30D-OCt-t3tFjcR5wZayiVnIGmkv4NiEfX9jijKTmmRH5jf0sRugOP0HyHUc1m6KGMFP27cM28fwSJDluPpNKaXqVJzmFNfHD2APRKSjnNFx9KhIpmzSfhVls3eHdTRrwG8QnxKfEZUUNeYTDBNbiaKRF_5dSfX-BQQQ0FpnEqQLJWhwIX5hyXsjbYl85wTINrgeC2EZd_xFQy7b_VJ6GCdd-itkxALE84dE3fAqXyIUZya6Qqe711OspVCI2ny2Vv35QqVO3-htt66ZWomAvVcZcv8yTfsiSFfJOydZoKvl_ttjLJVlJsblcJw-czwQ0zr9ZeqGDgeR77b2jD8xdtjtDn" >}} + -鉴于 test-pod 不请求任何 CPU/内存资源,预计此 Pod 的状态会从之前的 `SchedulingGated` 转变为 `Running`: +鉴于 test-pod 不请求任何 CPU/内存资源,预计此 Pod 的状态会从之前的 +`SchedulingGated` 转变为 `Running`: ```none NAME READY STATUS RESTARTS AGE IP NODE @@ -146,9 +147,61 @@ scheduling. You can use `scheduler_pending_pods{queue="gated"}` to check the met 以区分 Pod 是否已尝试调度但被宣称不可调度,或明确标记为未准备好调度。 你可以使用 `scheduler_pending_pods{queue="gated"}` 来检查指标结果。 + +## 可变 Pod 调度指令 {#mutable-pod-scheduling-directives} + +{{< feature-state for_k8s_version="v1.27" state="beta" >}} + + +当 Pod 具有调度门控时,你可以在某些约束条件下改变 Pod 的调度指令。 +在高层次上,你只能收紧 Pod 的调度指令。换句话说,更新后的指令将导致 +Pod 只能被调度到它之前匹配的节点子集上。 +更具体地说,更新 Pod 的调度指令的规则如下: + + +1. 对于 `.spec.nodeSelector`,只允许增加。如果原来未设置,则允许设置此字段。 + +2. 对于 `spec.affinity.nodeAffinity`,如果当前值为 nil,则允许设置为任意值。 + + +3. 如果 `NodeSelectorTerms` 之前为空,则允许设置该字段。 + 如果之前不为空,则仅允许增加 `NodeSelectorRequirements` 到 `matchExpressions` + 或 `fieldExpressions`,且不允许更改当前的 `matchExpressions` 和 `fieldExpressions`。 + 这是因为 `.requiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms` + 中的条目被执行逻辑或运算,而 `nodeSelectorTerms[].matchExpressions` 和 + `nodeSelectorTerms[].fieldExpressions` 中的表达式被执行逻辑与运算。 + + +4. 对于 `.preferredDuringSchedulingIgnoredDuringExecution`,所有更新都被允许。 + 这是因为首选条目不具有权威性,因此策略控制器不会验证这些条目。 + ## {{% heading "whatsnext" %}} -* 阅读 [PodSchedulingReadiness KEP](https://github.com/kubernetes/enhancements/blob/master/keps/sig-scheduling/3521-pod-scheduling-readiness) 了解更多详情 +* 阅读 [PodSchedulingReadiness KEP](https://github.com/kubernetes/enhancements/blob/master/keps/sig-scheduling/3521-pod-scheduling-readiness) + 了解更多详情 diff --git a/content/zh-cn/docs/concepts/scheduling-eviction/scheduling-framework.md b/content/zh-cn/docs/concepts/scheduling-eviction/scheduling-framework.md index 2641362e0af..436e2cc5a5c 100644 --- a/content/zh-cn/docs/concepts/scheduling-eviction/scheduling-framework.md +++ b/content/zh-cn/docs/concepts/scheduling-eviction/scheduling-framework.md @@ -105,6 +105,28 @@ stateful tasks. --> {{< figure src="/images/docs/scheduling-framework-extensions.png" title="调度框架扩展点" class="diagram-large">}} + +### PreEnqueue {#pre-enqueue} + + +这些插件在将 Pod 被添加到内部活动队列之前被调用,在此队列中 Pod 被标记为准备好进行调度。 + +只有当所有 PreEnqueue 插件返回 `Success` 时,Pod 才允许进入活动队列。 +否则,它将被放置在内部无法调度的 Pod 列表中,并且不会获得 `Unschedulable` 状态。 + +要了解有关内部调度器队列如何工作的更多详细信息,请阅读 [kube-scheduler 调度队列](https://github.com/kubernetes/community/blob/f03b6d5692bd979f07dd472e7b6836b2dad0fd9b/contributors/devel/sig-scheduling/scheduler_queues.md)。 + diff --git a/content/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration.md b/content/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration.md index affbe62d888..8cdc03ae42c 100644 --- a/content/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration.md +++ b/content/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration.md @@ -54,7 +54,8 @@ For example, --> ## 概念 {#concepts} -你可以使用命令 [kubectl taint](/docs/reference/generated/kubectl/kubectl-commands#taint) 给节点增加一个污点。比如, +你可以使用命令 [kubectl taint](/docs/reference/generated/kubectl/kubectl-commands#taint) +给节点增加一个污点。比如: ```shell kubectl taint nodes node1 key1=value1:NoSchedule @@ -82,7 +83,7 @@ to schedule onto `node1`: --> 你可以在 Pod 规约中为 Pod 设置容忍度。 下面两个容忍度均与上面例子中使用 `kubectl taint` 命令创建的污点相匹配, -因此如果一个 Pod 拥有其中的任何一个容忍度,都能够被调度到 `node1` : +因此如果一个 Pod 拥有其中的任何一个容忍度,都能够被调度到 `node1`: ```yaml tolerations: @@ -119,11 +120,10 @@ A toleration "matches" a taint if the keys are the same and the effects are the --> 一个容忍度和一个污点相“匹配”是指它们有一样的键名和效果,并且: -* 如果 `operator` 是 `Exists` (此时容忍度不能指定 `value`),或者 -* 如果 `operator` 是 `Equal` ,则它们的 `value` 应该相等 +* 如果 `operator` 是 `Exists`(此时容忍度不能指定 `value`),或者 +* 如果 `operator` 是 `Equal`,则它们的 `value` 应该相等。 {{< note >}} - -例如,假设你给一个节点添加了如下污点 +例如,假设你给一个节点添加了如下污点: ```shell kubectl taint nodes node1 key1=value1:NoSchedule @@ -279,7 +279,7 @@ onto nodes labeled with `dedicated=groupName`. 很容易就能做到)。 拥有上述容忍度的 Pod 就能够被调度到上述专用节点,同时也能够被调度到集群中的其它节点。 如果你希望这些 Pod 只能被调度到上述专用节点, - 那么你还需要给这些专用节点另外添加一个和上述污点类似的 label (例如:`dedicated=groupName`), + 那么你还需要给这些专用节点另外添加一个和上述污点类似的 label(例如:`dedicated=groupName`), 同时还要在上述准入控制器中给 Pod 增加节点亲和性要求,要求上述 Pod 只能被调度到添加了 `dedicated=groupName` 标签的节点上。 @@ -310,7 +310,7 @@ manually add tolerations to your pods. 我们希望不需要这类硬件的 Pod 不要被调度到这些特殊节点,以便为后继需要这类硬件的 Pod 保留资源。 要达到这个目的,可以先给配备了特殊硬件的节点添加污点 (例如 `kubectl taint nodes nodename special=true:NoSchedule` 或 - `kubectl taint nodes nodename special=true:PreferNoSchedule`), + `kubectl taint nodes nodename special=true:PreferNoSchedule`), 然后给使用了这类特殊硬件的 Pod 添加一个相匹配的容忍度。 和专用节点的例子类似,添加这个容忍度的最简单的方法是使用自定义 [准入控制器](/zh-cn/docs/reference/access-authn-authz/admission-controllers/)。 @@ -333,7 +333,7 @@ when there are node problems, which is described in the next section. -## 基于污点的驱逐 {#taint-based-evictions} +## 基于污点的驱逐 {#taint-based-evictions} {{< feature-state for_k8s_version="v1.18" state="stable" >}} @@ -347,7 +347,7 @@ running on the node as follows * pods that tolerate the taint with a specified `tolerationSeconds` remain bound for the specified amount of time --> -前文提到过污点的效果值 `NoExecute` 会影响已经在节点上运行的 Pod,如下 +前文提到过污点的效果值 `NoExecute` 会影响已经在节点上运行的如下 Pod: * 如果 Pod 不能忍受这类污点,Pod 会马上被驱逐。 * 如果 Pod 能够忍受这类污点,但是在容忍度定义中没有指定 `tolerationSeconds`, @@ -384,8 +384,8 @@ are true. The following taints are built in: * `node.kubernetes.io/network-unavailable`:节点网络不可用。 * `node.kubernetes.io/unschedulable`: 节点不可调度。 * `node.cloudprovider.kubernetes.io/uninitialized`:如果 kubelet 启动时指定了一个“外部”云平台驱动, - 它将给当前节点添加一个污点将其标志为不可用。在 cloud-controller-manager - 的一个控制器初始化这个节点后,kubelet 将删除这个污点。 + 它将给当前节点添加一个污点将其标志为不可用。在 cloud-controller-manager + 的一个控制器初始化这个节点后,kubelet 将删除这个污点。 +在某些情况下,当节点不可达时,API 服务器无法与节点上的 kubelet 进行通信。 +在与 API 服务器的通信被重新建立之前,删除 Pod 的决定无法传递到 kubelet。 +同时,被调度进行删除的那些 Pod 可能会继续运行在分区后的节点上。 + {{< note >}} - DaemonSet 控制器自动为所有守护进程添加如下 `NoSchedule` 容忍度,以防 DaemonSet 崩溃: * `node.kubernetes.io/memory-pressure` @@ -531,7 +540,6 @@ DaemonSet 控制器自动为所有守护进程添加如下 `NoSchedule` 容忍 Adding these tolerations ensures backward compatibility. You can also add arbitrary tolerations to DaemonSets. --> - 添加上述容忍度确保了向后兼容,你也可以选择自由向 DaemonSet 添加容忍度。 ## {{% heading "whatsnext" %}} diff --git a/content/zh-cn/docs/concepts/scheduling-eviction/topology-spread-constraints.md b/content/zh-cn/docs/concepts/scheduling-eviction/topology-spread-constraints.md index afb4aefbc39..398d92d8629 100644 --- a/content/zh-cn/docs/concepts/scheduling-eviction/topology-spread-constraints.md +++ b/content/zh-cn/docs/concepts/scheduling-eviction/topology-spread-constraints.md @@ -105,7 +105,7 @@ spec: topologyKey: whenUnsatisfiable: labelSelector: - matchLabelKeys: # 可选;自从 v1.25 开始成为 Alpha + matchLabelKeys: # 可选;自从 v1.27 开始成为 Beta nodeAffinityPolicy: [Honor|Ignore] # 可选;自从 v1.26 开始成为 Beta nodeTaintsPolicy: [Honor|Ignore] # 可选;自从 v1.26 开始成为 Beta ### 其他 Pod 字段置于此处 @@ -223,40 +223,54 @@ your cluster. Those fields are: - **matchLabelKeys** 是一个 Pod 标签键的列表,用于选择需要计算分布方式的 Pod 集合。 这些键用于从 Pod 标签中查找值,这些键值标签与 `labelSelector` 进行逻辑与运算,以选择一组已有的 Pod, - 通过这些 Pod 计算新来 Pod 的分布方式。Pod 标签中不存在的键将被忽略。 + 通过这些 Pod 计算新来 Pod 的分布方式。`matchLabelKeys` 和 `labelSelector` 中禁止存在相同的键。 + 未设置 `labelSelector` 时无法设置 `matchLabelKeys`。Pod 标签中不存在的键将被忽略。 null 或空列表意味着仅与 `labelSelector` 匹配。 - 借助 `matchLabelKeys`,用户无需在变更 Pod 修订版本时更新 `pod.spec`。 - 控制器或 Operator 只需要将不同修订版的 `label` 键设为不同的值。 - 调度器将根据 `matchLabelKeys` 自动确定取值。例如,如果用户使用 Deployment, - 则他们可以使用由 Deployment 控制器自动添加的、以 `pod-template-hash` 为键的标签来区分单个 - Deployment 的不同修订版。 + 借助 `matchLabelKeys`,你无需在变更 Pod 修订版本时更新 `pod.spec`。 + 控制器或 Operator 只需要将不同修订版的标签键设为不同的值。 + 调度器将根据 `matchLabelKeys` 自动确定取值。例如,如果你正在配置一个 Deployment, + 则你可以使用由 Deployment 控制器自动添加的、以 + [pod-template-hash](/zh-cn/docs/concepts/workloads/controllers/deployment/#pod-template-hash-label) + 为键的标签来区分同一个 Deployment 的不同修订版。 ```yaml topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: foo matchLabelKeys: - - app - pod-template-hash ``` {{< note >}} - `matchLabelKeys` 字段是 1.25 中新增的一个 Alpha 字段。 - 你必须启用 `MatchLabelKeysInPodTopologySpread` - [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)才能使用此字段。 + `matchLabelKeys` 字段是 1.27 中默认启用的一个 Beta 级别字段。 + 你可以通过禁用 `MatchLabelKeysInPodTopologySpread` + [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)来禁用此字段。 {{< /note >}} 此功能特性,尤其是 Alpha 阶段的 `topologyKeys` API,在 Kubernetes v1.21 版本中已被废弃。Kubernetes v1.21 版本中引入的 -[拓扑感知的提示](/zh-cn/docs/concepts/services-networking/topology-aware-hints/), +[拓扑感知路由](/zh-cn/docs/concepts/services-networking/topology-aware-routing/), 提供类似的功能。 {{}} diff --git a/content/zh-cn/docs/concepts/services-networking/service.md b/content/zh-cn/docs/concepts/services-networking/service.md index 76e931ae4c9..fbd4e5374c0 100644 --- a/content/zh-cn/docs/concepts/services-networking/service.md +++ b/content/zh-cn/docs/concepts/services-networking/service.md @@ -1079,6 +1079,22 @@ The cloud provider decides how it is load balanced. --> 来自外部负载均衡器的流量将直接重定向到后端 Pod 上,不过实际它们是如何工作的,这要依赖于云提供商。 + +要实现 `type: LoadBalancer` 的服务,Kubernetes 通常首先进行与请求 `type: NodePort` 服务等效的更改。 +cloud-controller-manager 组件随后配置外部负载均衡器以将流量转发到已分配的节点端口。 + +你可以将负载均衡服务配置为[忽略](#load-balancer-nodeport-allocation)分配节点端口, +前提是云提供商实现支持这点。 + -要实现 `type: LoadBalancer` 的服务,Kubernetes 通常首先进行与请求 `type: NodePort` 服务等效的更改。 -cloud-controller-manager 组件然后配置外部负载均衡器以将流量转发到已分配的节点端口。 - -你可以将负载均衡服务配置为[忽略](#load-balancer-nodeport-allocation)分配节点端口, -前提是云提供商实现支持这点。 - {{< note >}} -在 **Azure** 上,如果要使用用户指定的公共类型 `loadBalancerIP`, -则首先需要创建静态类型的公共 IP 地址资源。 -此公共 IP 地址资源应与集群中其他自动创建的资源位于同一资源组中。 -例如,`MC_myResourceGroup_myAKSCluster_eastus`。 +针对 Service 的 `.spec.loadBalancerIP` 字段已在 Kubernetes v1.24 中被弃用。 -将分配的 IP 地址设置为 loadBalancerIP。确保你已更新云提供程序配置文件中的 securityGroupName。 -有关对 `CreatingLoadBalancerFailed` 权限问题进行故障排除的信息, -请参阅[与 Azure Kubernetes 服务(AKS)负载均衡器一起使用静态 IP 地址](https://docs.microsoft.com/zh-cn/azure/aks/static-ip) -或[在 AKS 集群上使用高级联网时出现 CreatingLoadBalancerFailed](https://github.com/Azure/AKS/issues/357)。 +此字段的定义模糊,其含义因实现而异。它也不支持双协议栈联网。 +此字段可能会在未来的 API 版本中被移除。 + + +如果你正在集成某云平台,该平台通过(特定于提供商的)注解为 Service 指定负载均衡器 IP 地址, +你应该切换到这样做。 + +如果你正在为集成到 Kubernetes 的负载均衡器编写代码,请避免使用此字段。 +你可以与 [Gateway](https://gateway-api.sigs.k8s.io/) 而不是 Service 集成, +或者你可以在 Service 上定义自己的(特定于提供商的)注解,以指定等效的细节。 {{< /note >}} + +#### 混合协议类型的负载均衡器 {{< feature-state for_k8s_version="v1.24" state="beta" >}} + -#### 混合协议类型的负载均衡器 - -{{< feature-state for_k8s_version="v1.20" state="alpha" >}} - 默认情况下,对于 LoadBalancer 类型的服务,当定义了多个端口时, 所有端口必须具有相同的协议,并且该协议必须是受云提供商支持的协议。 -当服务中定义了多个端口时,特性门控 `MixedProtocolLBService`(在 kube-apiserver 1.24 版本默认为启用)允许 -LoadBalancer 类型的服务使用不同的协议。 +当服务中定义了多个端口时,特性门控 `MixedProtocolLBService` +(在 kube-apiserver 1.24 版本默认为启用) +允许 LoadBalancer 类型的服务使用不同的协议。 {{< note >}} 百度云" %}} ```yaml [...] @@ -1320,7 +1324,7 @@ metadata: ``` {{% /tab %}} -{{% tab name="Tencent Cloud" %}} +{{% tab name="腾讯云" %}} ```yaml [...] @@ -1331,7 +1335,7 @@ metadata: ``` {{% /tab %}} -{{% tab name="Alibaba Cloud" %}} +{{% tab name="阿里云" %}} ```yaml [...] @@ -1449,7 +1453,7 @@ You can then specify any one of those policies using the annotation; for example: --> 然后,你可以使用 "`service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy`" -注解; 例如: +注解;例如: ```yaml metadata: @@ -1483,6 +1487,7 @@ Since version 1.3.0, the use of this annotation applies to all ports proxied by and cannot be configured otherwise. --> 从 1.3.0 版开始,此注解的使用适用于 ELB 代理的所有端口,并且不能进行其他配置。 + ```yaml metadata: name: my-service @@ -1565,6 +1588,63 @@ There are other annotations to manage Classic Elastic Load Balancers that are de 还有其他一些注解,用于管理经典弹性负载均衡器,如下所述。 + ```yaml metadata: name: my-service @@ -1691,9 +1771,16 @@ groups are modified with the following IP rules: 为了使客户端流量能够到达 NLB 后面的实例,使用以下 IP 规则修改了节点安全组: + +| 规则 | 协议 | 端口 | IpRange(s) | IpRange 描述 | +|------|----------|---------|------------|---------------------| +| Health Check | TCP | NodePort(s) (`.spec.healthCheckNodePort` for `.spec.externalTrafficPolicy = Local`) | Subnet CIDR | kubernetes.io/rule/nlb/health=\ | | Client Traffic | TCP | NodePort(s) | `.spec.loadBalancerSourceRanges` (默认值为 `0.0.0.0/0`) | kubernetes.io/rule/nlb/client=\ | | MTU Discovery | ICMP | 3,4 | `.spec.loadBalancerSourceRanges` (默认值为 `0.0.0.0/0`) | kubernetes.io/rule/nlb/mtu=\ | @@ -1864,7 +1951,6 @@ to learn more. Service is a top-level resource in the Kubernetes REST API. You can find more details about the [Service API object](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#service-v1-core). - --> ## API 对象 {#api-object} diff --git a/content/zh-cn/docs/concepts/storage/persistent-volumes.md b/content/zh-cn/docs/concepts/storage/persistent-volumes.md index c5ad768185e..07f3a4bb775 100644 --- a/content/zh-cn/docs/concepts/storage/persistent-volumes.md +++ b/content/zh-cn/docs/concepts/storage/persistent-volumes.md @@ -1084,7 +1084,8 @@ The access modes are: : the volume can be mounted as read-write by many nodes. `ReadWriteOncePod` -: the volume can be mounted as read-write by a single Pod. Use ReadWriteOncePod +: {{< feature-state for_k8s_version="v1.27" state="beta" >}} + the volume can be mounted as read-write by a single Pod. Use ReadWriteOncePod access mode if you want to ensure that only one pod across whole cluster can read that PVC or write to it. This is only supported for CSI volumes and Kubernetes version 1.22+. @@ -1106,7 +1107,8 @@ covers this in more detail. : 卷可以被多个节点以读写方式挂载。 `ReadWriteOncePod` -: 卷可以被单个 Pod 以读写方式挂载。 +: {{< feature-state for_k8s_version="v1.27" state="beta" >}} + 卷可以被单个 Pod 以读写方式挂载。 如果你想确保整个集群中只有一个 Pod 可以读取或写入该 PVC, 请使用 ReadWriteOncePod 访问模式。这只支持 CSI 卷以及需要 Kubernetes 1.22 以上版本。 diff --git a/content/zh-cn/docs/concepts/workloads/controllers/cron-jobs.md b/content/zh-cn/docs/concepts/workloads/controllers/cron-jobs.md index b15ebb56b50..1f4295dae81 100644 --- a/content/zh-cn/docs/concepts/workloads/controllers/cron-jobs.md +++ b/content/zh-cn/docs/concepts/workloads/controllers/cron-jobs.md @@ -3,7 +3,6 @@ title: CronJob content_type: concept weight: 80 --- - **CronJob** 创建基于时隔重复调度的 {{< glossary_tooltip term_id="job" text="Job" >}}。 @@ -155,21 +154,21 @@ Other than the standard syntax, some macros like `@monthly` can also be used: 除了标准语法,还可以使用一些类似 `@monthly` 的宏: -| 输入 | 描述 | 相当于 | -| ------------- | ------------- |------------- | -| @yearly (或 @annually) | 每年 1 月 1 日的午夜运行一次 | 0 0 1 1 * | -| @monthly | 每月第一天的午夜运行一次 | 0 0 1 * * | -| @weekly | 每周的周日午夜运行一次 | 0 0 * * 0 | -| @daily (或 @midnight) | 每天午夜运行一次 | 0 0 * * * | -| @hourly | 每小时的开始一次 | 0 * * * * | +| 输入 | 描述 | 相当于 | +| ---------------------- | ------------------------ | ------------ | +| @yearly (或 @annually) | 每年 1 月 1 日的午夜运行一次 | 0 0 1 1 * | +| @monthly | 每月第一天的午夜运行一次 | 0 0 1 * * | +| @weekly | 每周的周日午夜运行一次 | 0 0 * * 0 | +| @daily (或 @midnight) | 每天午夜运行一次 | 0 0 * * * | +| @hourly | 每小时的开始一次 | 0 * * * * | ## 时区 {#time-zones} +{{< feature-state for_k8s_version="v1.27" state="stable" >}} + + 对于没有指定时区的 CronJob, {{< glossary_tooltip term_id="kube-controller-manager" text="kube-controller-manager" >}} 基于本地时区解释排期表(Schedule)。 -{{< feature-state for_k8s_version="v1.25" state="beta" >}} - -如果启用了 `CronJobTimeZone` [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/), -你可以为 CronJob 指定一个时区(如果你没有启用该特性门控,或者你使用的是不支持试验性时区功能的 -Kubernetes 版本,集群中所有 CronJob 的时区都是未指定的)。 - -启用该特性后,你可以将 `spec.timeZone` -设置为有效[时区](https://zh.wikipedia.org/wiki/%E6%97%B6%E5%8C%BA%E4%BF%A1%E6%81%AF%E6%95%B0%E6%8D%AE%E5%BA%93)名称。 -例如,设置 `spec.timeZone: "Etc/UTC"` 指示 Kubernetes 采用 UTC 来解释排期表。 - -{{< caution >}} - -Kubernetes {{< skew currentVersion >}} 中 CronJob API 的实现允许你设置 -`.spec.schedule` 字段以包含时区;例如:`CRON_TZ=UTC * * * * *` 或 `TZ=UTC * * * * *`。 - -以这种方式指定时区是**未正式支持**(而且从来没有)。 - -如果你尝试设置包含 `TZ` 或 `CRON_TZ` 时区规范的排期表, -Kubernetes 会向客户端报告[警告](/zh-cn/blog/2020/09/03/warnings/)。 -Kubernetes 的未来版本可能根本不会实现这种非正式的时区机制。 -{{< /caution >}} +你可以通过将 `.spec.timeZone` +设置为一个有效[时区](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones)的名称, +为 CronJob 指定一个时区。例如设置 `.spec.timeZone: "Etc/UTC"` 将告诉 +Kubernetes 基于世界标准时间解读排期表。 +## CronJob 的限制 {#cronjob-limitations} + +### 不支持的时区规范 {#unsupported-timezone-spec} + + +Kubernetes {{< skew currentVersion >}} 中的 CronJob API 实现允许你设置 +`.spec.schedule` 字段,在其中包括时区信息; +例如 `CRON_TZ=UTC * * * * *` 或 `TZ=UTC * * * * *`。 + + +以这种方式指定时区是 **未正式支持的**(而且也从未正式支持过)。 + +如果你尝试设置包含 `TZ` 或 `CRON_TZ` 时区规范的排期表, +Kubernetes 会向客户端报告一条[警告](/blog/2020/09/03/warnings/)。 +后续的 Kubernetes 版本将完全阻止设置非正式的时区机制。 + + -## CronJob 限制 {#cronjob-limitations} - -### 修改 CronJob {#modifying-a-cronjob} +### 修改 CronJob {#modifying-a-cronjob} 按照设计,CronJob 包含一个用于**新** Job 的模板。 如果你修改现有的 CronJob,你所做的更改将应用于修改完成后开始运行的新任务。 @@ -491,7 +492,8 @@ CronJob 仅负责创建与其调度时间相匹配的 Job,而 Job 又负责管 Read the {{< api-reference page="workload-resources/cron-job-v1" >}} API reference for more details. --> -* 了解 CronJob 所依赖的 [Pod](/zh-cn/docs/concepts/workloads/pods/) 与 [Job](/zh-cn/docs/concepts/workloads/controllers/job/) 的概念。 +* 了解 CronJob 所依赖的 [Pod](/zh-cn/docs/concepts/workloads/pods/) 与 + [Job](/zh-cn/docs/concepts/workloads/controllers/job/) 的概念。 * 阅读 CronJob `.spec.schedule` 字段的详细[格式](https://pkg.go.dev/github.com/robfig/cron/v3#hdr-CRON_Expression_Format)。 * 有关创建和使用 CronJob 的说明及 CronJob 清单的示例, 请参见[使用 CronJob 运行自动化任务](/zh-cn/docs/tasks/job/automated-tasks-with-cron-jobs/)。 diff --git a/content/zh-cn/docs/concepts/workloads/controllers/statefulset.md b/content/zh-cn/docs/concepts/workloads/controllers/statefulset.md index 136837d9504..3973d78160d 100644 --- a/content/zh-cn/docs/concepts/workloads/controllers/statefulset.md +++ b/content/zh-cn/docs/concepts/workloads/controllers/statefulset.md @@ -258,7 +258,7 @@ pods will be assigned ordinals from 0 up through N-1. --> ### 起始序号 {#start-ordinal} -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} ## PersistentVolumeClaim 保留 {#persistentvolumeclaim-retention} -{{< feature-state for_k8s_version="v1.23" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} -## 处理干扰 +## 处理干扰 {#dealing-with-disruptions} 以下是减轻非自愿干扰的一些方法: +建议在你的 PodDisruptionBudget 中将 +[不健康 Pod 驱逐策略](/zh-cn/docs/tasks/run-application/configure-pdb/#unhealthy-pod-eviction-policy) +设置为 `AlwaysAllow` 以支持在节点腾空期间驱逐行为不当的应用程序。 +默认行为是等待应用程序 Pod 变得 +[健康](/zh-cn/docs/tasks/run-application/configure-pdb/#healthiness-of-a-pod),然后才能继续执行腾空。 + -如果你正使用的 Kubernetes 版本早于 {{< skew currentVersion >}},请参阅对应版本的文档。 -{{< /note >}} - {{< note >}} -`PreemptionByKubeScheduler` +`PreemptionByScheduler` : Pod 将被调度器{{}}, 目的是接受优先级更高的新 Pod。 要了解更多的相关信息,请参阅 [Pod 优先级和抢占](/zh-cn/docs/concepts/scheduling-eviction/pod-priority-preemption/)。 @@ -543,7 +547,7 @@ and Application Owner as separate roles with limited knowledge of each other. This separation of responsibilities may make sense in these scenarios: --> -## 分离集群所有者和应用所有者角色 +## 分离集群所有者和应用所有者角色 {#separating-cluster-owner-and-application-owner-roles} 通常,将集群管理者和应用所有者视为彼此了解有限的独立角色是很有用的。这种责任分离在下面这些场景下是有意义的: @@ -573,7 +577,7 @@ you may not need to use Pod Disruption Budgets. If you are a Cluster Administrator, and you need to perform a disruptive action on all the nodes in your cluster, such as a node or system software upgrade, here are some options: --> -## 如何在集群上执行干扰性操作 +## 如何在集群上执行干扰性操作 {#how-to-perform-disruptive-actions-on-your-cluster} 如果你是集群管理员,并且需要对集群中的所有节点执行干扰操作,例如节点或系统软件升级,则可以使用以下选项 diff --git a/content/zh-cn/docs/concepts/workloads/pods/downward-api.md b/content/zh-cn/docs/concepts/workloads/pods/downward-api.md index 825b67caa06..42ed777570c 100644 --- a/content/zh-cn/docs/concepts/workloads/pods/downward-api.md +++ b/content/zh-cn/docs/concepts/workloads/pods/downward-api.md @@ -218,19 +218,17 @@ for resources such as CPU and memory. `resource: limits.hugepages-*` -: 容器的巨页限制值(前提是启用了 `DownwardAPIHugePages` -[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)) +: 容器的巨页限制值 `resource: requests.hugepages-*` -: 容器的巨页请求值(前提是启用了 `DownwardAPIHugePages` -[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)) +: 容器的巨页请求值 取值 | 描述 :-----|:----------- @@ -176,6 +177,18 @@ Pod 被赋予一个可以体面终止的期限,默认为 30 秒。 你可以使用 `--force` 参数来[强制终止 Pod](/zh-cn/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination-forced)。 {{< /note >}} + +从 Kubernetes 1.27 开始,除了[静态 Pod](/zh-cn/docs/tasks/configure-pod-container/static-pod/) +和没有 Finalizer 的[强制终止 Pod](/zh-cn/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination-forced) +之外,`kubelet` 会将已删除的 Pod 转换到终止阶段 +(`Failed` 或 `Succeeded` 具体取决于 Pod 容器的退出状态),然后再从 API 服务器中删除。 + -3. 在 `kubelet` 启动体面关闭逻辑的同时,控制面会将关闭的 Pod 从对应的 - EndpointSlice(和 Endpoints)对象中移除,过滤条件是 Pod +3. 在 `kubelet` 启动 Pod 的体面关闭逻辑的同时,控制平面会评估是否将关闭的 + Pod 从对应的 EndpointSlice(和端点)对象中移除,过滤条件是 Pod 被对应的{{< glossary_tooltip term_id="service" text="服务" >}}以某 {{< glossary_tooltip text="选择算符" term_id="selector" >}}选定。 {{< glossary_tooltip text="ReplicaSet" term_id="replica-set" >}} 和其他工作负载资源不再将关闭进程中的 Pod 视为合法的、能够提供服务的副本。 - 关闭动作很慢的 Pod 也无法继续处理请求数据, - 因为负载均衡器(例如服务代理)已经在终止宽限期开始的时候将其从端点列表中移除。 + 关闭动作很慢的 Pod 不应继续处理常规服务请求,而应开始终止并完成对打开的连接的处理。 + 一些应用程序不仅需要完成对打开的连接的处理,还需要更进一步的体面终止逻辑 - + 比如:排空和完成会话。任何正在终止的 Pod 所对应的端点都不会立即从 EndpointSlice + 中被删除,EndpointSlice API(以及传统的 Endpoints API)会公开一个状态来指示其处于 + [终止状态](/zh-cn/docs/concepts/services-networking/endpoint-slices/#conditions)。 + 正在终止的端点始终将其 `ready` 状态设置为 `false`(为了向后兼容 1.26 之前的版本), + 因此负载均衡器不会将其用于常规流量。 + 如果需要排空正被终止的 Pod 上的流量,可以将 `serving` 状况作为实际的就绪状态。 + 你可以在教程 + [探索 Pod 及其端点的终止行为](/zh-cn/docs/tutorials/services/pods-and-endpoint-termination-flow/) + 中找到有关如何实现连接排空的更多详细信息。 + {{}} + + + + +本页介绍 Kubernetes 中的 **服务质量(Quality of Service,QoS)** 类, +阐述 Kubernetes 如何根据为 Pod 中的容器指定的资源约束为每个 Pod 设置 QoS 类。 +Kubernetes 依赖这种分类来决定当 Node 上没有足够可用资源时要驱逐哪些 Pod。 + + + + +## QoS 类 {#qos-class} + + +Kubernetes 对你运行的 Pod 进行分类,并将每个 Pod 分配到特定的 **QoS 类**中。 +Kubernetes 使用这种分类来影响不同 Pod 被处理的方式。Kubernetes 基于 Pod +中{{< glossary_tooltip text="容器" term_id="container" >}}的[资源请求](/zh-cn/docs/concepts/configuration/manage-resources-containers/)进行分类, +同时确定这些请求如何与资源限制相关。 +这称为{{< glossary_tooltip text="服务质量" term_id="qos-class" >}} (QoS) 类。 +Kubernetes 基于每个 Pod 中容器的资源请求和限制为 Pod 设置 QoS 类。Kubernetes 使用 QoS +类来决定从遇到[节点压力](/zh-cn/docs/concepts/scheduling-eviction/node-pressure-eviction/)的 +Node 中驱逐哪些 Pod。可选的 QoS 类有 `Guaranteed`、`Burstable` 和 `BestEffort`。 +当一个 Node 耗尽资源时,Kubernetes 将首先驱逐在该 Node 上运行的 `BestEffort` Pod, +然后是 `Burstable` Pod,最后是 `Guaranteed` Pod。当这种驱逐是由于资源压力时, +只有超出资源请求的 Pod 才是被驱逐的候选对象。 + +### Guaranteed + + +`Guaranteed` Pod 具有最严格的资源限制,并且最不可能面临驱逐。 +在这些 Pod 超过其自身的限制或者没有可以从 Node 抢占的低优先级 Pod 之前, +这些 Pod 保证不会被杀死。这些 Pod 不可以获得超出其指定 limit 的资源。这些 Pod 也可以使用 +[`static`](/zh-cn/docs/tasks/administer-cluster/cpu-management-policies/#static-policy) +CPU 管理策略来使用独占的 CPU。 + + +#### 判据 {#criteria} + +Pod 被赋予 `Guaranteed` QoS 类的几个判据: + + +* Pod 中的每个容器必须有内存 limit 和内存 request。 +* 对于 Pod 中的每个容器,内存 limit 必须等于内存 request。 +* Pod 中的每个容器必须有 CPU limit 和 CPU request。 +* 对于 Pod 中的每个容器,CPU limit 必须等于 CPU request。 + +### Burstable + + +`Burstable` Pod 有一些基于 request 的资源下限保证,但不需要特定的 limit。 +如果未指定 limit,则默认为其 limit 等于 Node 容量,这允许 Pod 在资源可用时灵活地增加其资源。 +在由于 Node 资源压力导致 Pod 被驱逐的情况下,只有在所有 `BestEffort` Pod 被驱逐后 +这些 Pod 才会被驱逐。因为 `Burstable` Pod 可以包括没有资源 limit 或资源 request 的容器, +所以 `Burstable` Pod 可以尝试使用任意数量的节点资源。 + + +#### 判据 {#criteria-1} + +Pod 被赋予 `Burstable` QoS 类的几个判据: + +* Pod 不满足针对 QoS 类 `Guaranteed` 的判据。 +* Pod 中至少一个容器有内存或 CPU 的 request 或 limit。 + +### BestEffort + + +`BestEffort` QoS 类中的 Pod 可以使用未专门分配给其他 QoS 类中的 Pod 的节点资源。 +例如若你有一个节点有 16 核 CPU 可供 kubelet 使用,并且你将 4 核 CPU 分配给一个 `Guaranteed` Pod, +那么 `BestEffort` QoS 类中的 Pod 可以尝试任意使用剩余的 12 核 CPU。 + +如果节点遇到资源压力,kubelet 将优先驱逐 `BestEffort` Pod。 + + +#### 判据 {#criteria-2} + +如果 Pod 不满足 `Guaranteed` 或 `Burstable` 的判据,则它的 QoS 类为 `BestEffort`。 +换言之,只有当 Pod 中的所有容器没有内存 limit 或内存 request,也没有 CPU limit 或 +CPU request 时,Pod 才是 `BestEffort`。Pod 中的容器可以请求(除 CPU 或内存之外的) +其他资源并且仍然被归类为 `BestEffort`。 + + +## 使用 cgroup v2 的内存 QoS {#memory-qos-with-cgroup-v2} + +{{< feature-state for_k8s_version="v1.22" state="alpha" >}} + + +内存 QoS 使用 cgroup v2 的内存控制器来保证 Kubernetes 中的内存资源。 +Pod 中容器的内存请求和限制用于设置由内存控制器所提供的特定接口 `memory.min` 和 `memory.high`。 +当 `memory.min` 被设置为内存请求时,内存资源被保留并且永远不会被内核回收; +这就是内存 QoS 确保 Kubernetes Pod 的内存可用性的方式。而如果容器中设置了内存限制, +这意味着系统需要限制容器内存的使用;内存 QoS 使用 `memory.high` 来限制接近其内存限制的工作负载, +确保系统不会因瞬时内存分配而不堪重负。 + + +内存 QoS 依赖于 QoS 类来确定应用哪些设置;它们的机制不同,但都提供对服务质量的控制。 + + +## 某些行为独立于 QoS 类 {#class-independent-behavior} + +某些行为独立于 Kubernetes 分配的 QoS 类。例如: + + +* 所有超过资源 limit 的容器都将被 kubelet 杀死并重启,而不会影响该 Pod 中的其他容器。 +* 如果一个容器超出了自身的资源 request,且该容器运行的节点面临资源压力,则该容器所在的 Pod + 就会成为被[驱逐](/zh-cn/docs/concepts/scheduling-eviction/node-pressure-eviction/)的候选对象。 + 如果出现这种情况,Pod 中的所有容器都将被终止。Kubernetes 通常会在不同的节点上创建一个替代的 Pod。 + +* Pod 的资源 request 等于其成员容器的资源 request 之和,Pod 的资源 limit 等于其成员容器的资源 limit 之和。 +* kube-scheduler 在选择要[抢占](/zh-cn/docs/concepts/scheduling-eviction/pod-priority-preemption/#preemption)的 + Pod 时不考虑 QoS 类。当集群没有足够的资源来运行你所定义的所有 Pod 时,就会发生抢占。 + +## {{% heading "whatsnext" %}} + + +* 进一步了解[为 Pod 和容器管理资源](/zh-cn/docs/concepts/configuration/manage-resources-containers/)。 +* 进一步了解[节点压力驱逐](/zh-cn/docs/concepts/scheduling-eviction/node-pressure-eviction/)。 +* 进一步了解 [Pod 优先级和抢占](/zh-cn/docs/concepts/scheduling-eviction/pod-priority-preemption/)。 +* 进一步了解 [Pod 干扰](/zh-cn/docs/concepts/workloads/pods/disruptions/)。 +* 进一步了解如何[为容器和 Pod 分配内存资源](/zh-cn/docs/tasks/configure-pod-container/assign-memory-resource/)。 +* 进一步了解如何[为容器和 Pod 分配 CPU 资源](/zh-cn/docs/tasks/configure-pod-container/assign-cpu-resource/)。 +* 进一步了解如何[配置 Pod 的服务质量](/zh-cn/docs/tasks/configure-pod-container/quality-service-pod/)。 diff --git a/content/zh-cn/docs/concepts/workloads/pods/user-namespaces.md b/content/zh-cn/docs/concepts/workloads/pods/user-namespaces.md index f201a088748..f3f5738ced5 100644 --- a/content/zh-cn/docs/concepts/workloads/pods/user-namespaces.md +++ b/content/zh-cn/docs/concepts/workloads/pods/user-namespaces.md @@ -50,34 +50,63 @@ mitigate some future vulnerabilities too. {{% thirdparty-content %}} + +这是一个只对 Linux 有效的功能特性,且需要 Linux 支持在所用文件系统上挂载 idmap。 +这意味着: + +* 在节点上,你用于 `/var/lib/kubelet/pods/` 的文件系统,或你为此配置的自定义目录, + 需要支持 idmap 挂载。 +* Pod 卷中使用的所有文件系统都必须支持 idmap 挂载。 + +在实践中,这意味着你最低需要 Linux 6.3,因为 tmpfs 在该版本中开始支持 idmap 挂载。 +这通常是需要的,因为有几个 Kubernetes 功能特性使用 tmpfs +(默认情况下挂载的服务账号令牌使用 tmpfs、Secret 使用 tmpfs 等等)。 + +Linux 6.3 中支持 idmap 挂载的一些比较流行的文件系统是:btrfs、ext4、xfs、fat、 +tmpfs、overlayfs。 + -这是一个只对 Linux 有效的功能特性。此外,需要在{{< glossary_tooltip text="容器运行时" term_id="container-runtime" >}}提供支持, +此外,需要在{{< glossary_tooltip text="容器运行时" term_id="container-runtime" >}}提供支持, 才能在 Kubernetes 无状态 Pod 中使用这一功能: * CRI-O:1.25(及更高)版本支持配置容器的用户命名空间。 -* containerd:1.7 版本支持配置容器的用户命名空间,兼容 Kubernetes v1.25 和 v1.26,但不兼容更高版本。 - 如果你运行的是不同版本的 Kubernetes,请查看该 Kubernetes 版本的文档。 + +请注意,containerd v1.7 支持配置容器的用户命名空间,与 Kubernetes {{< skew currentVersion >}} +兼容。它不应与 Kubernetes 1.27(及更高)版本一起使用。 目前 [cri-dockerd 没有计划][CRI-dockerd-issue]支持此功能。 [CRI-dockerd-issue]: https://github.com/Mirantis/cri-dockerd/issues/74 -[containerd-userns-issue]: https://github.com/containerd/containerd/issues/7063 -为了保证 Pod 可以读取这些卷中的文件,卷的创建操作就像你为 Pod 指定了 `.spec.securityContext.fsGroup` 为 `0` 一样。 -如果该属性被设定为不同值,那么这个不同值当然也会被使用。 - -作为一个副产品,这些卷的文件夹和文件将具有所给组的权限, -即使 `defaultMode` 或 volumes 的特定项目的 `mode` 被指定为没有组的权限。 -例如,不可以在挂载这些卷时使其文件只允许所有者访问。 +* 查阅[为 Pod 配置用户命名空间](/zh-cn/docs/tasks/configure-pod-container/user-namespaces/) diff --git a/content/zh-cn/docs/reference/_index.md b/content/zh-cn/docs/reference/_index.md index d2674056720..7a788e469ae 100644 --- a/content/zh-cn/docs/reference/_index.md +++ b/content/zh-cn/docs/reference/_index.md @@ -85,7 +85,7 @@ client libraries: * [kubectl](/zh-cn/docs/reference/kubectl/) —— 主要的 CLI 工具,用于运行命令和管理 Kubernetes 集群。 * [JSONPath](/zh-cn/docs/reference/kubectl/jsonpath/) —— 通过 kubectl 使用 [JSONPath 表达式](https://goessner.net/articles/JsonPath/)的语法指南。 -* [kubeadm](/zh-cn/docs/reference/setup-tools/kubeadm/) - 此 CLI 工具可轻松配置安全的 Kubernetes 集群。 +* [kubeadm](/zh-cn/docs/reference/setup-tools/kubeadm/) —— 此 CLI 工具可轻松配置安全的 Kubernetes 集群。 ## kubeadm 的配置 API {#config-api-for-kubeadm} -* [v1beta2](/zh-cn/docs/reference/config-api/kubeadm-config.v1beta2/) * [v1beta3](/zh-cn/docs/reference/config-api/kubeadm-config.v1beta3/) + @@ -29,16 +36,16 @@ This page describes how to build, configure, use, and monitor admission webhooks 准入 Webhook 是一种用于接收准入请求并对其进行处理的 HTTP 回调机制。 可以定义两种类型的准入 webhook,即 [验证性质的准入 Webhook](/zh-cn/docs/reference/access-authn-authz/admission-controllers/#validatingadmissionwebhook) 和 [修改性质的准入 Webhook](/zh-cn/docs/reference/access-authn-authz/admission-controllers/#mutatingadmissionwebhook)。 -修改性质的准入 Webhook 会先被调用。它们可以更改发送到 API +修改性质的准入 Webhook 会先被调用。它们可以更改发送到 API 服务器的对象以执行自定义的设置默认值操作。 -{{< note >}} 如果准入 Webhook 需要保证它们所看到的是对象的最终状态以实施某种策略。 则应使用验证性质的准入 Webhook,因为对象被修改性质 Webhook 看到之后仍然可能被修改。 {{< /note >}} -### 尝试准入 Webhook {#experimenting-with-admission-webhooks} +## 尝试准入 Webhook {#experimenting-with-admission-webhooks} 准入 Webhook 本质上是集群控制平面的一部分。你应该非常谨慎地编写和部署它们。 如果你打算编写或者部署生产级准入 webhook,请阅读[用户指南](/zh-cn/docs/reference/access-authn-authz/extensible-admission-controllers/#write-an-admission-webhook-server)以获取相关说明。 @@ -101,19 +109,19 @@ that is validated in a Kubernetes e2e test. The webhook handles the as an `AdmissionReview` object in the same version it received. --> 请参阅 Kubernetes e2e 测试中的 -[admission webhook 服务器](https://github.com/kubernetes/kubernetes/blob/release-1.21/test/images/agnhost/webhook/main.go) +[Admission Webhook 服务器](https://github.com/kubernetes/kubernetes/blob/release-1.21/test/images/agnhost/webhook/main.go) 的实现。webhook 处理由 API 服务器发送的 `AdmissionReview` 请求,并且将其决定 作为 `AdmissionReview` 对象以相同版本发送回去。 -有关发送到 webhook 的数据的详细信息,请参阅 [webhook 请求](#request)。 +有关发送到 Webhook 的数据的详细信息,请参阅 [Webhook 请求](#request)。 -要获取来自 webhook 的预期数据,请参阅 [webhook 响应](#response)。 +要获取来自 Webhook 的预期数据,请参阅 [Webhook 响应](#response)。 示例准入 Webhook 服务器置 `ClientAuth` 字段为 [空](https://github.com/kubernetes/kubernetes/blob/v1.22.0/test/images/agnhost/webhook/config.go#L38-L39), -默认为 `NoClientCert` 。这意味着 webhook 服务器不会验证客户端的身份,认为其是 apiservers。 +默认为 `NoClientCert` 。这意味着 Webhook 服务器不会验证客户端的身份,认为其是 apiservers。 如果你需要双向 TLS 或其他方式来验证客户端,请参阅 如何[对 apiservers 进行身份认证](#authenticate-apiservers)。 @@ -141,18 +149,18 @@ The test also creates a [service](/docs/reference/generated/kubernetes-api/{{< p as the front-end of the webhook server. See [code](https://github.com/kubernetes/kubernetes/blob/v1.22.0/test/e2e/apimachinery/webhook.go#L748). --> -e2e 测试中的 webhook 服务器通过 +e2e 测试中的 Webhook 服务器通过 [deployment API](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#deployment-v1-apps) 部署在 Kubernetes 集群中。该测试还将创建一个 [service](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#service-v1-core) -作为 webhook 服务器的前端。参见 +作为 Webhook 服务器的前端。参见 [相关代码](https://github.com/kubernetes/kubernetes/blob/v1.22.0/test/e2e/apimachinery/webhook.go#L748)。 -你也可以在集群外部署 webhook。这样做需要相应地更新你的 webhook 配置。 +你也可以在集群外部署 Webhook。这样做需要相应地更新你的 Webhook 配置。 -你可以通过 +你可以通过 [ValidatingWebhookConfiguration](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#validatingwebhookconfiguration-v1-admissionregistration-k8s-io) -或者 +或者 [MutatingWebhookConfiguration](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#mutatingwebhookconfiguration-v1-admissionregistration-k8s-io) 动态配置哪些资源要被哪些准入 Webhook 处理。 + -以下是一个 `ValidatingWebhookConfiguration` 示例,mutating webhook 配置与此类似。有关每个配置字段的详细信息,请参阅 [webhook 配置](#webhook-configuration) 部分。 +以下是一个 `ValidatingWebhookConfiguration` 示例,Mutating Webhook 配置与此类似。有关每个配置字段的详细信息,请参阅 [Webhook 配置](#webhook-configuration) 部分。 ```yaml apiVersion: admissionregistration.k8s.io/v1 @@ -184,11 +193,11 @@ metadata: webhooks: - name: "pod-policy.example.com" rules: - - apiGroups: [""] + - apiGroups: [""] apiVersions: ["v1"] - operations: ["CREATE"] - resources: ["pods"] - scope: "Namespaced" + operations: ["CREATE"] + resources: ["pods"] + scope: "Namespaced" clientConfig: service: namespace: "example-namespace" @@ -198,6 +207,7 @@ webhooks: sideEffects: None timeoutSeconds: 5 ``` + {{< note >}} `scope` 字段指定是仅集群范围的资源(Cluster)还是名字空间范围的资源资源(Namespaced)将与此规则匹配。 `*` 表示没有范围限制。 +{{< note >}} -{{< note >}} 当使用 `clientConfig.service` 时,服务器证书必须对 `..svc` 有效。 {{< /note >}} +{{< note >}} -{{< note >}} -Webhook 调用的默认超时是 10 秒,你可以设置 `timeout` 并建议对 webhook 设置较短的超时时间。 -如果 webhook 调用超时,则根据 webhook 的失败策略处理请求。 +Webhook 调用的默认超时是 10 秒,你可以设置 `timeout` 并建议对 Webhook 设置较短的超时时间。 +如果 Webhook 调用超时,则根据 Webhook 的失败策略处理请求。 {{< /note >}} 当一个 API 服务器收到与 `rules` 相匹配的请求时, -该 API 服务器将按照 `clientConfig` 中指定的方式向 webhook 发送一个 `admissionReview` 请求。 +该 API 服务器将按照 `clientConfig` 中指定的方式向 Webhook 发送一个 `admissionReview` 请求。 创建 Webhook 配置后,系统将花费几秒钟使新配置生效。 ### 对 API 服务器进行身份认证 {#authenticate-apiservers} @@ -322,71 +332,74 @@ For more information about `AdmissionConfiguration`, see the [AdmissionConfiguration (v1) reference](/docs/reference/config-api/apiserver-webhookadmission.v1/). See the [webhook configuration](#webhook-configuration) section for details about each config field. -* In the kubeConfig file, provide the credentials: +In the kubeConfig file, provide the credentials: --> 有关 `AdmissionConfiguration` 的更多信息,请参见 [AdmissionConfiguration (v1) reference](/docs/reference/config-api/apiserver-webhookadmission.v1/)。 -有关每个配置字段的详细信息,请参见 [webhook 配置](#webhook-配置)部分。 +有关每个配置字段的详细信息,请参见 [Webhook 配置](#webhook-配置)部分。 -* 在 kubeConfig 文件中,提供证书凭据: +在 kubeConfig 文件中,提供证书凭据: + +```yaml +apiVersion: v1 +kind: Config +users: +# 名称应设置为服务的 DNS 名称或配置了 Webhook 的 URL 的主机名(包括端口)。 +# 如果将非 443 端口用于服务,则在配置 1.16+ API 服务器时,该端口必须包含在名称中。 +# +# 对于配置在默认端口(443)上与服务对话的 Webhook,请指定服务的 DNS 名称: +# - name: webhook1.ns1.svc +# user: ... +# +# 对于配置在非默认端口(例如 8443)上与服务对话的 Webhook,请在 1.16+ 中指定服务的 DNS 名称和端口: +# - name: webhook1.ns1.svc:8443 +# user: ... +# 并可以选择仅使用服务的 DNS 名称来创建第二节,以与 1.15 API 服务器版本兼容: +# - name: webhook1.ns1.svc +# user: ... +# +# 对于配置为使用 URL 的 webhook,请匹配在 webhook 的 URL 中指定的主机(和端口)。 +# 带有 `url: https://www.example.com` 的 webhook: +# - name: www.example.com +# user: ... +# +# 带有 `url: https://www.example.com:443` 的 webhook: +# - name: www.example.com:443 +# user: ... +# +# 带有 `url: https://www.example.com:8443` 的 webhook: +# - name: www.example.com:8443 +# user: ... +# +- name: 'webhook1.ns1.svc' + user: + client-certificate-data: "" + client-key-data: "" +# `name` 支持使用 * 通配符匹配前缀段。 +- name: '*.webhook-company.org' + user: + password: "" + username: "" +# '*' 是默认匹配项。 +- name: '*' + user: + token: "" +``` - ```yaml - apiVersion: v1 - kind: Config - users: - # 名称应设置为服务的 DNS 名称或配置了 Webhook 的 URL 的主机名(包括端口)。 - # 如果将非 443 端口用于服务,则在配置 1.16+ API 服务器时,该端口必须包含在名称中。 - # - # 对于配置在默认端口(443)上与服务对话的 Webhook,请指定服务的 DNS 名称: - # - name: webhook1.ns1.svc - # user: ... - # - # 对于配置在非默认端口(例如 8443)上与服务对话的 Webhook,请在 1.16+ 中指定服务的 DNS 名称和端口: - # - name: webhook1.ns1.svc:8443 - # user: ... - # 并可以选择仅使用服务的 DNS 名称来创建第二节,以与 1.15 API 服务器版本兼容: - # - name: webhook1.ns1.svc - # user: ... - # - # 对于配置为使用 URL 的 webhook,请匹配在 webhook 的 URL 中指定的主机(和端口)。 - # 带有 `url: https://www.example.com` 的 webhook: - # - name: www.example.com - # user: ... - # - # 带有 `url: https://www.example.com:443` 的 webhook: - # - name: www.example.com:443 - # user: ... - # - # 带有 `url: https://www.example.com:8443` 的 webhook: - # - name: www.example.com:8443 - # user: ... - # - - name: 'webhook1.ns1.svc' - user: - client-certificate-data: "" - client-key-data: "" - # `name` 支持使用 * 通配符匹配前缀段。 - - name: '*.webhook-company.org' - user: - password: "" - username: "" - # '*' 是默认匹配项。 - - name: '*' - user: - token: "" - ``` 当然,你需要设置 Webhook 服务器来处理这些身份验证请求。 - + ## Webhook 请求与响应 {#webhook-request-and-response} -创建 webhook 配置时,`admissionReviewVersions` 是必填字段。 +创建 Webhook 配置时,`admissionReviewVersions` 是必填字段。 Webhook 必须支持至少一个当前和以前的 API 服务器都可以解析的 `AdmissionReview` 版本。 当拒绝请求时,Webhook 可以使用 `status` 字段自定义 http 响应码和返回给用户的消息。 @@ -624,7 +639,8 @@ For `patchType: JSONPatch`, the `patch` field contains a base64-encoded array of 对于 `patchType: JSONPatch`,`patch` 字段包含一个以 base64 编码的 JSON patch 操作数组。 @@ -652,18 +668,19 @@ So a webhook response to add that label would be: } ``` - 准入 Webhook 可以选择性地返回在 HTTP `Warning` 头中返回给请求客户端的警告消息,警告代码为 299。 警告可以与允许或拒绝的准入响应一起发送。 - 如果你正在实现返回一条警告的 webhook,则: @@ -674,7 +691,7 @@ If you're implementing a webhook that returns a warning: {{< caution >}} 超过 256 个字符的单条警告消息在返回给客户之前可能会被 API 服务器截断。 如果超过 4096 个字符的警告消息(来自所有来源),则额外的警告消息会被忽略。 @@ -731,37 +748,44 @@ Webhook,则应为每个 Webhook 赋予一个唯一的名称。 Each webhook must specify a list of rules used to determine if a request to the API server should be sent to the webhook. Each rule specifies one or more operations, apiGroups, apiVersions, and resources, and a resource scope: --> -每个 webhook 必须指定用于确定是否应将对 apiserver 的请求发送到 webhook 的规则列表。 +每个 Webhook 必须指定用于确定是否应将对 apiserver 的请求发送到 webhook 的规则列表。 每个规则都指定一个或多个 operations、apiGroups、apiVersions 和 resources 以及资源的 scope: * `operations` 列出一个或多个要匹配的操作。 可以是 `CREATE`、`UPDATE`、`DELETE`、`CONNECT` 或 `*` 以匹配所有内容。 * `apiGroups` 列出了一个或多个要匹配的 API 组。`""` 是核心 API 组。`"*"` 匹配所有 API 组。 * `apiVersions` 列出了一个或多个要匹配的 API 版本。`"*"` 匹配所有 API 版本。 * `resources` 列出了一个或多个要匹配的资源。 - * `"*"` 匹配所有资源,但不包括子资源。 - * `"*/*"` 匹配所有资源,包括子资源。 - * `"pods/*"` 匹配 pod 的所有子资源。 - * `"*/status"` 匹配所有 status 子资源。 + + * `"*"` 匹配所有资源,但不包括子资源。 + * `"*/*"` 匹配所有资源,包括子资源。 + * `"pods/*"` 匹配 pod 的所有子资源。 + * `"*/status"` 匹配所有 status 子资源。 * `scope` 指定要匹配的范围。有效值为 `"Cluster"`、`"Namespaced"` 和 `"*"`。 子资源匹配其父资源的范围。默认值为 `"*"`。 - * `"Cluster"` 表示只有集群作用域的资源才能匹配此规则(API 对象 Namespace 是集群作用域的)。 - * `"Namespaced"` 意味着仅具有名字空间的资源才符合此规则。 - * `"*"` 表示没有作用域限制。 + + * `"Cluster"` 表示只有集群作用域的资源才能匹配此规则(API 对象 Namespace 是集群作用域的)。 + * `"Namespaced"` 意味着仅具有名字空间的资源才符合此规则。 + * `"*"` 表示没有作用域限制。 -仅当选择使用 webhook 时才使用对象选择器,因为最终用户可以通过设置标签来 +仅当选择使用 Webhook 时才使用对象选择器,因为最终用户可以通过设置标签来 跳过准入 Webhook。 此示例显示了一个验证性质的 Webhook,它将匹配到对某名字空间中的任何具名字空间的资源的 `CREATE` 请求,前提是该名字空间具有值为 "prod" 或 "staging" 的 "environment" 标签: @@ -951,7 +976,7 @@ webhooks: matchExpressions: - key: environment operator: In - values: ["prod","staging"] + values: ["prod", "staging"] rules: - operations: ["CREATE"] apiGroups: ["*"] @@ -983,7 +1008,7 @@ For example, if a webhook only specified a rule for some API groups/versions and a request was made to modify the resource via another API group/version (like `extensions/v1beta1`), the request would not be sent to the webhook. --> -例如,如果一个 webhook 仅为某些 API 组/版本指定了规则(例如 +例如,如果一个 Webhook 仅为某些 API 组/版本指定了规则(例如 `apiGroups:["apps"], apiVersions:["v1","v1beta1"]`),而修改资源的请求是通过另一个 API 组/版本(例如 `extensions/v1beta1`)发出的,该请求将不会被发送到 Webhook。 @@ -991,25 +1016,28 @@ API 组/版本(例如 `extensions/v1beta1`)发出的,该请求将不会被 The `matchPolicy` lets a webhook define how its `rules` are used to match incoming requests. Allowed values are `Exact` or `Equivalent`. --> -`matchPolicy` 允许 webhook 定义如何使用其 `rules` 匹配传入的请求。 +`matchPolicy` 允许 Webhook 定义如何使用其 `rules` 匹配传入的请求。 允许的值为 `Exact` 或 `Equivalent`。 * `Exact` 表示仅当请求与指定规则完全匹配时才应拦截该请求。 * `Equivalent` 表示如果某个请求意在修改 `rules` 中列出的资源, 即使该请求是通过其他 API 组或版本发起,也应拦截该请求。 -在上面给出的示例中,仅为 `apps/v1` 注册的 webhook 可以使用 `matchPolicy`: +在上面给出的示例中,仅为 `apps/v1` 注册的 Webhook 可以使用 `matchPolicy`: * `matchPolicy: Exact` 表示不会将 `extensions/v1beta1` 请求发送到 Webhook -* `matchPolicy:Equivalent` 表示将 `extensions/v1beta1` 请求发送到 webhook - (将对象转换为 webhook 指定的版本:`apps/v1`) +* `matchPolicy:Equivalent` 表示将 `extensions/v1beta1` 请求发送到 Webhook + (将对象转换为 Webhook 指定的版本:`apps/v1`) 准入 Webhook 所用的 `matchPolicy` 默认为 `Equivalent`。 + +### 匹配请求:`matchConditions` {#matching-requests-matchConditions} + +{{< feature-state state="alpha" for_k8s_version="v1.27" >}} + +{{< note >}} + +使用 `matchConditions` 需要先在 kube-apiserver +上明确启用[功能门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/) +`AdmissionWebhookMatchConditions`,然后才能使用此功能。 +{{< /note >}} + + +如果你需要细粒度地过滤请求,你可以为 Webhook 定义**匹配条件**。 +如果你发现匹配规则、`objectSelectors` 和 `namespaceSelectors` 仍然不能提供你想要的何时进行 HTTP +调用的过滤条件,那么添加这些条件会很有用。 +匹配条件是 [CEL 表达式](/docs/reference/using-api/cel/)。 +所有匹配条件都必须为 true 才能调用 Webhook。 + + +以下是一个例子,说明了匹配条件的几种不同用法: + +```yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +webhooks: + - name: my-webhook.example.com + matchPolicy: Equivalent + rules: + - operations: ['CREATE','UPDATE'] + apiGroups: ['*'] + apiVersions: ['*'] + resources: ['*'] + failurePolicy: 'Ignore' # 失败时继续处理请求但跳过 Webhook (可选值) + sideEffects: None + clientConfig: + service: + namespace: my-namespace + name: my-webhook + caBundle: '' + matchConditions: + - name: 'exclude-leases' # 每个匹配条件必须有唯一的名称 + expression: '!(request.resource.group == "coordination.k8s.io" && request.resource.resource == "leases")' # 匹配非租约资源 + - name: 'exclude-kubelet-requests' + expression: '!("system:nodes" in request.userInfo.groups)' # 匹配非节点用户发出的请求 + - name: 'rbac' # 跳过 RBAC 请求,该请求将由第二个 Webhook 处理 + expression: 'request.resource.group != "rbac.authorization.k8s.io"' + + # 这个示例演示了如何使用 “authorizer”。 + # 授权检查比简单的表达式更复杂,因此在这个示例中,使用第二个 Webhook 来针对 RBAC 请求进行处理。 + # 两个 Webhook 都可以由同一个端点提供服务。 + - name: rbac.my-webhook.example.com + matchPolicy: Equivalent + rules: + - operations: ['CREATE','UPDATE'] + apiGroups: ['rbac.authorization.k8s.io'] + apiVersions: ['*'] + resources: ['*'] + failurePolicy: 'Fail' # 失败时拒绝请求 (默认值) + sideEffects: None + clientConfig: + service: + namespace: my-namespace + name: my-webhook + caBundle: '' + matchConditions: + - name: 'breakglass' + # 跳过由授权给 “breakglass” 的用户在这个 Webhook 上发起的请求。 + # “breakglass” API 不需要在这个检查之外存在。 + expression: '!authorizer.group("admissionregistration.k8s.io").resource("validatingwebhookconfigurations").name("my-webhook.example.com").check("breakglass").allowed()' +``` + + +匹配条件可以访问以下 CEL 变量: + + +- `object` - 来自传入请求的对象。对于 DELETE 请求,该值为 null。 + 该对象版本可能根据 [matchPolicy](#matching-requests-matchpolicy) 进行转换。 + +- `oldObject` - 现有对象。对于 CREATE 请求,该值为 null。 + +- `request` - [AdmissionReview](#request) 的请求部分,不包括 object 和 oldObject。 + +- `authorizer` - 一个 CEL 鉴权组件。可用于对请求的主体(经过身份认证的用户)执行鉴权检查。 + 更多详细信息,请参阅 Kubernetes CEL 库文档中的 + [Authz](https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz)。 + +- `authorizer.requestResource` - 对配置的请求资源(组、资源、(子资源)、名字空间、名称)进行授权检查的快捷方式。 + + +了解有关 CEL 表达式的更多信息,请参阅 +[Kubernetes 参考文档中的通用表达式语言](/zh-cn/docs/reference/using-api/cel/)。 + + +如果在对匹配条件求值时出现错误,则不会调用 Webhook。根据以下方式确定是否拒绝请求: + + +1. 如果**任何一个**匹配条件求值结果为 `false`(不管其他错误),API 服务器将跳过 Webhook。 + +1. 否则: + - 对于 [`failurePolicy: Fail`](#failure-policy),拒绝请求(不调用 Webhook)。 + - 对于 [`failurePolicy: Ignore`](#failure-policy),继续处理请求但跳过 Webhook。 + @@ -1072,8 +1246,8 @@ stanza of the webhook configuration. Webhooks can either be called via a URL or a service reference, and can optionally include a custom CA bundle to use to verify the TLS connection. --> -API 服务器确定请求应发送到 webhook 后,它需要知道如何调用 webhook。 -此信息在 webhook 配置的 `clientConfig` 节中指定。 +API 服务器确定请求应发送到 Webhook 后,它需要知道如何调用 webhook。 +此信息在 Webhook 配置的 `clientConfig` 节中指定。 Webhook 可以通过 URL 或服务引用来调用,并且可以选择包含自定义 CA 包,以用于验证 TLS 连接。 @@ -1086,7 +1260,7 @@ Webhook 可以通过 URL 或服务引用来调用,并且可以选择包含自 `url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). --> -`url` 以标准 URL 形式给出 webhook 的位置(`scheme://host:port/path`)。 +`url` 以标准 URL 形式给出 Webhook 的位置(`scheme://host:port/path`)。 请注意,将 `localhost` 或 `127.0.0.1` 用作 `host` 是有风险的, -除非你非常小心地在所有运行 apiserver 的、可能需要对此 webhook +除非你非常小心地在所有运行 apiserver 的、可能需要对此 Webhook 进行调用的主机上运行。这样的安装方式可能不具有可移植性,即很难在新集群中启用。 使用用户或基本身份验证(例如:"user:password@")是不允许的。 使用片段("#...")和查询参数("?...")也是不允许的。 @@ -1176,14 +1350,16 @@ webhooks: path: /my-path port: 1234 ``` + {{< note >}} 你必须在以上示例中将 `` 替换为一个有效的 VA 证书包, 这是一个用 PEM 编码的 CA 证书包,用于校验 Webhook 的服务器证书。 {{< /note >}} + @@ -1197,7 +1373,7 @@ Webhook 通常仅对发送给他们的 `AdmissionReview` 内容进行操作。 但是,某些 Webhook 在处理 admission 请求时会进行带外更改。 -Webhook 使用 webhook 配置中的 `sideEffects` 字段显示它们是否有副作用: +Webhook 使用 Webhook 配置中的 `sideEffects` 字段显示它们是否有副作用: -* `None`:调用 webhook 没有副作用。 -* `NoneOnDryRun`:调用 webhook 可能会有副作用,但是如果将带有 `dryRun: true` - 属性的请求发送到 webhook,则 webhook 将抑制副作用(该 webhook 可识别 `dryRun`)。 +* `None`:调用 Webhook 没有副作用。 +* `NoneOnDryRun`:调用 Webhook 可能会有副作用,但是如果将带有 `dryRun: true` + 属性的请求发送到 webhook,则 Webhook 将抑制副作用(该 Webhook 可识别 `dryRun`)。 -这是一个 validating webhook 的示例,表明它对 `dryRun: true` 请求没有副作用: +这是一个 validating Webhook 的示例,表明它对 `dryRun: true` 请求没有副作用: ```yaml apiVersion: admissionregistration.k8s.io/v1 @@ -1282,8 +1458,8 @@ webhooks: timeoutSeconds: 2 ``` - 准入 Webhook 所用的超时时间默认为 10 秒。 @@ -1319,9 +1495,9 @@ and mutating webhooks can specify a `reinvocationPolicy` to control whether they 可以将 `reinvocationPolicy` 设置为 `Never` 或 `IfNeeded`。 默认为 `Never`。 * `Never`: 在一次准入测试中,不得多次调用 Webhook。 * `IfNeeded`: 如果在最初的 Webhook 调用之后被其他对象的插件修改了被接纳的对象, @@ -1334,9 +1510,11 @@ The important elements to note are: * 不能保证附加调用的次数恰好是一。 * 如果其他调用导致对该对象的进一步修改,则不能保证再次调用 Webhook。 @@ -1345,7 +1523,8 @@ The important elements to note are: (推荐用于有副作用的 Webhook)。 这是一个修改性质的 Webhook 的示例,该 Webhook 在以后的准入插件修改对象时被重新调用: @@ -1365,7 +1544,7 @@ in an object could already exist in the user-provided object, but it is essentia 修改性质的 Webhook 必须具有[幂等](#idempotence)性,并且能够成功处理 已被接纳并可能被修改的对象的修改性质的 Webhook。 对于所有修改性质的准入 Webhook 都是如此,因为它们可以在对象中进行的 -任何更改可能已经存在于用户提供的对象中,但是对于选择重新调用的 webhook +任何更改可能已经存在于用户提供的对象中,但是对于选择重新调用的 Webhook 来说是必不可少的。 -`failurePolicy` 定义了如何处理准入 webhook 中无法识别的错误和超时错误。允许的值为 `Ignore` 或 `Fail`。 +`failurePolicy` 定义了如何处理准入 Webhook 中无法识别的错误和超时错误。允许的值为 `Ignore` 或 `Fail`。 -* `Ignore` 表示调用 webhook 的错误将被忽略并且允许 API 请求继续。 -* `Fail` 表示调用 webhook 的错误导致准入失败并且 API 请求被拒绝。 +* `Ignore` 表示调用 Webhook 的错误将被忽略并且允许 API 请求继续。 +* `Fail` 表示调用 Webhook 的错误导致准入失败并且 API 请求被拒绝。 这是一个修改性质的 webhook,配置为在调用准入 Webhook 遇到错误时拒绝 API 请求: @@ -1397,8 +1576,8 @@ webhooks: failurePolicy: Fail ``` - 准入 Webhook 所用的默认 `failurePolicy` 是 `Fail`。 @@ -1415,14 +1594,13 @@ monitoring mechanisms help cluster admins to answer questions like: 2. What change did the mutating webhook applied to the object? -3. Which webhooks are frequently rejecting API requests? What's the reason for a - rejection? +3. Which webhooks are frequently rejecting API requests? What's the reason for a rejection? --> API 服务器提供了监视准入 Webhook 行为的方法。这些监视机制可帮助集群管理员回答以下问题: -1. 哪个修改性质的 webhook 改变了 API 请求中的对象? +1. 哪个修改性质的 Webhook 改变了 API 请求中的对象? 2. 修改性质的 Webhook 对对象做了哪些更改? -3. 哪些 webhook 经常拒绝 API 请求?是什么原因拒绝? +3. 哪些 Webhook 经常拒绝 API 请求?是什么原因拒绝? - 在 `Metadata` 或更高审计级别上,将使用 JSON 负载记录带有键名 -`mutation.webhook.admission.k8s.io/round_{round idx}_index_{order idx}` 的注解, -该注解表示针对给定请求调用了 Webhook,以及该 Webhook 是否更改了对象。 + `mutation.webhook.admission.k8s.io/round_{round idx}_index_{order idx}` 的注解, + 该注解表示针对给定请求调用了 Webhook,以及该 Webhook 是否更改了对象。 有时,了解哪些准入 Webhook 经常拒绝 API 请求以及拒绝的原因是很有用的。 @@ -1612,20 +1791,22 @@ metrics are labelled to identify the causes of webhook rejection(s): - `type`: the admission webhook type, can be one of `admit` and `validating`. - `error_type`: identifies if an error occurred during the webhook invocation that caused the rejection. Its value can be one of: - - `calling_webhook_error`: unrecognized errors or timeout errors from the admission webhook happened and the - webhook's [Failure policy](#failure-policy) is set to `Fail`. - - `no_error`: no error occurred. The webhook rejected the request with `allowed: false` in the admission - response. The metrics label `rejection_code` records the `.status.code` set in the admission response. - - `apiserver_internal_error`: an API server internal error happened. + + - `calling_webhook_error`: unrecognized errors or timeout errors from the admission webhook happened and the + webhook's [Failure policy](#failure-policy) is set to `Fail`. + - `no_error`: no error occurred. The webhook rejected the request with `allowed: false` in the admission + response. The metrics label `rejection_code` records the `.status.code` set in the admission response. + - `apiserver_internal_error`: an API server internal error happened. + - `rejection_code`: the HTTP status code set in the admission response when a webhook rejected a request. --> - `name`:拒绝请求 Webhook 的名称。 - `operation`:请求的操作类型可以是 `CREATE`、`UPDATE`、`DELETE` 和 `CONNECT` 其中之一。 -- `type`:Admission webhook 类型,可以是 `admit` 和 `validating` 其中之一。 -- `error_type`:标识在 webhook 调用期间是否发生了错误并且导致了拒绝。其值可以是以下之一: +- `type`:Admission Webhook 类型,可以是 `admit` 和 `validating` 其中之一。 +- `error_type`:标识在 Webhook 调用期间是否发生了错误并且导致了拒绝。其值可以是以下之一: - `calling_webhook_error`:发生了来自准入 Webhook 的无法识别的错误或超时错误, - 并且 webhook 的 [失败策略](#failure-policy) 设置为 `Fail`。 + 并且 Webhook 的 [失败策略](#failure-policy) 设置为 `Fail`。 - `no_error`:未发生错误。Webhook 在准入响应中以 `allowed: false` 值拒绝了请求。 度量标签 `rejection_code` 记录了在准入响应中设置的 `.status.code`。 - `apiserver_internal_error`:apiserver 发生内部错误。 @@ -1670,7 +1851,8 @@ the initial application. 2. For a `CREATE` pod request, if the field `.spec.containers[].resources.limits` of a container is not set, set default resource limits. -3. For a `CREATE` pod request, inject a sidecar container with name `foo-sidecar` if no container with the name `foo-sidecar` already exists. +3. For a `CREATE` pod request, inject a sidecar container with name `foo-sidecar` if no container + with the name `foo-sidecar` already exists. In the cases above, the webhook can be safely reinvoked, or admit an object that already has the fields set. --> @@ -1746,16 +1928,18 @@ versions. See [Matching requests: matchPolicy](#matching-requests-matchpolicy) f ### 可用性 {#availability} -建议准入 webhook 尽快完成执行(时长通常是毫秒级),因为它们会增加 API 请求的延迟。 +建议准入 Webhook 尽快完成执行(时长通常是毫秒级),因为它们会增加 API 请求的延迟。 建议对 Webhook 使用较小的超时值。有关更多详细信息,请参见[超时](#timeouts)。 建议 Admission Webhook 应该采用某种形式的负载均衡机制,以提供高可用性和高性能。 @@ -1767,9 +1951,11 @@ to leverage the load-balancing that service supports. Admission webhooks that need to guarantee they see the final state of the object in order to enforce policy should use a validating admission webhook, since objects can be modified after being seen by mutating webhooks. -For example, a mutating admission webhook is configured to inject a sidecar container with name "foo-sidecar" on every -`CREATE` pod request. If the sidecar *must* be present, a validating admisson webhook should also be configured to intercept `CREATE` pod requests, and validate -that a container with name "foo-sidecar" with the expected configuration exists in the to-be-created object. +For example, a mutating admission webhook is configured to inject a sidecar container with name +"foo-sidecar" on every `CREATE` pod request. If the sidecar *must* be present, a validating +admisson webhook should also be configured to intercept `CREATE` pod requests, and validate that a +container with name "foo-sidecar" with the expected configuration exists in the to-be-created +object. --> ### 确保看到对象的最终状态 {#guaranteeing-the-final-state-of-the-object-is-seen} @@ -1778,7 +1964,7 @@ that a container with name "foo-sidecar" with the expected configuration exists 则应该使用一个验证性质的 webhook, 因为可以通过 mutating Webhook 看到对象后对其进行修改。 -例如,一个修改性质的准入Webhook 被配置为在每个 `CREATE` Pod 请求中 +例如,一个修改性质的准入 Webhook 被配置为在每个 `CREATE` Pod 请求中 注入一个名称为 "foo-sidecar" 的 sidecar 容器。 如果*必须*存在边车容器,则还应配置一个验证性质的准入 Webhook 以拦截 @@ -1797,7 +1983,8 @@ When a node that runs the webhook server pods becomes unhealthy, the webhook deployment will try to reschedule the pods to another node. However the requests will get rejected by the existing webhook server since the `"env"` label is unset, and the migration cannot happen. -It is recommended to exclude the namespace where your webhook is running with a [namespaceSelector](#matching-requests-namespaceselector). +It is recommended to exclude the namespace where your webhook is running with a +[namespaceSelector](#matching-requests-namespaceselector). --> ### 避免自托管的 Webhooks 中出现死锁 {#avoiding-deadlocks-in-self-hosted-webhooks} @@ -1826,7 +2013,7 @@ set to `NoneOnDryRun`. See [Side effects](#side-effects) for more detail. --> ### 副作用 {#side-effects} -建议准入 Webhook 应尽可能避免副作用,这意味着该准入 webhook 仅对发送给他们的 +建议准入 Webhook 应尽可能避免副作用,这意味着该准入 Webhook 仅对发送给他们的 `AdmissionReview` 的内容起作用,并且不要进行额外更改。 如果 Webhook 没有任何副作用,则 `.webhooks[].sideEffects` 字段应设置为 `None`。 diff --git a/content/zh-cn/docs/reference/access-authn-authz/rbac.md b/content/zh-cn/docs/reference/access-authn-authz/rbac.md index 482be53b4dc..604af3ea733 100644 --- a/content/zh-cn/docs/reference/access-authn-authz/rbac.md +++ b/content/zh-cn/docs/reference/access-authn-authz/rbac.md @@ -431,19 +431,19 @@ There are two reasons for this restriction: 1. 将 `roleRef` 设置为不可以改变,这使得可以为用户授予对现有绑定对象的 `update` 权限, 这样可以让他们管理主体列表,同时不能更改被授予这些主体的角色。 2. 针对不同角色的绑定是完全不一样的绑定。要求通过删除/重建绑定来更改 `roleRef`, 这样可以确保要赋予绑定的所有主体会被授予新的角色(而不是在允许或者不小心修改了 @@ -559,17 +559,19 @@ For example, `kubectl get configmaps --field-selector=metadata.name=my-configmap {{< /note >}} -使用通配符 `*` 可以批量引用所有的 `resources` 和 `verbs` 对象,无需逐一引用。 -对于 `nonResourceURLs`,可以将通配符 `*` 作为后缀实现全局通配, -对于 `apiGroups` 和 `resourceNames`,空集表示没有任何限制。 -下面的示例允许对所有当前和未来资源执行所有动作(注意,这类似于内置的 `cluster-admin`)。 +你可愈使用通配符 `*` 可以批量引用所有的 `resources`、`apiGroups` 和 `verbs` 对象, 无需逐一引用。 +对于 `nonResourceURLs`,你可以将通配符 `*` 作为后缀实现全局通配, +对于 `resourceNames`,空集表示没有任何限制。 +下面的示例对 `example.com` API 组中所有当前和未来资源执行所有动作。 +这类似于内置的 `cluster-admin`。 ```yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -585,14 +587,13 @@ rules: {{< caution >}} 在 resources 和 verbs 条目中使用通配符会为敏感资源授予过多的访问权限。 例如,如果添加了新的资源类型、新的子资源或新的自定义动词, @@ -953,7 +954,7 @@ Subjects can be groups, users or Kubernetes represents usernames as strings. These can be: plain names, such as "alice"; email-style names, like "bob@example.com"; -or numeric user IDs represented as a string. It is up to you as a cluster administrator +or numeric user IDs represented as a string. It is up to you as a cluster administrator to configure the [authentication modules](/docs/reference/access-authn-authz/authentication/) so that authentication produces usernames in the format you want. --> @@ -1168,7 +1169,10 @@ Auto-reconciliation is enabled by default if the RBAC authorizer is active. @@ -1717,8 +1721,9 @@ RBAC API 会阻止用户通过编辑角色或者角色绑定来提升权限。 You can only create/update a role if at least one of the following things is true: 1. You already have all the permissions contained in the role, at the same scope as the object being modified -(cluster-wide for a ClusterRole, within the same namespace or cluster-wide for a Role). -2. You are granted explicit permission to perform the `escalate` verb on the `roles` or `clusterroles` resource in the `rbac.authorization.k8s.io` API group. + (cluster-wide for a ClusterRole, within the same namespace or cluster-wide for a Role). +2. You are granted explicit permission to perform the `escalate` verb on the `roles` or + `clusterroles` resource in the `rbac.authorization.k8s.io` API group. --> ### 对角色创建或更新的限制 {#restrictions-on-role-creation-or-update} @@ -1735,8 +1740,11 @@ containing that permission. To allow a user to create/update roles: 1. Grant them a role that allows them to create/update Role or ClusterRole objects, as desired. 2. Grant them permission to include specific permissions in the roles they create/update: - * implicitly, by giving them those permissions (if they attempt to create or modify a Role or ClusterRole with permissions they themselves have not been granted, the API request will be forbidden) - * or explicitly allow specifying any permission in a `Role` or `ClusterRole` by giving them permission to perform the `escalate` verb on `roles` or `clusterroles` resources in the `rbac.authorization.k8s.io` API group + * implicitly, by giving them those permissions (if they attempt to create or modify a Role or + ClusterRole with permissions they themselves have not been granted, the API request will be forbidden) + * or explicitly allow specifying any permission in a `Role` or `ClusterRole` by giving them + permission to perform the `escalate` verb on `roles` or `clusterroles` resources in the + `rbac.authorization.k8s.io` API group --> 例如,如果 `user-1` 没有列举集群范围所有 Secret 的权限,他将不能创建包含该权限的 ClusterRole。 若要允许用户创建/更新角色: diff --git a/content/zh-cn/docs/reference/access-authn-authz/validating-admission-policy.md b/content/zh-cn/docs/reference/access-authn-authz/validating-admission-policy.md new file mode 100644 index 00000000000..a470aa45db2 --- /dev/null +++ b/content/zh-cn/docs/reference/access-authn-authz/validating-admission-policy.md @@ -0,0 +1,562 @@ +--- +title: 验证准入策略(ValidatingAdmissionPolicy) +content_type: concept +--- + + + + +{{< feature-state state="alpha" for_k8s_version="v1.26" >}} + + + +本页面提供验证准入策略(Validating Admission Policy)的概述。 + + + + +## 什么是验证准入策略? {#what-is-validating-admission-policy} + +验证准入策略提供一种声明式的、进程内的替代方案来验证准入 Webhook。 + +验证准入策略使用通用表达语言 (Common Expression Language,CEL) 来声明策略的验证规则。 +验证准入策略是高度可配置的,使配置策略的作者能够根据集群管理员的需要, +定义可以参数化并限定到资源的策略。 + + +## 哪些资源构成策略 {#what-resources-make-a-policy} + +策略通常由三种资源构成: + + + +- `ValidatingAdmissionPolicy` 描述策略的抽象逻辑(想想看:“这个策略确保一个特定标签被设置为一个特定值”)。 + +- 一个 `ValidatingAdmissionPolicyBinding` 将上述资源联系在一起,并提供作用域。 + 如果你只想为 `Pods` 设置一个 `owner` 标签,你就需要在这个绑定中指定这个限制。 + +- 参数资源为 `ValidatingAdmissionPolicy` 提供信息,使其成为一个具体的声明 + (想想看:“`owner` 标签必须被设置为以 `.company.com` 结尾的形式")。 + 参数资源的模式(Schema)使用诸如 ConfigMap 或 CRD 这类原生类型定义。 + `ValidatingAdmissionPolicy` 对象指定它们期望参数资源所呈现的类型。 + + +至少要定义一个 `ValidatingAdmissionPolicy` 和一个相对应的 `ValidatingAdmissionPolicyBinding` 才能使策略生效。 + +如果 `ValidatingAdmissionPolicy` 不需要参数配置,不设置 `ValidatingAdmissionPolicy` 中的 +`spec.paramKind` 即可。 + +## {{% heading "prerequisites" %}} + + +- 确保 `ValidatingAdmissionPolicy` [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)被启用。 +- 确保 `admissionregistration.k8s.io/v1alpha1` API 被启用。 + + + +## 开始使用验证准入策略 {#getting-started-with-validating-admission-policy} + +验证准入策略是集群控制平面的一部分。你应该非常谨慎地编写和部署它们。下面介绍如何快速试验验证准入策略。 + + +### 创建一个 ValidatingAdmissionPolicy + +以下是一个 ValidatingAdmissionPolicy 的示例: + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicy +metadata: + name: "demo-policy.example.com" +spec: + failurePolicy: Fail + matchConstraints: + resourceRules: + - apiGroups: ["apps"] + apiVersions: ["v1"] + operations: ["CREATE", "UPDATE"] + resources: ["deployments"] + validations: + - expression: "object.spec.replicas <= 5" +``` + + +`spec.validations` 包含使用[通用表达式语言 (CEL)](https://github.com/google/cel-spec) +来验证请求的 CEL 表达式。 +如果表达式的计算结果为 false,则根据 `spec.failurePolicy` 字段强制执行验证检查处理。 + +要配置一个在某集群中使用的验证准入策略,需要一个绑定。 +以下是一个 ValidatingAdmissionPolicyBinding 的示例: + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicyBinding +metadata: + name: "demo-binding-test.example.com" +spec: + policyName: "demo-policy.example.com" + matchResources: + namespaceSelector: + matchLabels: + environment: test +``` + + +尝试创建副本集合不满足验证表达式的 Deployment 时,将返回包含以下消息的错误: + +```none +ValidatingAdmissionPolicy 'demo-policy.example.com' with binding 'demo-binding-test.example.com' denied request: failed expression: object.spec.replicas <= 5 +``` + + +上面提供的是一个简单的、无配置参数的 ValidatingAdmissionPolicy。 + + +#### 参数资源 + +参数资源允许策略配置与其定义分开。 +一个策略可以定义 paramKind,给出参数资源的 GVK, +然后一个策略绑定可以通过名称(通过 policyName)将某策略与某特定的参数资源(通过 paramRef)联系起来。 + +如果需要参数配置,下面是一个带有参数配置的 ValidatingAdmissionPolicy 的例子: + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicy +metadata: + name: "replicalimit-policy.example.com" +spec: + failurePolicy: Fail + paramKind: + apiVersion: rules.example.com/v1 + kind: ReplicaLimit + matchConstraints: + resourceRules: + - apiGroups: ["apps"] + apiVersions: ["v1"] + operations: ["CREATE", "UPDATE"] + resources: ["deployments"] + validations: + - expression: "object.spec.replicas <= params.maxReplicas" + reason: Invalid +``` + + +ValidatingAdmissionPolicy 的 `spec.paramKind` 字段指定用于参数化此策略的资源类型。 +在这个例子中,它是由自定义资源 ReplicaLimit 配置的。 +在这个例子中请注意 CEL 表达式是如何通过 CEL params 变量引用参数的,如:`params.maxReplicas`。 +`spec.matchConstraints` 指定此策略要检查哪些资源。 +请注意,诸如 `ConfigMap` 之类的原生类型也可以用作参数引用。 + + +`spec.validations` 字段包含 CEL 表达式。 +如果表达式的计算结果为 false,则根据 `spec.failurePolicy` 字段强制执行验证检查操作。 + +验证准入策略的作者负责提供 ReplicaLimit 参数 CRD。 + +要配置一个在某集群中使用的验证准入策略,需要创建绑定和参数资源。 +以下是 ValidatingAdmissionPolicyBinding 的示例: + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicyBinding +metadata: + name: "replicalimit-binding-test.example.com" +spec: + policyName: "replicalimit-policy.example.com" + paramRef: + name: "replica-limit-test.example.com" + matchResources: + namespaceSelector: + matchLabels: + environment: test +``` + + +参数资源可以如下: + +```yaml +apiVersion: rules.example.com/v1 +kind: ReplicaLimit +metadata: + name: "replica-limit-test.example.com" +maxReplicas: 3 +``` + + +此策略参数资源将限制测试环境所有名字空间中的 Deployment 最多有 3 个副本。 +一个准入策略可以有多个绑定。 +要绑定所有的其他环境,限制 maxReplicas 为 100,请创建另一个 ValidatingAdmissionPolicyBinding: + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicyBinding +metadata: + name: "replicalimit-binding-nontest" +spec: + policyName: "replicalimit-policy.example.com" + paramRef: + name: "replica-limit-clusterwide.example.com" + matchResources: + namespaceSelector: + matchExpressions: + - key: environment + operator: NotIn + values: + - test +``` + + +并有一个参数资源,如下: + +```yaml +apiVersion: rules.example.com/v1 +kind: ReplicaLimit +metadata: + name: "replica-limit-clusterwide.example.com" +maxReplicas: 100 +``` + + +绑定可以包含相互重叠的匹配条件。策略会针对每个匹配的绑定进行计算。 +在上面的例子中,`nontest` 策略绑定可以被定义为一个全局策略: + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicyBinding +metadata: + name: "replicalimit-binding-global" +spec: + policyName: "replicalimit-policy.example.com" + params: "replica-limit-clusterwide.example.com" + matchResources: + namespaceSelector: + matchExpressions: + - key: environment + operator: Exists +``` + + +如果参数资源尚未被绑定,代表参数资源的 params 对象将不会被设置, +所以对于需要参数资源的策略,添加一个检查来确保参数资源被绑定,这会很有用。 + +对于需要参数配置的场景,我们建议在 `spec.validations[0].expression` 中添加一个参数检查: + +``` +- expression: "params != null" + message: "params missing but required to bind to this policy" +``` + + +将可选参数作为参数资源的一部分,并且只在参数存在时执行检查操作,这样做会比较方便。 +CEL 提供了 `has()` 方法,它检查传递给它的键是否存在。CEL 还实现了布尔短路逻辑。 +如果逻辑 OR 的前半部分计算为 true,则不会计算另一半(因为无论如何整个 OR 的结果都为真)。 + +结合这两者,我们可以提供一种验证可选参数的方法: + +`!has(params.optionalNumber) || (params.optionalNumber >= 5 && params.optionalNumber <= 10)` + + +在这里,我们首先用 `!has(params.optionalNumber)` 检查可选参数是否存在。 + +- 如果 `optionalNumber` 没有被定义,那么表达式就会短路,因为 `!has(params.optionalNumber)` 的计算结果为 true。 +- 如果 `optionalNumber` 被定义了,那么将计算 CEL 表达式的后半部分, + 并且 `optionalNumber` 将被检查以确保它包含一个 5 到 10 之间的值(含 5 到 10)。 + + +#### 鉴权检查 + +我们为参数资源引入了鉴权检查。 +用户应该对 `ValidatingAdmissionPolicy` 中的 `paramKind` +和 `ValidatingAdmissionPolicyBinding` 中的 `paramRef` 所引用的资源有 `read` 权限。 + +请注意,如果 `paramKind` 中的资源没能通过 restmapper 解析,则用户需要拥有对组的所有资源的 +`read` 访问权限。 + + +### 失效策略 + +`failurePolicy` 定义了如何处理错误配置和准入策略的 CEL 表达式取值为 error 的情况。 + +允许的值是 `Ignore` 或 `Fail`。 + +- `Ignore` 意味着调用 ValidatingAdmissionPolicy 的错误被忽略,允许 API 请求继续。 +- `Fail` 意味着调用 ValidatingAdmissionPolicy 的错误导致准入失败并拒绝 API 请求。 + +请注意,`failurePolicy` 是在 `ValidatingAdmissionPolicy` 中定义的: + +```yaml +apiVersion: admissionregistration.k8s.io/v1alpha1 +kind: ValidatingAdmissionPolicy +spec: +... +failurePolicy: Ignore # 默认值是 "Fail" +validations: +- expression: "object.spec.xyz == params.x" +``` + + +### 检查表达式 + +`spec.validations[i].expression` 代表将使用 CEL 来计算表达式。 +要了解更多信息,请参阅 [CEL 语言规范](https://github.com/google/cel-spec)。 +CEL 表达式可以访问按 CEL 变量来组织的 Admission 请求/响应的内容,以及其他一些有用的变量 : + +- 'object' - 来自传入请求的对象。对于 DELETE 请求,该值为 null。 +- 'oldObject' - 现有对象。对于 CREATE 请求,该值为 null。 +- 'request' - [准入请求](/zh-cn/docs/reference/config-api/apiserver-admission.v1/#admission-k8s-io-v1-AdmissionRequest)的属性。 +- 'params' - 被计算的策略绑定引用的参数资源。如果未设置 `paramKind`,该值为 null。 + + +总是可以从对象的根访问的属性有 `apiVersion`、`kind`、`metadata.name` 和 `metadata.generateName`。 +其他元数据属性不能访问。 + +只有符合 `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` 形式的属性名称是可访问的。 +可访问的属性名称在表达式中被访问时,根据以下规则进行转义: + +| 转义序列 | 属性名称等效 | +| ----------------------- | -----------------------| +| `__underscores__` | `__` | +| `__dot__` | `.` | +| `__dash__` | `-` | +| `__slash__` | `/` | +| `__{keyword}__` | [CEL 保留关键字](https://github.com/google/cel-spec/blob/v0.6.0/doc/langdef.md#syntax) | + +{{< note >}} + +**CEL 保留**关键字仅在字符串与保留关键字完全匹配时才需要转义。 +例如,单词 “sprint” 中的 `int` 不需要被转义。 +{{< /note >}} + + +转义示例: + +| 属性名 | 具有转义属性名称的规则 | +| ----------- | --------------------------------- | +| namespace | `self.__namespace__ > 0` | +| x-prop | `self.x__dash__prop > 0` | +| redact\_\_d | `self.redact__underscores__d > 0` | +| string | `self.startsWith('kube')` | + + +列表类型为 "set" 或 "map" 的数组上的等价关系比较会忽略元素顺序,即 [1, 2] == [2, 1]。 +使用 x-kubernetes-list-type 连接数组时使用列表类型的语义: + +- 'set': `X + Y` 执行并集,其中 `X` 中所有元素的数组位置被保留,`Y` 中不相交的元素被追加,保留其元素的偏序关系。 +- 'map':`X + Y` 执行合并,保留 `X` 中所有键的数组位置,但是当 `X` 和 `Y` 的键集相交时,其值被 `Y` 的值覆盖。 + `Y` 中键值不相交的元素被追加,保留其元素之间的偏序关系。 + + +#### 检查表达式示例 + +| 表达式 | 目的 | +| --------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ | +| `object.minReplicas <= object.replicas && object.replicas <= object.maxReplicas` | 检查定义副本的三个字段是否大小关系正确 | +| `'Available' in object.stateCounts` | 检查映射中是否存在键为 `Available` 的条目 | +| `(size(object.list1) == 0) != (size(object.list2) == 0)` | 检查两个列表是否有且只有一个非空 | +| !('MY_KEY' in object.map1) || object['MY_KEY'].matches('^[a-zA-Z]\*$') | 检查映射中存在特定的键时其取值符合某规则 | +| `object.envars.filter(e, e.name == 'MY_ENV').all(e, e.value.matches('^[a-zA-Z]*$')` | 验证 listMap 中所有键名为 "MY_ENV" 的条目的 “value” 字段,确保其符合规则 | +| `has(object.expired) && object.created + object.ttl < object.expired` | 检查 expired 日期在 create 日期加上 ttl 时长之后 | +| `object.health.startsWith('ok')` | 检查 health 字符串字段的取值有 “ok” 前缀 | +| `object.widgets.exists(w, w.key == 'x' && w.foo < 10)` | 对于 listMap 中键为 “x” 的条目,检查该条目的 "foo" 属性的值是否小于 10 | +| `type(object) == string ? object == '100%' : object == 1000` | 对于 int-or-string 字段,分别处理类型为 int 或 string 的情况 | +| `object.metadata.name.startsWith(object.prefix)` | 检查对象名称是否以另一个字段值为前缀 | +| `object.set1.all(e, !(e in object.set2))` | 检查两个 listSet 是否不相交 | +| `size(object.names) == size(object.details) && object.names.all(n, n in object.details)` | 检查映射 “details” 所有的键和 listSet “names” 中的条目是否一致 | +| `size(object.clusters.filter(c, c.name == object.primary)) == 1` | 检查 “primary” 字段的值在 listMap “clusters” 中只出现一次 | + + +了解关于 CEL 规则的更多信息, 请阅读 +[CEL 支持的求值表达式](https://github.com/google/cel-spec/blob/v0.6.0/doc/langdef.md#evaluation)。 + + +`spec.validation[i].reason` 表示一个机器可读的描述,说明为什么这次检查失败。 +如果这是列表中第一个失败的检查,其原因以及相应的 HTTP 响应代码会被用在给客户端的 HTTP 响应中。 +目前支持的原因有:`Unauthorized`、`Forbidden`、`Invalid`、`RequestEntityTooLarge`。 +如果未设置,将在对客户端的响应中使用 `StatusReasonInvalid`。 diff --git a/content/zh-cn/docs/reference/command-line-tools-reference/kube-apiserver.md b/content/zh-cn/docs/reference/command-line-tools-reference/kube-apiserver.md index e3ac50b7ccf..355c93ce8a7 100644 --- a/content/zh-cn/docs/reference/command-line-tools-reference/kube-apiserver.md +++ b/content/zh-cn/docs/reference/command-line-tools-reference/kube-apiserver.md @@ -782,9 +782,9 @@ CIDRs opened in GCE firewall for L7 LB traffic proxy & health checks -如果启用了性能分析,则启用锁争用性能分析。 +如果启用了性能分析,则启用阻塞分析。 @@ -793,17 +793,33 @@ Enable lock contention profiling, if profiling is enabled +

    CORS 允许的来源清单,以逗号分隔。 允许的来源可以是支持子域匹配的正则表达式。 如果此列表为空,则不会启用 CORS。 +请确保每个表达式与整个主机名相匹配,方法是用'^'锚定开始或包括'//'前缀,同时用'$'锚定结束或包括':'端口分隔符后缀。 +有效表达式的例子是'//example.com(:|$)'和'^https://example.com(:|$)'。 +

    + +--debug-socket-path string + + +

    + +使用位于给定路径的、未受保护的(无身份认证或鉴权的)UNIX 域套接字执行性能分析。 +

    + + --default-not-ready-toleration-seconds int     默认值:300 @@ -853,13 +869,11 @@ Number of workers spawned for DeleteCollection call. These are used to speed up

    -尽管位于默认启用的插件列表中,仍须被禁用的准入插件(NamespaceLifecycle、LimitRanger、ServiceAccount、TaintNodesByCondition、PodSecurity、Priority、DefaultTolerationSeconds、DefaultStorageClass、StorageObjectInUseProtection、PersistentVolumeClaimResize、RuntimeClass、CertificateApproval、CertificateSigning、CertificateSubjectRestriction、DefaultIngressClass、MutatingAdmissionWebhook、ValidatingAdmissionPolicy、ValidatingAdmissionWebhook、ResourceQuota)。 -取值为逗号分隔的准入插件列表:AlwaysAdmit、AlwaysDeny、AlwaysPullImages、CertificateApproval、CertificateSigning、CertificateSubjectRestriction、DefaultIngressClass、DefaultStorageClass、DefaultTolerationSeconds、DenyServiceExternalIPs、EventRateLimit、ExtendedResourceToleration、ImagePolicyWebhook、LimitPodHardAntiAffinityTopology、LimitRanger、MutatingAdmissionWebhook、NamespaceAutoProvision、NamespaceExists、NamespaceLifecycle、NodeRestriction、OwnerReferencesPermissionEnforcement、PersistentVolumeClaimResize、PersistentVolumeLabel、PodNodeSelector、PodSecurity、PodTolerationRestriction、Priority、ResourceQuota、RuntimeClass、SecurityContextDeny、ServiceAccount、StorageObjectInUseProtection、TaintNodesByCondition、ValidatingAdmissionPolicy、ValidatingAdmissionWebhook。 +尽管位于默认启用的插件列表中,仍须被禁用的准入插件(NamespaceLifecycle、LimitRanger、ServiceAccount、TaintNodesByCondition、PodSecurity、Priority、DefaultTolerationSeconds、DefaultStorageClass、StorageObjectInUseProtection、PersistentVolumeClaimResize、RuntimeClass、CertificateApproval、CertificateSigning、ClusterTrustBundleAttest、CertificateSubjectRestriction、DefaultIngressClass、MutatingAdmissionWebhook、ValidatingAdmissionPolicy、ValidatingAdmissionWebhook、ResourceQuota)。 +取值为逗号分隔的准入插件列表:AlwaysAdmit、AlwaysDeny、AlwaysPullImages、CertificateApproval、CertificateSigning、CertificateSubjectRestriction、ClusterTrustBundleAttest、DefaultIngressClass、DefaultStorageClass、DefaultTolerationSeconds、DenyServiceExternalIPs、EventRateLimit、ExtendedResourceToleration、ImagePolicyWebhook、LimitPodHardAntiAffinityTopology、LimitRanger、MutatingAdmissionWebhook、NamespaceAutoProvision、NamespaceExists、NamespaceLifecycle、NodeRestriction、OwnerReferencesPermissionEnforcement、PersistentVolumeClaimResize、PersistentVolumeLabel、PodNodeSelector、PodSecurity、PodTolerationRestriction、Priority、ResourceQuota、RuntimeClass、SecurityContextDeny、ServiceAccount、StorageObjectInUseProtection、TaintNodesByCondition、ValidatingAdmissionPolicy、ValidatingAdmissionWebhook。 该标志中插件的顺序无关紧要。

    @@ -900,11 +914,11 @@ File with apiserver egress selector configuration.

    -除了默认启用的插件(NamespaceLifecycle、LimitRanger、ServiceAccount、TaintNodesByCondition、PodSecurity、Priority、DefaultTolerationSeconds、DefaultStorageClass、StorageObjectInUseProtection、PersistentVolumeClaimResize、RuntimeClass、CertificateApproval、CertificateSigning、CertificateSubjectRestriction、DefaultIngressClass、MutatingAdmissionWebhook、ValidatingAdmissionPolicy、ValidatingAdmissionWebhook、ResourceQuota)之外要启用的准入插件。 -取值为逗号分隔的准入插件列表:AlwaysAdmit、AlwaysDeny、AlwaysPullImages、CertificateApproval、CertificateSigning、CertificateSubjectRestriction、DefaultIngressClass、DefaultStorageClass、DefaultTolerationSeconds、DenyServiceExternalIPs、EventRateLimit、ExtendedResourceToleration、ImagePolicyWebhook、LimitPodHardAntiAffinityTopology、LimitRanger、MutatingAdmissionWebhook、NamespaceAutoProvision、NamespaceExists、NamespaceLifecycle、NodeRestriction、OwnerReferencesPermissionEnforcement、PersistentVolumeClaimResize、PersistentVolumeLabel、PodNodeSelector、PodSecurity、PodTolerationRestriction、Priority、ResourceQuota、RuntimeClass、SecurityContextDeny、ServiceAccount、StorageObjectInUseProtection、TaintNodesByCondition、ValidatingAdmissionPolicy、ValidatingAdmissionWebhook。该标志中插件的顺序无关紧要。 +除了默认启用的插件(NamespaceLifecycle、LimitRanger、ServiceAccount、TaintNodesByCondition、PodSecurity、Priority、DefaultTolerationSeconds、DefaultStorageClass、StorageObjectInUseProtection、PersistentVolumeClaimResize、RuntimeClass、CertificateApproval、CertificateSigning、ClusterTrustBundleAttest、CertificateSubjectRestriction、DefaultIngressClass、MutatingAdmissionWebhook、ValidatingAdmissionPolicy、ValidatingAdmissionWebhook、ResourceQuota)之外要启用的准入插件。 +取值为逗号分隔的准入插件列表:AlwaysAdmit、AlwaysDeny、AlwaysPullImages、CertificateApproval、CertificateSigning、CertificateSubjectRestriction、ClusterTrustBundleAttest、DefaultIngressClass、DefaultStorageClass、DefaultTolerationSeconds、DenyServiceExternalIPs、EventRateLimit、ExtendedResourceToleration、ImagePolicyWebhook、LimitPodHardAntiAffinityTopology、LimitRanger、MutatingAdmissionWebhook、NamespaceAutoProvision、NamespaceExists、NamespaceLifecycle、NodeRestriction、OwnerReferencesPermissionEnforcement、PersistentVolumeClaimResize、PersistentVolumeLabel、PodNodeSelector、PodSecurity、PodTolerationRestriction、Priority、ResourceQuota、RuntimeClass、SecurityContextDeny、ServiceAccount、StorageObjectInUseProtection、TaintNodesByCondition、ValidatingAdmissionPolicy、ValidatingAdmissionWebhook。该标志中插件的顺序无关紧要。

    @@ -1185,16 +1199,16 @@ comma-separated 'key=True|False' pairs - +

    -

    一组 key=value 对,用来描述测试性/试验性功能的特性门控。可选项有:
    APIListChunking=true|false (BETA - 默认值=true)
    APIPriorityAndFairness=true|false (BETA - 默认值=true)
    APIResponseCompression=true|false (BETA - 默认值=true)
    -APISelfSubjectReview=true|false (ALPHA - 默认值=false)
    +APISelfSubjectReview=true|false (BETA - 默认值=true)
    APIServerIdentity=true|false (BETA - 默认值=true)
    -APIServerTracing=true|false (ALPHA - 默认值=false)
    -AggregatedDiscoveryEndpoint=true|false (ALPHA - 默认值=false)
    +APIServerTracing=true|false (BETA - 默认值=true)
    +AdmissionWebhookMatchConditions=true|false (ALPHA - 默认值=false)
    +AggregatedDiscoveryEndpoint=true|false (BETA - 默认值=true)
    AllAlpha=true|false (ALPHA - 默认值=false)
    AllBeta=true|false (BETA - 默认值=false)
    AnyVolumeDataSource=true|false (BETA - 默认值=true)
    @@ -1314,29 +1334,31 @@ CPUManagerPolicyBetaOptions=true|false (BETA - 默认值=true)
    CPUManagerPolicyOptions=true|false (BETA - 默认值=true)
    CSIMigrationPortworx=true|false (BETA - 默认值=false)
    CSIMigrationRBD=true|false (ALPHA - 默认值=false)
    -CSINodeExpandSecret=true|false (ALPHA - 默认值=false)
    +CSINodeExpandSecret=true|false (BETA - 默认值=true)
    CSIVolumeHealth=true|false (ALPHA - 默认值=false)
    -ComponentSLIs=true|false (ALPHA - 默认值=false)
    +CloudControllerManagerWebhook=true|false (ALPHA - 默认值=false)
    +CloudDualStackNodeIPs=true|false (ALPHA - 默认值=false)
    +ClusterTrustBundle=true|false (ALPHA - 默认值=false)
    +ComponentSLIs=true|false (BETA - 默认值=true)
    ContainerCheckpoint=true|false (ALPHA - 默认值=false)
    ContextualLogging=true|false (ALPHA - 默认值=false)
    -CronJobTimeZone=true|false (BETA - 默认值=true)
    CrossNamespaceVolumeDataSource=true|false (ALPHA - 默认值=false)
    CustomCPUCFSQuotaPeriod=true|false (ALPHA - 默认值=false)
    CustomResourceValidationExpressions=true|false (BETA - 默认值=true)
    DisableCloudProviders=true|false (ALPHA - 默认值=false)
    DisableKubeletCloudCredentialProviders=true|false (ALPHA - 默认值=false)
    -DownwardAPIHugePages=true|false (BETA - 默认值=true)
    DynamicResourceAllocation=true|false (ALPHA - 默认值=false)
    -EventedPLEG=true|false (ALPHA - 默认值=false)
    +ElasticIndexedJob=true|false (BETA - 默认值=true)
    +EventedPLEG=true|false (BETA - 默认值=false)
    ExpandedDNSConfig=true|false (BETA - 默认值=true)
    ExperimentalHostUserNamespaceDefaulting=true|false (BETA - 默认值=false)
    -GRPCContainerProbe=true|false (BETA - 默认值=true)
    -GracefulNodeShutdown=true|false (BETA - 默认值=true) +GracefulNodeShutdown=true|false (BETA - 默认值=true)
    GracefulNodeShutdownBasedOnPodPriority=true|false (BETA - 默认值=true)
    -HPAContainerMetrics=true|false (ALPHA - 默认值=false)
    +HPAContainerMetrics=true|false (BETA - 默认值=true)
    HPAScaleToZero=true|false (ALPHA - 默认值=false)
    HonorPVReclaimPolicy=true|false (ALPHA - 默认值=false)
    -IPTablesOwnershipCleanup=true|false (ALPHA - 默认值=false)
    +IPTablesOwnershipCleanup=true|false (BETA - 默认值=true)
    +InPlacePodVerticalScaling=true|false (ALPHA - 默认值=false)
    InTreePluginAWSUnregister=true|false (ALPHA - 默认值=false)
    InTreePluginAzureDiskUnregister=true|false (ALPHA - 默认值=false)
    InTreePluginAzureFileUnregister=true|false (ALPHA - 默认值=false)
    @@ -1345,63 +1367,67 @@ InTreePluginOpenStackUnregister=true|false (ALPHA - 默认值=false)
    InTreePluginPortworxUnregister=true|false (ALPHA - 默认值=false)
    InTreePluginRBDUnregister=true|false (ALPHA - 默认值=false)
    InTreePluginvSphereUnregister=true|false (ALPHA - 默认值=false)
    -JobMutableNodeSchedulingDirectives=true|false (BETA - 默认值=true)
    JobPodFailurePolicy=true|false (BETA - 默认值=true)
    JobReadyPods=true|false (BETA - 默认值=true)
    -KMSv2=true|false (ALPHA - 默认值=false)
    +KMSv2=true|false (BETA - 默认值=true)
    KubeletInUserNamespace=true|false (ALPHA - 默认值=false)
    KubeletPodResources=true|false (BETA - 默认值=true)
    +KubeletPodResourcesDynamicResources=true|false (ALPHA - 默认值=false)
    +KubeletPodResourcesGet=true|false (ALPHA - 默认值=false)
    KubeletPodResourcesGetAllocatable=true|false (BETA - 默认值=true)
    -KubeletTracing=true|false (ALPHA - 默认值=false)
    -LegacyServiceAccountTokenTracking=true|false (ALPHA - 默认值=false)
    +KubeletTracing=true|false (BETA - 默认值=true)
    +LegacyServiceAccountTokenTracking=true|false (BETA - 默认值=true)
    LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - 默认值=false)
    LogarithmicScaleDown=true|false (BETA - 默认值=true)
    LoggingAlphaOptions=true|false (ALPHA - 默认值=false)
    LoggingBetaOptions=true|false (BETA - 默认值=true)
    -MatchLabelKeysInPodTopologySpread=true|false (ALPHA - 默认值=false)
    +MatchLabelKeysInPodTopologySpread=true|false (BETA - 默认值=true)
    MaxUnavailableStatefulSet=true|false (ALPHA - 默认值=false)
    MemoryManager=true|false (BETA - 默认值=true)
    MemoryQoS=true|false (ALPHA - 默认值=false)
    -MinDomainsInPodTopologySpread=true|false (BETA - 默认值=false)
    -MinimizeIPTablesRestore=true|false (ALPHA - 默认值=false)
    +MinDomainsInPodTopologySpread=true|false (BETA - 默认值=true)
    +MinimizeIPTablesRestore=true|false (BETA - 默认值=true)
    MultiCIDRRangeAllocator=true|false (ALPHA - 默认值=false)
    +MultiCIDRServiceAllocator=true|false (ALPHA - 默认值=false)
    NetworkPolicyStatus=true|false (ALPHA - 默认值=false)
    +NewVolumeManagerReconstruction=true|false (BETA - 默认值=true)
    NodeInclusionPolicyInPodTopologySpread=true|false (BETA - 默认值=true)
    +NodeLogQuery=true|false (ALPHA - 默认值=false)
    NodeOutOfServiceVolumeDetach=true|false (BETA - 默认值=true)
    NodeSwap=true|false (ALPHA - 默认值=false)
    OpenAPIEnums=true|false (BETA - 默认值=true)
    -OpenAPIV3=true|false (BETA - 默认值=true)
    -PDBUnhealthyPodEvictionPolicy=true|false (ALPHA - 默认值=false)
    +PDBUnhealthyPodEvictionPolicy=true|false (BETA - 默认值=true)
    PodAndContainerStatsFromCRI=true|false (ALPHA - 默认值=false)
    PodDeletionCost=true|false (BETA - 默认值=true)
    PodDisruptionConditions=true|false (BETA - 默认值=true)
    PodHasNetworkCondition=true|false (ALPHA - 默认值=false)
    -PodSchedulingReadiness=true|false (ALPHA - 默认值=false)
    +PodSchedulingReadiness=true|false (BETA - 默认值=true)
    ProbeTerminationGracePeriod=true|false (BETA - 默认值=true)
    ProcMountType=true|false (ALPHA - 默认值=false)
    ProxyTerminatingEndpoints=true|false (BETA - 默认值=true)
    QOSReserved=true|false (ALPHA - 默认值=false)
    -ReadWriteOncePod=true|false (ALPHA - 默认值=false)
    +ReadWriteOncePod=true|false (BETA - 默认值=true)
    RecoverVolumeExpansionFailure=true|false (ALPHA - 默认值=false)
    RemainingItemCount=true|false (BETA - 默认值=true)
    RetroactiveDefaultStorageClass=true|false (BETA - 默认值=true)
    RotateKubeletServerCertificate=true|false (BETA - 默认值=true)
    -SELinuxMountReadWriteOncePod=true|false (ALPHA - 默认值=false)
    -SeccompDefault=true|false (BETA - 默认值=true)
    -ServerSideFieldValidation=true|false (BETA - 默认值=true)
    +SELinuxMountReadWriteOncePod=true|false (BETA - 默认值=true)
    +SecurityContextDeny=true|false (ALPHA - 默认值=false)
    +ServiceNodePortStaticSubrange=true|false (ALPHA - 默认值=false)
    SizeMemoryBackedVolumes=true|false (BETA - 默认值=true)
    -StatefulSetAutoDeletePVC=true|false (ALPHA - 默认值=false)
    -StatefulSetStartOrdinal=true|false (ALPHA - 默认值=false)
    +StableLoadBalancerNodeSet=true|false (BETA - 默认值=true)
    +StatefulSetAutoDeletePVC=true|false (BETA - 默认值=true)
    +StatefulSetStartOrdinal=true|false (BETA - 默认值=true)
    StorageVersionAPI=true|false (ALPHA - 默认值=false)
    StorageVersionHash=true|false (BETA - 默认值=true)
    TopologyAwareHints=true|false (BETA - 默认值=true)
    -TopologyManager=true|false (BETA - 默认值=true)
    TopologyManagerPolicyAlphaOptions=true|false (ALPHA - 默认值=false)
    TopologyManagerPolicyBetaOptions=true|false (BETA - 默认值=false)
    TopologyManagerPolicyOptions=true|false (ALPHA - 默认值=false)
    UserNamespacesStatelessPodsSupport=true|false (ALPHA - 默认值=false)
    ValidatingAdmissionPolicy=true|false (ALPHA - 默认值=false)
    VolumeCapacityPriority=true|false (ALPHA - 默认值=false)
    +WatchList=true|false (ALPHA - 默认值=false)
    WinDSR=true|false (ALPHA - 默认值=false)
    WinOverlay=true|false (BETA - 默认值=true)
    WindowsHostNetwork=true|false (ALPHA - 默认值=true) @@ -2214,6 +2240,18 @@ in addition 'Connection: close' response header is set in order to tear down the + +--shutdown-watch-termination-grace-period duration + + +

    + +此选项如果被设置了,则表示 API 服务器体面关闭服务器窗口内,等待活跃的监听请求耗尽的最长宽限期。 +

    + + --storage-backend string diff --git a/content/zh-cn/docs/reference/config-api/apiserver-audit.v1.md b/content/zh-cn/docs/reference/config-api/apiserver-audit.v1.md index 6d2fba5492f..f3a580defc7 100644 --- a/content/zh-cn/docs/reference/config-api/apiserver-audit.v1.md +++ b/content/zh-cn/docs/reference/config-api/apiserver-audit.v1.md @@ -101,7 +101,7 @@ Event 结构包含可出现在 API 审计日志中的所有信息。 user [必需]
    -authentication/v1.UserInfo +authentication/v1.UserInfo @@ -112,7 +112,7 @@ Event 结构包含可出现在 API 审计日志中的所有信息。 impersonatedUser
    -authentication/v1.UserInfo +authentication/v1.UserInfo @@ -187,7 +187,7 @@ Note: All but the last IP can be arbitrarily set by the client. responseStatus
    -meta/v1.Status +meta/v1.Status requestReceivedTimestamp
    -meta/v1.MicroTime +meta/v1.MicroTime @@ -248,7 +248,7 @@ at Response Level.--> stageTimestamp
    -meta/v1.MicroTime +meta/v1.MicroTime @@ -301,7 +301,7 @@ EventList 是审计事件(Event)的列表。 kind
    stringEventList metadata
    -meta/v1.ListMeta +meta/v1.ListMeta 列表结构元数据 @@ -343,7 +343,7 @@ Policy 定义的是审计日志的配置以及不同类型请求的日志记录 kind
    stringPolicy metadata
    -meta/v1.ObjectMeta +meta/v1.ObjectMeta @@ -428,7 +428,7 @@ PolicyList 是由审计策略(Policy)组成的列表。 kind
    stringPolicyList metadata
    -meta/v1.ListMeta +meta/v1.ListMeta 列表结构元数据。 diff --git a/content/zh-cn/docs/reference/config-api/client-authentication.v1.md b/content/zh-cn/docs/reference/config-api/client-authentication.v1.md index 3e338d18b21..af0eb45a16d 100644 --- a/content/zh-cn/docs/reference/config-api/client-authentication.v1.md +++ b/content/zh-cn/docs/reference/config-api/client-authentication.v1.md @@ -259,7 +259,7 @@ itself should at least be protected via file permissions. 字段描述 expirationTimestamp
    -meta/v1.Time +meta/v1.Time diff --git a/content/zh-cn/docs/reference/config-api/client-authentication.v1beta1.md b/content/zh-cn/docs/reference/config-api/client-authentication.v1beta1.md index 6c005e2c2b2..b3524fc2b3b 100644 --- a/content/zh-cn/docs/reference/config-api/client-authentication.v1beta1.md +++ b/content/zh-cn/docs/reference/config-api/client-authentication.v1beta1.md @@ -290,7 +290,7 @@ exec 插件本身至少应通过文件访问许可来实施保护。

    expirationTimestamp
    -meta/v1.Time +meta/v1.Time diff --git a/content/zh-cn/docs/reference/glossary/etcd.md b/content/zh-cn/docs/reference/glossary/etcd.md index 24498005e8a..34e410bfebd 100644 --- a/content/zh-cn/docs/reference/glossary/etcd.md +++ b/content/zh-cn/docs/reference/glossary/etcd.md @@ -35,7 +35,7 @@ tags: 如果你的 Kubernetes 集群使用 etcd 作为其后台数据库, 请确保你针对这些数据有一份 diff --git a/content/zh-cn/docs/reference/glossary/statefulset.md b/content/zh-cn/docs/reference/glossary/statefulset.md index e94318e78ae..de43a53988c 100644 --- a/content/zh-cn/docs/reference/glossary/statefulset.md +++ b/content/zh-cn/docs/reference/glossary/statefulset.md @@ -14,13 +14,12 @@ tags: --- 和 {{< glossary_tooltip text="Deployment" term_id="deployment" >}} 类似, diff --git a/content/zh-cn/docs/reference/issues-security/official-cve-feed.md b/content/zh-cn/docs/reference/issues-security/official-cve-feed.md index 76f373f627b..84673783bec 100644 --- a/content/zh-cn/docs/reference/issues-security/official-cve-feed.md +++ b/content/zh-cn/docs/reference/issues-security/official-cve-feed.md @@ -7,7 +7,7 @@ layout: cve-feed -{{< feature-state for_k8s_version="v1.25" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} 此订阅源会自动刷新,但从宣布 CVE 到可在此订阅源中找到对应的 CVE 会有一个明显却很小的延迟(几分钟到几小时)。 diff --git a/content/zh-cn/docs/reference/kubectl/conventions.md b/content/zh-cn/docs/reference/kubectl/conventions.md index 2f6cc0f1908..1f67fdb2823 100644 --- a/content/zh-cn/docs/reference/kubectl/conventions.md +++ b/content/zh-cn/docs/reference/kubectl/conventions.md @@ -46,16 +46,20 @@ For a stable output in a script: ## 子资源 {#subresources} -* 你可以将 `--subresource` alpha 标志用于 kubectl 命令,例如 `get`、`patch`、`edit` 和 `replace` +* 你可以将 `--subresource` Beta 标志用于 kubectl 命令,例如 `get`、`patch`、`edit` 和 `replace` 来获取和更新所有支持子资源的资源的子资源。目前,仅支持 `status` 和 `scale` 子资源。 + * 对于 `kubectl edit`,不支持 `scale` 子资源。如果将 `--subresource` 与 `kubectl edit` 一起使用, + 并指定 `scale` 作为子资源,则命令将会报错。 * 针对子资源的 API 协定与完整资源相同。在更新 `status` 子资源为一个新值时,请记住, 子资源可能是潜在的由控制器调和为不同的值。 diff --git a/content/zh-cn/docs/reference/kubectl/kubectl.md b/content/zh-cn/docs/reference/kubectl/kubectl.md index f0e608fdc7e..bf2cce0d371 100644 --- a/content/zh-cn/docs/reference/kubectl/kubectl.md +++ b/content/zh-cn/docs/reference/kubectl/kubectl.md @@ -528,6 +528,19 @@ Toggles whether calls to `kubectl explain` use the new OpenAPIv3 data source ava + +KUBECTL_ENABLE_CMD_SHADOW + + + + +当设置为 true 时,如果子命令不存在,外部插件可以用作内置命令的子命令。 +此功能处于 alpha 阶段,只能用于 create 命令(例如 kubectl create networkpolicy)。 + + + diff --git a/content/zh-cn/docs/reference/kubernetes-api/authentication-resources/self-subject-review-v1beta1.md b/content/zh-cn/docs/reference/kubernetes-api/authentication-resources/self-subject-review-v1beta1.md new file mode 100644 index 00000000000..fd3ce719886 --- /dev/null +++ b/content/zh-cn/docs/reference/kubernetes-api/authentication-resources/self-subject-review-v1beta1.md @@ -0,0 +1,181 @@ +--- +api_metadata: + apiVersion: "authentication.k8s.io/v1beta1" + import: "k8s.io/api/authentication/v1beta1" + kind: "SelfSubjectReview" +content_type: "api_reference" +description: "SelfSubjectReview 包含 kube-apiserver 所拥有的与发出此请求的用户有关的用户信息。" +title: "SelfSubjectReview v1beta1" +weight: 6 +--- + + +`apiVersion: authentication.k8s.io/v1beta1` + +`import "k8s.io/api/authentication/v1beta1"` + +## SelfSubjectReview {#SelfSubjectReview} + + +SelfSubjectReview 包含 kube-apiserver 所拥有的与发出此请求的用户有关的用户信息。 +使用伪装时,用户将收到被伪装用户的用户信息。 +如果使用伪装或请求头部进行身份验证,则所有额外的键都将被忽略大小写并以小写形式返回结果。 + +
    + +- **apiVersion**: authentication.k8s.io/v1beta1 + +- **kind**: SelfSubjectReview + +- **metadata** (}}">ObjectMeta) + + + 标准的对象元数据。更多信息: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + +- **status** (}}">SelfSubjectReviewStatus) + + + status 由服务器以用户属性进行填充。 + +## SelfSubjectReviewStatus {#SelfSubjectReviewStatus} + + +SelfSubjectReviewStatus 由 kube-apiserver 进行填充并发送回用户。 + +
    + +- **userInfo** (UserInfo) + + + 发出此请求的用户的用户属性。 + + + + **userInfo 包含实现 user.Info 接口所需的用户相关信息。** + + - **userInfo.extra** (map[string][]string) + + + + 由身份认证组件提供的所有附加信息。 + + - **userInfo.groups** ([]string) + + + + 此用户所属的用户组的名称。 + + - **userInfo.uid** (string) + + + + 跨时间标识此用户的唯一值。如果此用户被删除且另一个同名用户被添加,他们将具有不同的 UID。 + + - **userInfo.username** (string) + + + + 在所有活跃用户中标识此用户的名称。 + + +## 操作 {#Operations} + +
    + + +### `create` 创建 SelfSubjectReview + +#### HTTP 请求 + +POST /apis/authentication.k8s.io/v1beta1/selfsubjectreviews + + +#### 参数 + +- **body**: }}">SelfSubjectReview, 必需 + +- **dryRun** (**查询参数**): string + + }}">dryRun + +- **fieldManager** (**查询参数**): string + + }}">fieldManager + +- **fieldValidation** (**查询参数**): string + + }}">fieldValidation + +- **pretty** (**查询参数**): string + + }}">pretty + + +#### 响应 + +200 (}}">SelfSubjectReview): OK + +201 (}}">SelfSubjectReview): Created + +202 (}}">SelfSubjectReview): Accepted + +401: Unauthorized diff --git a/content/zh-cn/docs/reference/kubernetes-api/authorization-resources/self-subject-review-v1alpha1.md b/content/zh-cn/docs/reference/kubernetes-api/authorization-resources/self-subject-review-v1alpha1.md index ecf6c758650..b98fc96aa56 100644 --- a/content/zh-cn/docs/reference/kubernetes-api/authorization-resources/self-subject-review-v1alpha1.md +++ b/content/zh-cn/docs/reference/kubernetes-api/authorization-resources/self-subject-review-v1alpha1.md @@ -27,10 +27,11 @@ auto_generated: true ## SelfSubjectReview {#SelfSubjectReview} SelfSubjectReview 包含 kube-apiserver 所拥有的与发出此请求的用户有关的用户信息。 使用伪装时,用户将收到被伪装用户的用户信息。 +如果使用了伪装或请求头认证,任何额外的键将忽略其大小写并以小写形式返回。
    diff --git a/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1.md b/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1.md index a4fd99af85b..bdf887eb0cd 100644 --- a/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1.md +++ b/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1.md @@ -53,7 +53,7 @@ ClusterCIDR 表示启用 MultiCIDRRangeAllocator 时针对每个节点 Pod CIDR - **spec** (}}">ClusterCIDRSpec) spec 是 ClusterCIDR 的预期状态。更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status @@ -70,7 +70,7 @@ ClusterCIDRSpec 定义 ClusterCIDR 的预期状态。 - **perNodeHostBits** (int32),必需 @@ -83,7 +83,7 @@ ClusterCIDRSpec 定义 ClusterCIDR 的预期状态。 - **ipv4** (string) ipv4 以 CIDR 表示法定义 IPv4 IP 块(例如 “10.0.0.0/8”)。 @@ -92,7 +92,7 @@ ClusterCIDRSpec 定义 ClusterCIDR 的预期状态。 - **ipv6** (string) ipv6 以 CIDR 表示法定义 IPv6 IP 块(例如 “2001:db8::/64”)。 @@ -101,7 +101,7 @@ ClusterCIDRSpec 定义 ClusterCIDR 的预期状态。 - **nodeSelector** (NodeSelector) - **items** ([]}}">ClusterCIDR),必需 @@ -179,7 +179,11 @@ ClusterCIDRList 包含 ClusterCIDR 的列表。 ## 操作 {#Operations} @@ -233,16 +237,50 @@ GET /apis/networking.k8s.io/v1alpha1/clustercidrs #### 参数 @@ -278,6 +316,10 @@ GET /apis/networking.k8s.io/v1alpha1/clustercidrs }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**):boolean + + }}">sendInitialEvents + - **timeoutSeconds** (**查询参数**):integer }}">timeoutSeconds @@ -308,6 +350,7 @@ POST /apis/networking.k8s.io/v1alpha1/clustercidrs #### 参数 @@ -589,6 +673,10 @@ DELETE /apis/networking.k8s.io/v1alpha1/clustercidrs }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**):boolean + + }}">sendInitialEvents + - **timeoutSeconds** (**查询参数**):integer }}">timeoutSeconds diff --git a/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/lease-v1.md b/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/lease-v1.md index 03c44053d26..2ca911ff9b1 100644 --- a/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/lease-v1.md +++ b/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/lease-v1.md @@ -8,59 +8,56 @@ description: "Lease 定义了租约的概念。" title: "Lease" weight: 5 --- - `apiVersion: coordination.k8s.io/v1` `import "k8s.io/api/coordination/v1"` - ## Lease {#Lease} + Lease 定义了租约的概念。 +
    - **apiVersion**: coordination.k8s.io/v1 - - **kind**: Lease - - **metadata** (}}">ObjectMeta) - + --> 更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - **spec** (}}">LeaseSpec) - - Lease 规范。更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - - - + + spec 包含 Lease 的规约。更多信息: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status ## LeaseSpec {#LeaseSpec} -LeaseSpec 是一个 Lease 的规范。 +LeaseSpec 是一个 Lease 的规约。
    @@ -75,21 +72,6 @@ LeaseSpec 是一个 Lease 的规范。 - **holderIdentity** (string) holderIdentity contains the identity of the holder of a current lease. - -- **leaseDurationSeconds** (int32) - - leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime. - -- **leaseTransitions** (int32) - - leaseTransitions is the number of transitions of a lease between holders. - -- **renewTime** (MicroTime) - - renewTime is a time when the current holder of a lease has last updated the lease. - - - *MicroTime is version of Time with microsecond level precision.* --> - **acquireTime** (MicroTime) @@ -102,13 +84,29 @@ LeaseSpec 是一个 Lease 的规范。 holderIdentity 包含当前租约持有人的身份。 + +- **leaseDurationSeconds** (int32) + + leaseDurationSeconds 是租约候选人需要等待强制获取租约的持续时间。这是相对于上次观察到的 renewTime 的度量。 + +- **leaseTransitions** (int32) + + leaseTransitions 是租约持有人之间的转换次数。 - **renewTime** (MicroTime) @@ -117,9 +115,6 @@ LeaseSpec 是一个 Lease 的规范。 **MicroTime 是具有微秒级精度的时间版本。** - - - ## LeaseList {#LeaseList} - 标准列表元数据。更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + --> + 标准的列表元数据。更多信息: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - **items** ([]}}">Lease), required - - Items 是架构对象的列表。 - - + + items 是架构对象的列表。 ## 操作 {#operations} -
    - - - - -### `get` 读取指定的租赁 +### `get` 读取指定的 Lease #### HTTP 请求 @@ -185,19 +172,17 @@ GET /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} name of the Lease - - **namespace** (*in path*): string, required }}">namespace - - **pretty** (*in query*): string }}">pretty --> - **name** (**路径参数**): string, 必需 - Lease 名称 + Lease 名称。 - **namespace** (**路径参数**): string, 必需 @@ -232,99 +217,84 @@ GET /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases #### 参数 - - **namespace** (**路径参数**): string, 必需 }}">namespace - - **allowWatchBookmarks** (**查询参数**): boolean }}">allowWatchBookmarks - - **continue** (**查询参数**): string }}">continue - - **fieldSelector** (**查询参数**): string }}">fieldSelector - - **labelSelector** (**查询参数**): string }}">labelSelector - - **limit** (**查询参数**): integer }}">limit - - **pretty** (**查询参数**): string }}">pretty - - **resourceVersion** (**查询参数**): string }}">resourceVersion @@ -333,12 +303,14 @@ GET /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents - **timeoutSeconds** (**查询参数**): integer }}">timeoutSeconds - - **watch** (**查询参数**): boolean }}">watch @@ -366,84 +338,73 @@ GET /apis/coordination.k8s.io/v1/leases #### 参数 - - **allowWatchBookmarks** (**查询参数**): boolean }}">allowWatchBookmarks - - **continue** (**查询参数**): string }}">continue - - **fieldSelector** (**查询参数**): string }}">fieldSelector - - **labelSelector** (**查询参数**): string }}">labelSelector - - **limit** (**查询参数**): integer }}">limit - - **pretty** (**查询参数**): string }}">pretty @@ -456,27 +417,23 @@ GET /apis/coordination.k8s.io/v1/leases }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents - **timeoutSeconds** (**查询参数**): integer }}">timeoutSeconds - - **watch** (**查询参数**): boolean }}">watch #### 响应 - 200 (}}">LeaseList): OK 401: Unauthorized @@ -485,8 +442,6 @@ GET /apis/coordination.k8s.io/v1/leases ### `create` create a Lease #### HTTP Request - -POST /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases --> ### `create` 创建 Lease @@ -497,83 +452,57 @@ POST /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases #### 参数 - - **namespace** (**路径参数**): string, 必需 }}">namespace - - **body**: }}">Lease, 必需 - - - - **dryRun** (**查询参数**): string }}">dryRun - - **fieldManager** (**查询参数**): string }}">fieldManager - - **fieldValidation** (**查询参数**): string }}">fieldValidation - - **pretty** (**查询参数**): string }}">pretty #### 响应 - 200 (}}">Lease): OK 201 (}}">Lease): Created @@ -586,80 +515,62 @@ POST /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases ### `update` replace the specified Lease #### HTTP Request - -PUT /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} --> ### `update` 替换指定的 Lease #### HTTP 请求 PUT /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} + #### 参数 - - **name** (**路径参数**): string, 必需 - 租贷名称 - + Lease 的名称。 - **namespace** (**路径参数**): string, 必需 }}">namespace - - **body**: }}">Lease, 必需 - - - - **dryRun** (**查询参数**): string }}">dryRun - - **fieldManager** (**查询参数**): string }}">fieldManager - - **fieldValidation** (**查询参数**): string }}">fieldValidation @@ -670,17 +581,9 @@ PUT /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} #### 响应 - 200 (}}">Lease): OK 201 (}}">Lease): Created @@ -691,112 +594,83 @@ PUT /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} ### `patch` partially update the specified Lease #### HTTP Request - -PATCH /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} --> ### `patch` 部分更新指定的 Lease #### HTTP 请求 PATCH /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} + #### 参数 - - **name** (**路径参数**): string, 必需 - 租贷名称 - + Lease 的名称。 - **namespace** (**路径参数**): string, 必需 }}">namespace - - **body**: }}">Patch, 必需 - - - - **dryRun** (**查询参数**): string }}">dryRun - - **fieldManager** (**查询参数**): string }}">fieldManager - - **fieldValidation** (**查询参数**): string }}">fieldValidation - - **force** (**查询参数**): boolean }}">force - - **pretty** (**查询参数**): string }}">pretty #### 响应 - 200 (}}">Lease): OK 201 (}}">Lease): Created @@ -807,102 +681,75 @@ PATCH /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} ### `delete` delete a Lease #### HTTP Request - -DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} --> ### `delete` 删除一个 Lease #### HTTP 请求 DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} + #### 参数 - - **name** (**路径参数**): string, 必需 - 租贷的名称 - + Lease 的名称。 - **namespace** (**路径参数**): string, 必需 }}">namespace - - **body**: }}">DeleteOptions - - - - **dryRun** (**查询参数**): string }}">dryRun - - **gracePeriodSeconds** (**查询参数**): integer }}">gracePeriodSeconds - - **pretty** (**查询参数**): string }}">pretty - - **propagationPolicy** (**查询参数**): string }}">propagationPolicy #### 响应 - 200 (}}">Status): OK 202 (}}">Status): Accepted @@ -913,77 +760,65 @@ DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name} ### `deletecollection` delete collection of Lease #### HTTP Request - -DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases --> ### `deletecollection` 删除 Lease 收款 #### HTTP 请求 DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases + #### 参数 - - **namespace** (**路径参数**): string, 必需 }}">namespace - - **body**: }}">DeleteOptions - - - - **continue** (**查询参数**): string }}">continue - - **dryRun** (**查询参数**): string }}">dryRun - - **fieldSelector** (**查询参数**): string }}">fieldSelector - - **gracePeriodSeconds** (**查询参数**): integer }}">gracePeriodSeconds - - **labelSelector** (**查询参数**): string }}">labelSelector - - **limit** (**查询参数**): integer }}">limit - - **pretty** (**查询参数**): string }}">pretty - - **propagationPolicy** (**查询参数**): string }}">propagationPolicy - - **resourceVersion** (**查询参数**): string }}">resourceVersion - - **resourceVersionMatch** (**查询参数**): string }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents - **timeoutSeconds** (**查询参数**): integer @@ -1058,16 +882,9 @@ DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases #### 响应 - 200 (}}">Status): OK 401: Unauthorized - diff --git a/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/node-v1.md b/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/node-v1.md index 21b7a6c99bc..db12827b3e1 100644 --- a/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/node-v1.md +++ b/content/zh-cn/docs/reference/kubernetes-api/cluster-resources/node-v1.md @@ -8,7 +8,6 @@ description: "Node 是 Kubernetes 中的工作节点。" title: "Node" weight: 1 --- - - Node 是 Kubernetes 中的工作节点。 每个节点在缓存中(即在 etcd 中)都有一个唯一的标识符。 @@ -44,7 +42,6 @@ Node 是 Kubernetes 中的工作节点。 Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata --> - - **metadata** (}}">ObjectMeta) 标准的对象元数据。 @@ -55,7 +52,6 @@ Node 是 Kubernetes 中的工作节点。 Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status --> - - **spec** (}}">NodeSpec) spec 定义节点的行为。 @@ -66,7 +62,6 @@ Node 是 Kubernetes 中的工作节点。 Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status --> - - **status** (}}">NodeStatus) 此节点的最近观测状态。由系统填充。只读。 @@ -77,7 +72,6 @@ Node 是 Kubernetes 中的工作节点。 - NodeSpec 描述了创建节点时使用的属性。
    @@ -87,14 +81,12 @@ NodeSpec 描述了创建节点时使用的属性。 - 已弃用:以前用于为 DynamicKubeletConfig 功能指定节点配置的来源。此功能已删除。 - **NodeConfigSource 指定节点配置的来源。指定一个子字段(不包括元数据)必须为非空。此 API 自 1.22的版本起已被弃用** - **configSource.configMap** (ConfigMapNodeConfigSource) @@ -158,7 +150,8 @@ NodeSpec 描述了创建节点时使用的属性。 - **configSource.configMap.uid** (string) + UID is the metadata.UID of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status. + --> uid 是所引用的 ConfigMap 的 metadata.uid。 该字段在 Node.spec 中是禁止的,在 Node.status 中是必需的。 @@ -168,7 +161,6 @@ NodeSpec 描述了创建节点时使用的属性。 - 已弃用。并非所有 kubelet 都会设置此字段。 1.13 的版本之后会删除该字段。参见: https://issues.k8s.io/61966 @@ -177,7 +169,6 @@ NodeSpec 描述了创建节点时使用的属性。 - podCIDR 表示分配给节点的 Pod IP 范围。 - **podCIDRs** ([]string) @@ -185,7 +176,6 @@ NodeSpec 描述了创建节点时使用的属性。 - podCIDRs 表示分配给节点以供该节点上的 Pod 使用的 IP 范围。 如果指定了该字段,则第 0 个条目必须与 podCIDR 字段匹配。 对于 IPv4 和 IPv6,它最多可以包含 1 个值。 @@ -195,7 +185,6 @@ NodeSpec 描述了创建节点时使用的属性。 - 云提供商分配的节点ID,格式为:\://\ - **taints** ([]Taint) @@ -203,14 +192,12 @@ NodeSpec 描述了创建节点时使用的属性。 - 如果设置了,则为节点的污点。 - **此污点附加到的节点对任何不容忍污点的 Pod 都有 “影响”。** - Time 是 time.Time 的包装器,它支持对 YAML 和 JSON 的正确编组。 - time 包的许多工厂方法提供了包装器。 + **Time 是 time.Time 的包装器,它支持对 YAML 和 JSON 的正确编组。 + time 包的许多工厂方法提供了包装器。** - **taints.value** (string) @@ -272,7 +259,6 @@ NodeSpec 描述了创建节点时使用的属性。 - NodeStatus 是有关节点当前状态的信息。
    @@ -282,9 +268,8 @@ NodeStatus 是有关节点当前状态的信息。 - **补丁策略:根据 `type` 键执行合并操作** 节点可到达的地址列表。从云提供商处查询(如果有)。 @@ -294,11 +279,14 @@ NodeStatus 是有关节点当前状态的信息。 调用者应改为使用完全替换性质的补丁操作。 有关示例,请参见 https://pr.k8s.io/79391。 + 消费者应假设地址可以在节点的生命期内发生变化。 + 然而在一些例外情况下这是不可能的,例如在自身状态中继承 Node 地址的 Pod + 或 downward API (status.hostIP) 的消费者。 + - **NodeAddress 包含节点地址的信息。** - allocatable 表示节点的可用于调度的资源。默认为容量。 - **capacity** (map[string]}}">Quantity) @@ -334,7 +321,6 @@ NodeStatus 是有关节点当前状态的信息。 - capacity 代表一个节点的总资源。 更多信息: https://kubernetes.io/zh-cn/docs/concepts/storage/persistent-volumes/#capacity @@ -345,7 +331,6 @@ NodeStatus 是有关节点当前状态的信息。 Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition --> - **补丁策略:根据 `type` 键执行合并操作** conditions 是当前观测到的节点状况的数组。 @@ -355,7 +340,6 @@ NodeStatus 是有关节点当前状态的信息。 - **NodeCondition 包含节点状况的信息。** - 通过动态 Kubelet 配置功能分配给节点的配置状态。 - **NodeConfigStatus 描述了由 Node.spec.configSource 分配的配置的状态。** - **config.active** (NodeConfigSource) @@ -690,8 +672,8 @@ NodeStatus 是有关节点当前状态的信息。 - **config.lastKnownGood.configMap.namespace** (string), 必需 - namespace 是所引用的 ConfigMap 的 metadata.namespace。 - 此字段在所有情况下都是必需的。 + namespace 是所引用的 ConfigMap 的 metadata.namespace。 + 此字段在所有情况下都是必需的。 - **config.lastKnownGood.configMap.resourceVersion** (string) @@ -716,14 +698,12 @@ NodeStatus 是有关节点当前状态的信息。 - 在节点上运行的守护进程的端点。 - **NodeDaemonEndpoints 列出了节点上运行的守护进程打开的端口。** - **daemonEndpoints.kubeletEndpoint** (DaemonEndpoint) @@ -756,14 +736,12 @@ NodeStatus 是有关节点当前状态的信息。 - 该节点上的容器镜像列表。 - **描述一个容器镜像** - **images.names** ([]string) @@ -788,7 +766,6 @@ NodeStatus 是有关节点当前状态的信息。 - 用于唯一标识节点的 ids/uuids 集。 更多信息: https://kubernetes.io/zh-cn/docs/concepts/architecture/nodes/#info @@ -796,7 +773,6 @@ NodeStatus 是有关节点当前状态的信息。 - **NodeSystemInfo 是一组用于唯一标识节点的 ids/uuids。** - NodePhase 是最近观测到的节点的生命周期阶段。 更多信息: https://kubernetes.io/zh-cn/docs/concepts/architecture/nodes/#phase @@ -919,14 +894,12 @@ NodeStatus 是有关节点当前状态的信息。 - 附加到节点的卷的列表。 - **AttachedVolume 描述附加到节点的卷** - 节点正在使用(安装)的可附加卷的列表。 ## NodeList {#NodeList} @@ -962,7 +934,6 @@ NodeStatus 是有关节点当前状态的信息。 - NodeList 是已注册到 master 的所有节点的完整列表。
    @@ -976,7 +947,6 @@ NodeList 是已注册到 master 的所有节点的完整列表。 - 标准的列表元数据。 更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds @@ -985,7 +955,6 @@ NodeList 是已注册到 master 的所有节点的完整列表。 List of nodes --> - - **items** ([]}}">Node), 必需 节点的列表。 @@ -998,7 +967,6 @@ NodeList 是已注册到 master 的所有节点的完整列表。 GET /api/v1/nodes/{name} #### Parameters --> - ## 操作 {#Operations}
    @@ -1017,7 +985,6 @@ GET /api/v1/nodes/{name} - **pretty** (*in query*): string #### Response --> - - **name** (**路径参数**): string, 必需 节点的名称。 @@ -1038,7 +1005,6 @@ GET /api/v1/nodes/{name} GET /api/v1/nodes/{name}/status #### Parameters --> - ### `get` 读取指定节点的状态 #### HTTP 请求 @@ -1053,7 +1019,6 @@ GET /api/v1/nodes/{name}/status - **pretty** (*in query*): string #### Response --> - - **name** (**路径参数**): string, 必需 节点的名称。 @@ -1074,28 +1039,60 @@ GET /api/v1/nodes/{name}/status GET /api/v1/nodes #### Parameters --> - ### `list` 列出或监视节点类型的对象 #### HTTP 请求 GET /api/v1/nodes -#### 参数 - +#### 参数 - **allowWatchBookmarks** (**查询参数**): boolean @@ -1129,6 +1126,10 @@ GET /api/v1/nodes }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents + - **timeoutSeconds** (**查询参数**): integer }}">timeoutSeconds @@ -1137,6 +1138,9 @@ GET /api/v1/nodes }}">watch + #### 响应 200 (}}">NodeList): OK @@ -1149,7 +1153,6 @@ GET /api/v1/nodes POST /api/v1/nodes #### Parameters --> - ### `create` 创建一个节点 #### HTTP 请求 @@ -1166,7 +1169,6 @@ POST /api/v1/nodes - **pretty** (*in query*): string #### Response --> - - **body**: }}">Node, 必需 - **dryRun** (**查询参数**): string @@ -1201,7 +1203,6 @@ POST /api/v1/nodes PUT /api/v1/nodes/{name} #### Parameters --> - ### `update` 替换指定节点 #### HTTP 请求 @@ -1220,7 +1221,6 @@ PUT /api/v1/nodes/{name} - **pretty** (*in query*): string #### Response --> - - **name** (**路径参数**): string, 必需 节点的名称。 @@ -1260,7 +1260,6 @@ PUT /api/v1/nodes/{name}/status #### Parameters --> - ### `update` 替换指定节点的状态 #### HTTP 请求 @@ -1279,7 +1278,6 @@ PUT /api/v1/nodes/{name}/status - **pretty** (*in query*): string #### Response --> - - **name** (**路径参数**): string, 必需 节点的名称。 @@ -1316,7 +1314,6 @@ PUT /api/v1/nodes/{name}/status PATCH /api/v1/nodes/{name} #### Parameters --> - ### `patch` 部分更新指定节点 #### HTTP 请求 @@ -1336,7 +1333,6 @@ PATCH /api/v1/nodes/{name} - **pretty** (*in query*): string #### Response --> - - **name** (**路径参数**): string, 必需 节点的名称。 @@ -1377,7 +1373,6 @@ PATCH /api/v1/nodes/{name} PATCH /api/v1/nodes/{name}/status #### Parameters --> - ### `patch` 部分更新指定节点的状态 #### HTTP 请求 @@ -1397,7 +1392,6 @@ PATCH /api/v1/nodes/{name}/status - **pretty** (*in query*): string #### Response --> - - **name** (**路径参数**): string, 必需 节点的名称。 @@ -1438,7 +1432,6 @@ PATCH /api/v1/nodes/{name}/status DELETE /api/v1/nodes/{name} #### Parameters --> - ### `delete` 删除一个节点 #### HTTP 请求 @@ -1457,7 +1450,6 @@ DELETE /api/v1/nodes/{name} - **propagationPolicy** (*in query*): string #### Response --> - - **name** (**路径参数**): string, 必需 节点的名称。 @@ -1490,36 +1482,68 @@ DELETE /api/v1/nodes/{name} +#### HTTP Request +--> ### `deletecollection` 删除节点的集合 #### HTTP 请求 DELETE /api/v1/nodes -#### 参数 + + }}">continue + +- **dryRun** (*in query*): string + + }}">dryRun + +- **fieldSelector** (*in query*): string + + }}">fieldSelector + +- **gracePeriodSeconds** (*in query*): integer + + }}">gracePeriodSeconds + +- **labelSelector** (*in query*): string + + }}">labelSelector + +- **limit** (*in query*): integer + + }}">limit + +- **pretty** (*in query*): string + + }}">pretty + +- **propagationPolicy** (*in query*): string + + }}">propagationPolicy + +- **resourceVersion** (*in query*): string + + }}">resourceVersion + +- **resourceVersionMatch** (*in query*): string + + }}">resourceVersionMatch + +- **sendInitialEvents** (*in query*): boolean + + }}">sendInitialEvents + +- **timeoutSeconds** (*in query*): integer + + }}">timeoutSeconds +--> - **continue** (**查询参数**): string }}">continue @@ -1560,12 +1584,19 @@ DELETE /api/v1/nodes }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents + - **timeoutSeconds** (**查询参数**): integer }}">timeoutSeconds + #### 响应 200 (}}">Status): OK -401: Unauthorized \ No newline at end of file +401: Unauthorized diff --git a/content/zh-cn/docs/reference/kubernetes-api/common-definitions/status.md b/content/zh-cn/docs/reference/kubernetes-api/common-definitions/status.md index 0d3a6de1b6f..3b1a2be574e 100644 --- a/content/zh-cn/docs/reference/kubernetes-api/common-definitions/status.md +++ b/content/zh-cn/docs/reference/kubernetes-api/common-definitions/status.md @@ -158,10 +158,10 @@ guide. You can file document formatting bugs against the 资源的 UID(当有单个可以描述的资源时)。 - 更多信息: http://kubernetes.io/docs/user-guide/identifiers#uids + 更多信息: https://kubernetes.io/zh-cn/docs/concepts/overview/working-with-objects/names#uids - **kind** (string) diff --git a/content/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1.md b/content/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1.md index c6cac3bbdf7..568f0736160 100644 --- a/content/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1.md +++ b/content/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1.md @@ -41,10 +41,12 @@ CSIDriver 对象未划分命名空间。 - **metadata** (}}">ObjectMeta) @@ -58,7 +60,7 @@ CSIDriver 对象未划分命名空间。 - **spec** (}}">CSIDriverSpec),必需 - CSI 驱动的规约。 + spec 表示 CSI 驱动的规约。 ## CSIDriverSpec {#CSIDriverSpec} @@ -89,7 +91,8 @@ CSIDriverSpec 是 CSIDriver 的规约。 - **fsGroupPolicy** (string) - 定义底层卷是否支持在挂载之前更改卷的所有权和权限。 + fsGroupPolicy 定义底层卷是否支持在挂载之前更改卷的所有权和权限。 有关更多详细信息,请参考特定的 FSGroupPolicy 值。 此字段不可变更。 @@ -107,28 +110,38 @@ CSIDriverSpec 是 CSIDriver 的规约。 - **podInfoOnMount** (boolean) + + 如果 podInfoOnMount 设为 true,则表示在挂载操作期间这个 CSI 卷驱动需要更多的 + Pod 信息(例如 podName 和 podUID 等)。 + 如果设为 false,则挂载时将不传递 Pod 信息。默认为 false。 - 如果设为 true,则 podInfoOnMount 表示在挂载操作期间这个 CSI 卷需要更多的 Pod 信息(例如 podName 和 podUID 等)。 - 如果设为 false,则挂载时将不传递 Pod 信息。 - 默认为 false。 + CSI 驱动将 podInfoOnMount 指定为驱动部署的一部分。 如果为 true,Kubelet 将在 CSI NodePublishVolume() 调用中作为 VolumeContext 传递 Pod 信息。 CSI 驱动负责解析和校验作为 VolumeContext 传递进来的信息。 + 如果 podInfoOnMount 设为 true,将传递以下 VolumeConext。 此列表可能变大,但将使用前缀。 + - "csi.storage.k8s.io/pod.name": pod.name - "csi.storage.k8s.io/pod.namespace": pod.namespace - "csi.storage.k8s.io/pod.uid": string(pod.UID) - "csi.storage.k8s.io/ephemeral": 如果此卷是 CSIVolumeSource 定义的一个临时内联卷,则为 “true”,否则为 “false” + + “csi.storage.k8s.io/ephemeral” 是 Kubernetes 1.16 中一个新的功能特性。 只有同时支持 “Persistent” 和 “Ephemeral” VolumeLifecycleMode 的驱动,此字段才是必需的。 其他驱动可以保持禁用 Pod 信息或忽略此字段。 @@ -139,7 +152,8 @@ CSIDriverSpec 是 CSIDriver 的规约。 @@ -155,7 +169,7 @@ CSIDriverSpec 是 CSIDriver 的规约。 @@ -178,9 +192,11 @@ CSIDriverSpec 是 CSIDriver 的规约。 这通常用于代表更大共享文件系统的子目录的卷。 默认为 “false”。 + - **tokenRequests** ([]TokenRequest) @@ -230,21 +249,27 @@ CSIDriverSpec 是 CSIDriver 的规约。 } ``` + 注:每个 tokenRequest 中的受众应该不同,且最多有一个令牌是空字符串。 要在令牌过期后接收一个新的令牌,requiresRepublish 可用于周期性地触发 NodePublishVolume。 **tokenRequest 包含一个服务帐户令牌的参数。** - + expirationSeconds is the duration of validity of the token in "TokenRequestSpec". It has the same default value of "ExpirationSeconds" in "TokenRequestSpec". + --> - **tokenRequests.audience** (string),必需 audience 是 “TokenRequestSpec” 中令牌的目标受众。 @@ -260,9 +285,7 @@ CSIDriverSpec 是 CSIDriver 的规约。 *Set: unique values will be kept during a merge* - volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is "Persistent", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism. The other mode is "Ephemeral". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume. For more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future. This field is beta. - - This field is immutable. + volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is "Persistent", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism. --> - **volumeLifecycleModes** ([]string) @@ -271,15 +294,23 @@ CSIDriverSpec 是 CSIDriver 的规约。 volumeLifecycleModes 定义这个 CSI 卷驱动支持哪种类别的卷。 如果列表为空,则默认值为 “Persistent”,这是 CSI 规范定义的用法, 并通过常用的 PV/PVC 机制在 Kubernetes 中实现。 + + 另一种模式是 “Ephemeral”。 在这种模式下,在 Pod 规约中用 CSIVolumeSource 以内联方式定义卷,其生命周期与该 Pod 的生命周期相关联。 驱动必须感知到这一点,因为只有针对这种卷才会接收到 NodePublishVolume 调用。 + 有关实现此模式的更多信息,请参阅 https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html。 驱动可以支持其中一种或多种模式,将来可能会添加更多模式。 - 此字段处于 Beta 阶段。 - 此字段不可变更。 + 此字段处于 Beta 阶段。此字段不可变更。 ## CSIDriverList {#CSIDriverList} @@ -344,7 +375,7 @@ GET /apis/storage.k8s.io/v1/csidrivers/{name} - **name** (**路径参数**): string,必需 - CSIDriver 的名称 + CSIDriver 的名称。 - **pretty** (**查询参数**): string @@ -372,16 +403,50 @@ GET /apis/storage.k8s.io/v1/csidrivers #### 参数 @@ -417,6 +482,10 @@ GET /apis/storage.k8s.io/v1/csidrivers }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents + - **timeoutSeconds** (**查询参数**): integer }}">timeoutSeconds @@ -511,7 +580,7 @@ PUT /apis/storage.k8s.io/v1/csidrivers/{name} - **name** (**路径参数**): string,必需 - CSIDriver 的名称 + CSIDriver 的名称。 - **body**: }}">CSIDriver,必需 @@ -568,7 +637,7 @@ PATCH /apis/storage.k8s.io/v1/csidrivers/{name} - **name** (**路径参数**): string,必需 - CSIDriver 的名称 + CSIDriver 的名称。 - **body**: }}">Patch,必需 @@ -628,7 +697,7 @@ DELETE /apis/storage.k8s.io/v1/csidrivers/{name} - **name** (**路径参数**): string,必需 - CSIDriver 的名称 + CSIDriver 的名称。 - **body**: }}">DeleteOptions @@ -672,18 +741,56 @@ DELETE /apis/storage.k8s.io/v1/csidrivers #### 参数 @@ -729,6 +836,10 @@ DELETE /apis/storage.k8s.io/v1/csidrivers }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents + - **timeoutSeconds** (**查询参数**): integer }}">timeoutSeconds diff --git a/content/zh-cn/docs/reference/kubernetes-api/workload-resources/job-v1.md b/content/zh-cn/docs/reference/kubernetes-api/workload-resources/job-v1.md index 03ba7fc8292..c847b050409 100644 --- a/content/zh-cn/docs/reference/kubernetes-api/workload-resources/job-v1.md +++ b/content/zh-cn/docs/reference/kubernetes-api/workload-resources/job-v1.md @@ -8,7 +8,6 @@ description: "Job 表示单个任务的配置。" title: "Job" weight: 9 --- - - **metadata** (}}">ObjectMeta) - 标准的对象元数据。更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + 标准的对象元数据。更多信息: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - **spec** (}}">JobSpec) - 任务的预期行为的规约。更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + 任务的预期行为的规约。更多信息: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - **status** (}}">JobStatus) - 任务的当前状态。更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - + 任务的当前状态。更多信息: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status ## JobSpec {#JobSpec} @@ -80,7 +81,7 @@ JobSpec 描述了任务执行的情况。 - **template** (}}">PodTemplateSpec), 必需 - 描述执行任务时将创建的 Pod。更多信息: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ + 描述执行任务时将创建的 Pod。template.spec.restartPolicy 可以取的值只能是 + "Never" 或 "OnFailure"。更多信息: + https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ - **parallelism** (int32) 指定任务应在任何给定时刻预期运行的 Pod 个数上限。 当(.spec.completions - .status.successful) \< .spec.parallelism 时, 即当剩余的工作小于最大并行度时,在稳定状态下运行的 Pod 的实际数量将小于此数量。 - 更多信息: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ + 更多信息: + https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ ### Lifecycle - **completions** (int32) - 指定任务应该运行并预期成功完成的 Pod 个数。设置为 nil 意味着任何 Pod 的成功都标识着所有 Pod 的成功, + 指定任务应该运行并预期成功完成的 Pod 个数。设置为空意味着任何 Pod 的成功都标识着所有 Pod 的成功, 并允许 parallelism 设置为任何正值。设置为 1 意味着并行性被限制为 1,并且该 Pod 的成功标志着任务的成功。更多信息: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ - **completionMode** (string) - completionMode 指定如何跟踪 Pod 完成情况。它可以是 `NonIndexed` (默认) 或者 `Indexed`。 + completionMode 指定如何跟踪 Pod 完成情况。它可以是 `NonIndexed`(默认)或者 `Indexed`。 `NonIndexed` 表示当有 `.spec.completions` 个成功完成的 Pod 时,认为 Job 完成。每个 Pod 完成都是彼此同源的。 @@ -175,7 +179,7 @@ JobSpec 描述了任务执行的情况。 - **suspend** (boolean) @@ -205,9 +209,9 @@ JobSpec 描述了任务执行的情况。 manualSelector 控制 Pod 标签和 Pod 选择器的生成。除非你确定你在做什么,否则不要设置 `manualSelector`。 当此字段为 false 或未设置时,系统会选择此 Pod 唯一的标签并将这些标签附加到 Pod 模板。 当此字段为 true 时,用户负责选择唯一标签并指定选择器。 - 未能选择唯一标签可能会导致此任务和其他任务无法正常运行。 - 但是,你可能会在使用旧的 `extensions/v1beta1` API 创建的任务中看到 `manualSelector=true`。 - 更多信息: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector + 未能选择唯一标签可能会导致此任务和其他任务无法正常运行。但是,你可能会在使用旧的 `extensions/v1beta1` API + 创建的任务中看到 `manualSelector=true`。更多信息: + https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector -### Alpha 级别 +### Alpha 级别 {#alpha-level} - **podFailurePolicy** (PodFailurePolicy) @@ -254,12 +258,12 @@ JobSpec 描述了任务执行的情况。 **PodFailurePolicyRule 描述当满足要求时如何处理一个 Pod 失效。 - 在每个规则中可以使用 OnExitCodes 和 onPodConditions 之一,但不能同时使用二者。** + 在每个规则中可以使用 onExitCodes 和 onPodConditions 之一,但不能同时使用二者。** - **completedIndexes** (string) @@ -516,11 +522,11 @@ JobStatus 表示 Job 的当前状态。 - **conditions.status** (string), 必需 - 状况的状态,True、False、Unknown 之一。 + 状况的状态:True、False、Unknown 之一。 - **conditions.type** (string), 必需 - 任务状况的类型,Completed 或 Failed。 + 任务状况的类型:Completed 或 Failed。 - **conditions.lastProbeTime** (Time) @@ -531,6 +537,7 @@ JobStatus 表示 Job 的当前状态。 *Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.* --> + **Time 是对 time.Time 的封装,支持正确编码为 YAML 和 JSON。我们为 time 包提供的许多工厂方法提供了封装器。** + **Time 是 time.Time 的包装器,支持正确编码为 YAML 和 JSON。time 包提供的许多工厂方法都提供了包装器。** - - **uncountedTerminatedPods** (UncountedTerminatedPods) UncountedTerminatedPods 保存已终止但尚未被任务控制器纳入状态计数器中的 Pod 的 UID 的集合。 任务控制器所创建 Pod 带有终结器。当 Pod 终止(成功或失败)时,控制器将执行三个步骤以在任务状态中对其进行说明: - (1)将 Pod UID 添加到此字段的列表中。(2)去掉 Pod 中的终结器。(3)从数组中删除 Pod UID,同时为相应的计数器加一。 + + 1. 将 Pod UID 添加到此字段的列表中。 + 2. 去掉 Pod 中的终结器。 + 3. 从数组中删除 Pod UID,同时为相应的计数器加一。 - **uncountedTerminatedPods.failed** ([]string) @@ -613,8 +625,8 @@ JobStatus 表示 Job 的当前状态。 - **uncountedTerminatedPods.succeeded** ([]string) *Set: unique values will be kept during a merge* - - Succeeded holds UIDs of succeeded Pods. + + succeeded holds UIDs of succeeded Pods. --> - **uncountedTerminatedPods.succeeded** ([]string) @@ -626,7 +638,7 @@ JobStatus 表示 Job 的当前状态。 -### Beta 级别 +### Beta 级别 {#beta-level} - - **ready** (int32) 状况为 Ready 的 Pod 数量。 @@ -667,7 +678,8 @@ JobList 是 Job 的集合。 - **metadata** (}}">ListMeta) - 标准列表元数据。更多信息: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + 标准列表元数据。更多信息: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - **items** ([]}}">Job), required @@ -676,7 +688,6 @@ JobList 是 Job 的集合。 - ## 操作 {#Operations}
    @@ -824,7 +835,6 @@ GET /apis/batch/v1/namespaces/{namespace}/jobs }}">continue --> - - **allowWatchBookmarks** (**查询参数**): boolean }}">allowWatchBookmarks @@ -842,7 +852,6 @@ GET /apis/batch/v1/namespaces/{namespace}/jobs }}">labelSelector --> - - **fieldSelector** (**查询参数**): string }}">fieldSelector @@ -860,7 +869,6 @@ GET /apis/batch/v1/namespaces/{namespace}/jobs }}">pretty --> - - **limit** (**查询参数**): integer }}">limit @@ -878,7 +886,6 @@ GET /apis/batch/v1/namespaces/{namespace}/jobs }}">resourceVersionMatch --> - - **resourceVersion** (**查询参数**): string }}">resourceVersion @@ -888,6 +895,10 @@ GET /apis/batch/v1/namespaces/{namespace}/jobs }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents - **timeoutSeconds** (**查询参数**): integer @@ -943,7 +957,6 @@ GET /apis/batch/v1/jobs }}">continue --> - - **allowWatchBookmarks** (**查询参数**): boolean }}">allowWatchBookmarks @@ -961,7 +974,6 @@ GET /apis/batch/v1/jobs }}">labelSelector --> - - **fieldSelector** (**查询参数**): string }}">fieldSelector @@ -979,7 +991,6 @@ GET /apis/batch/v1/jobs }}">pretty --> - - **limit** (**查询参数**): integer }}">limit @@ -997,7 +1008,6 @@ GET /apis/batch/v1/jobs }}">resourceVersionMatch --> - - **resourceVersion** (**查询参数**): string }}">resourceVersion @@ -1007,6 +1017,10 @@ GET /apis/batch/v1/jobs }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents - **timeoutSeconds** (**查询参数**): integer @@ -1074,7 +1091,6 @@ POST /apis/batch/v1/namespaces/{namespace}/jobs }}">fieldManager --> - - **dryRun** (**查询参数**): string }}">dryRun @@ -1092,7 +1108,6 @@ POST /apis/batch/v1/namespaces/{namespace}/jobs }}">pretty --> - - **fieldValidation** (**查询参数**): string }}">fieldValidation @@ -1149,7 +1164,6 @@ PUT /apis/batch/v1/namespaces/{namespace}/jobs/{name} - **body**: }}">Job, required --> - - **name** (**路径参数**): string, 必需 Job 的名称。 @@ -1169,7 +1183,6 @@ PUT /apis/batch/v1/namespaces/{namespace}/jobs/{name} }}">fieldManager --> - - **dryRun** (**查询参数**): string }}">dryRun @@ -1187,7 +1200,6 @@ PUT /apis/batch/v1/namespaces/{namespace}/jobs/{name} }}">pretty --> - - **fieldValidation** (**查询参数**): string }}">fieldValidation @@ -1240,7 +1252,6 @@ PUT /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status - **body**: }}">Job, required --> - - **name** (**路径参数**): string, 必需 Job 的名称。 @@ -1260,7 +1271,6 @@ PUT /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status }}">fieldManager --> - - **dryRun** (**查询参数**): string }}">dryRun @@ -1278,7 +1288,6 @@ PUT /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status }}">pretty --> - - **fieldValidation** (**查询参数**): string }}">fieldValidation @@ -1350,7 +1359,6 @@ PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name} }}">fieldManager --> - - **dryRun** (**查询参数**): string }}">dryRun @@ -1368,7 +1376,6 @@ PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name} }}">force --> - - **fieldValidation** (**查询参数**): string }}">fieldValidation @@ -1382,7 +1389,6 @@ PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name} }}">pretty --> - - **pretty** (**查询参数**): string }}">pretty @@ -1431,7 +1437,6 @@ PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status - **body**: }}">Patch, required --> - - **name** (**路径参数**): string, 必需 Job 的名称。 @@ -1451,7 +1456,6 @@ PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status }}">fieldManager --> - - **dryRun** (**查询参数**): string }}">dryRun @@ -1469,7 +1473,6 @@ PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status }}">force --> - - **fieldValidation** (**查询参数**): string }}">fieldValidation @@ -1483,7 +1486,6 @@ PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status }}">pretty --> - - **pretty** (**查询参数**): string }}">pretty @@ -1546,7 +1548,6 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs/{name} }}">gracePeriodSeconds --> - - **dryRun** (**查询参数**): string }}">dryRun @@ -1564,7 +1565,6 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs/{name} }}">propagationPolicy --> - - **pretty** (**查询参数**): string }}">pretty @@ -1623,7 +1623,6 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs }}">dryRun --> - - **continue** (**查询参数**): string }}">continue @@ -1641,7 +1640,6 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs }}">gracePeriodSeconds --> - - **fieldSelector** (**查询参数**): string }}">fieldSelector @@ -1659,7 +1657,6 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs }}">limit --> - - **labelSelector** (**查询参数**): string }}">labelSelector @@ -1677,7 +1674,6 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs }}">propagationPolicy --> - - **pretty** (**查询参数**): string }}">pretty @@ -1695,7 +1691,6 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs }}">resourceVersionMatch --> - - **resourceVersion** (**查询参数**): string }}">resourceVersion @@ -1705,10 +1700,17 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs }}">resourceVersionMatch +- **sendInitialEvents** (**查询参数**): boolean + + }}">sendInitialEvents - **timeoutSeconds** (**查询参数**): integer @@ -1726,4 +1728,3 @@ DELETE /apis/batch/v1/namespaces/{namespace}/jobs 200 (}}">Status): OK 401: Unauthorized - diff --git a/content/zh-cn/docs/reference/networking/virtual-ips.md b/content/zh-cn/docs/reference/networking/virtual-ips.md index 6a3b47c44fe..14d8ddf2e6e 100644 --- a/content/zh-cn/docs/reference/networking/virtual-ips.md +++ b/content/zh-cn/docs/reference/networking/virtual-ips.md @@ -252,6 +252,44 @@ iptables: ... ``` + +##### 对 `iptables` 模式的性能优化 {#minimize-iptables-restore} + +{{< feature-state for_k8s_version="v1.27" state="beta" >}} + + +在 Kubernetes {{< skew currentVersion >}} 中,kube-proxy 默认采用最小方式进行 `iptables-restore` 操作, +仅在 Service 或 EndpointSlice 实际发生变化的地方进行更新。这是一个性能优化。 +最初的实现在每次同步时都会更新所有服务的所有规则;这有时会导致大型集群出现性能问题(更新延迟)。 + + +如果你运行的不是 Kubernetes {{< skew currentVersion >}} 版本的 kube-proxy, +请检查你实际运行的版本的行为和相关建议。 + + +如果你之前覆盖了 `minSyncPeriod`,你应该尝试删除该覆盖并让 kube-proxy 使用默认值(`1s`)或至少比升级前使用的值小。 +你可以通过禁用 `MinimizeIPTablesRestore` +[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)来选择执行旧的行为 +(你应该不需要)。 + ##### `minSyncPeriod` `minSyncPeriod` 的值越大,可以聚合的工作越多, 但缺点是每个独立的变更可能最终要等待整个 `minSyncPeriod` 周期后才能被处理, -这意味着 iptables 规则要用更多时间才能与当前的 apiserver 状态同步。 +这意味着 iptables 规则要用更多时间才能与当前的 API 服务器状态同步。 -默认值 `1s` 对于中小型集群是一个很好的折衷方案。 +默认值 `1s` 适用于大多数集群, 在大型集群中,可能需要将其设置为更大的值。 (特别是,如果 kube-proxy 的 `sync_proxy_rules_duration_seconds` 指标表明平均时间远大于 1 秒, 那么提高 `minSyncPeriod` 可能会使更新更有效率。) @@ -311,13 +348,13 @@ make updates more efficient.) -`syncPeriod` 参数控制与单次 Service 和 Endpoint 的变更没有直接关系的少数同步操作。 +`syncPeriod` 参数控制与单次 Service 和 EndpointSlice 的变更没有直接关系的少数同步操作。 特别是,它控制 kube-proxy 在外部组件已干涉 kube-proxy 的 iptables 规则时通知的速度。 在大型集群中,kube-proxy 也仅在每隔 `syncPeriod` 时长执行某些清理操作,以避免不必要的工作。 @@ -331,47 +368,6 @@ and is likely to hurt functionality more than it improves performance. 但在过去,有时将其设置为非常大的值(例如 `1h`)很有用。 现在不再推荐这种做法,因为它对功能的破坏可能会超过对性能的改进。 - -##### 实验性的性能改进 {#minimize-iptables-restore} - -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} - - -在 Kubernetes 1.26 中,社区对 iptables 代理模式进行了一些新的性能改进, -但默认未启用(并且可能还不应该在生产集群中启用)。要试用它们, -请使用 `--feature-gates=MinimizeIPTablesRestore=true,…` 为 kube-proxy 启用 `MinimizeIPTablesRestore` -[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)。 - - -如果你启用该特性门控并且之前覆盖了 `minSyncPeriod`, -你应该尝试移除该覆盖并让 kube-proxy 使用默认值 (`1s`) 或至少使用比之前更小的值。 - - -如果你注意到 kube-proxy 的 `sync_proxy_rules_iptables_restore_failures_total` 或 -`sync_proxy_rules_iptables_partial_restore_failures_total` 指标在启用此特性后升高, -这可能表明你发现了该特性的错误,你应该提交错误报告。 - @@ -521,31 +517,35 @@ populated in terms of the Service's virtual IP address (and port). One of the primary philosophies of Kubernetes is that you should not be exposed to situations that could cause your actions to fail through no fault of your own. For the design of the Service resource, this means not making -you choose your own port number if that choice might collide with +you choose your own IP address if that choice might collide with someone else's choice. That is an isolation failure. --> Kubernetes 的主要哲学之一是, 你不应需要在完全不是你的问题的情况下面对可能导致你的操作失败的情形。 对于 Service 资源的设计,也就是如果你选择的端口号可能与其他人的选择冲突, -就不应该让你自己选择端口号。这是一种失败隔离。 +就不应该让你自己选择 IP 地址。这是一种失败隔离。 -为了允许你为 Service 选择端口号,我们必须确保没有任何两个 Service 会发生冲突。 +为了允许你为 Service 选择 IP 地址,我们必须确保没有任何两个 Service 会发生冲突。 Kubernetes 通过从为 {{< glossary_tooltip text="API 服务器" term_id="kube-apiserver" >}} 配置的 `service-cluster-ip-range` CIDR 范围内为每个 Service 分配自己的 IP 地址来实现这一点。 +#### IP 地址分配追踪 + 为了确保每个 Service 都获得唯一的 IP,内部分配器在创建每个 Service 之前更新 {{< glossary_tooltip term_id="etcd" >}} 中的全局分配映射,这种更新操作具有原子性。 映射对象必须存在于数据库中,这样 Service 才能获得 IP 地址分配, @@ -562,6 +562,61 @@ IP addresses that are no longer used by any Services. Kubernetes 还使用控制器来检查无效的分配(例如,因管理员干预而导致无效分配) 以及清理已分配但没有 Service 使用的 IP 地址。 +{{< feature-state for_k8s_version="v1.27" state="alpha" >}} + +如果你启用 `MultiCIDRServiceAllocator` [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gate/) +和 [`networking.k8s.io/v1alpha1` API 组](/zh-cn/docs/tasks/administer-cluster/enable-disable-api/), +控制平面将用一个新的分配器替换现有的 etcd 分配器,使用 IPAddress 对象而不是内部的全局分配映射。 +与每个 Service 关联的 ClusterIP 地址将有一个对应的 IPAddress 对象。 + + +后台控制器也被一个新的控制器取代,来处理新的 IPAddress 对象和从旧的分配器模型的迁移。 + + +新分配器的主要好处之一是它取消了对 `service-cluster-ip-range` 的大小限制,对 IPv4 没有大小限制, +对于 IPv6 用户可以使用等于或大于 /64 的掩码(以前是 /108)。 + + +用户现在能够检查分配给他们的 Service 的 IP 地址,Kubernetes 扩展, +如 [Gateway](https://gateway-api.sigs.k8s.io/) API +可以使用这个新的 IPAddress 对象类别来增强 Kubernetes 的网络能力,解除内置 Service API 的限制。 + +```shell +kubectl get services +``` +``` +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +kubernetes ClusterIP 2001:db8:1:2::1 443/TCP 3d1h +``` + +```shell +kubectl get ipaddresses +``` +``` +NAME PARENTREF +2001:db8:1:2::1 services/default/kubernetes +2001:db8:1:2::a services/kube-system/kube-dns +``` + diff --git a/content/zh-cn/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_apply.md b/content/zh-cn/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_apply.md index 026ae9f0098..4847dac894e 100644 --- a/content/zh-cn/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_apply.md +++ b/content/zh-cn/docs/reference/setup-tools/kubeadm/generated/kubeadm_upgrade_apply.md @@ -138,11 +138,12 @@ Perform the upgrade of etcd.

    一组键值对,用于描述各种功能。选项包括: -
    PublicKeysECDSA=true|false (ALPHA - 默认值=false +
    EtcdLearnerMode=true|false (ALPHA - 默认值=false) +
    PublicKeysECDSA=true|false (ALPHA - 默认值=false)
    RootlessControlPlane=true|false (ALPHA - 默认值=false)

    diff --git a/content/zh-cn/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md b/content/zh-cn/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md index a2ffb2e18d2..dae206a0f04 100644 --- a/content/zh-cn/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md +++ b/content/zh-cn/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md @@ -41,6 +41,7 @@ see the [Creating a cluster with kubeadm](/docs/setup/production-environment/too * Unique hostname, MAC address, and product_uuid for every node. See [here](#verify-mac-address) for more details. * Certain ports are open on your machines. See [here](#check-required-ports) for more details. * Swap disabled. You **MUST** disable swap in order for the kubelet to work properly. + * For example, `sudo swapoff -a` will disable swapping temporarily. To make this change persistent across reboots, make sure swap is disabled in config files like `/etc/fstab`, `systemd.swap`, depending how it was configured on your system. --> * 一台兼容的 Linux 主机。Kubernetes 项目为基于 Debian 和 Red Hat 的 Linux 发行版以及一些不提供包管理器的发行版提供通用的指令。 @@ -50,6 +51,8 @@ see the [Creating a cluster with kubeadm](/docs/setup/production-environment/too * 节点之中不可以有重复的主机名、MAC 地址或 product_uuid。请参见[这里](#verify-mac-address)了解更多详细信息。 * 开启机器上的某些端口。请参见[这里](#check-required-ports)了解更多详细信息。 * 禁用交换分区。为了保证 kubelet 正常工作,你**必须**禁用交换分区。 + * 例如,`sudo swapoff -a` 将暂时禁用交换分区。要使此更改在重启后保持不变,请确保在如 + `/etc/fstab`、`systemd.swap` 等配置文件中禁用交换分区,具体取决于你的系统如何配置。 diff --git a/content/zh-cn/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume.md b/content/zh-cn/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume.md index ed057170d86..21ca5b0a649 100644 --- a/content/zh-cn/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume.md +++ b/content/zh-cn/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume.md @@ -33,7 +33,7 @@ In this exercise, you create a Pod that runs two Containers. The two containers share a Volume that they can use to communicate. Here is the configuration file for the Pod: --> -## 创建一个包含两个容器的 Pod +## 创建一个包含两个容器的 Pod {#creating-a-pod-that-runs-two-containers} 在这个练习中,你会创建一个包含两个容器的 Pod。两个容器共享一个卷用于他们之间的通信。 Pod 的配置文件如下: @@ -184,7 +184,7 @@ Typically this is done through a shared filesystem, as shown in this exercise, or through the loopback network interface, localhost. An example of this pattern is a web server along with a helper program that polls a Git repository for new updates. --> -## 讨论 +## 讨论 {#discussion} Pod 能有多个容器的主要原因是为了支持辅助应用(helper applications),以协助主应用(primary application)。 辅助应用的典型例子是数据抽取,数据推送和代理。辅助应用和主应用经常需要相互通信。 diff --git a/content/zh-cn/docs/tasks/access-application-cluster/connecting-frontend-backend.md b/content/zh-cn/docs/tasks/access-application-cluster/connecting-frontend-backend.md index 90583761edc..f66af51711d 100644 --- a/content/zh-cn/docs/tasks/access-application-cluster/connecting-frontend-backend.md +++ b/content/zh-cn/docs/tasks/access-application-cluster/connecting-frontend-backend.md @@ -61,7 +61,7 @@ require a supported environment. If your environment does not support this, you The backend is a simple hello greeter microservice. Here is the configuration file for the backend Deployment: --> -### 使用部署对象(Deployment)创建后端 +### 使用部署对象(Deployment)创建后端 {#creating-the-backend-using-a-deployment} 后端是一个简单的 hello 欢迎微服务应用。这是后端应用的 Deployment 配置文件: @@ -136,7 +136,7 @@ the Pods that it routes traffic to. First, explore the Service configuration file: --> -### 创建 `hello` Service 对象 +### 创建 `hello` Service 对象 {#creating-the-hello-service-object} 将请求从前端发送到后端的关键是后端 Service。Service 创建一个固定 IP 和 DNS 解析名入口, 使得后端微服务总是可达。Service 使用 @@ -185,7 +185,7 @@ configuration file. The Pods in the frontend Deployment run a nginx image that is configured to proxy requests to the `hello` backend Service. Here is the nginx configuration file: --> -### 创建前端应用 +### 创建前端 {#creating-the-frontend} 现在你已经有了运行中的后端应用,你可以创建一个可在集群外部访问的前端,并通过代理 前端的请求连接到后端。 @@ -299,7 +299,7 @@ cluster. The frontend and backend are now connected. You can hit the endpoint by using the curl command on the external IP of your frontend Service. --> -### 通过前端发送流量 +### 通过前端发送流量 {#send-traffic-through-the-frontend} 前端和后端已经完成连接了。你可以使用 curl 命令通过你的前端 Service 的外部 IP 访问服务端点。 diff --git a/content/zh-cn/docs/tasks/access-application-cluster/list-all-running-container-images.md b/content/zh-cn/docs/tasks/access-application-cluster/list-all-running-container-images.md index 3ae5e5cee81..571b51b5dda 100644 --- a/content/zh-cn/docs/tasks/access-application-cluster/list-all-running-container-images.md +++ b/content/zh-cn/docs/tasks/access-application-cluster/list-all-running-container-images.md @@ -45,7 +45,7 @@ of Containers for each. - Use `sort` to sort the results - Use `uniq` to aggregate image counts --> -## 列出所有命名空间下的所有容器镜像 +## 列出所有命名空间下的所有容器镜像 {#list-all-container-images-in-all-namespaces} - 使用 `kubectl get pods --all-namespaces` 获取所有命名空间下的所有 Pod - 使用 `-o jsonpath={.items[*].spec.containers[*].image}` 来格式化输出,以仅包含容器镜像名称。 @@ -95,7 +95,7 @@ Pod is returned instead of a list of items. The formatting can be controlled further by using the `range` operation to iterate over elements individually. --> -## 按 Pod 列出容器镜像 +## 按 Pod 列出容器镜像 {#list-container-images-by-pod} 可以使用 `range` 操作进一步控制格式化,以单独操作每个元素。 @@ -110,7 +110,7 @@ sort To target only Pods matching a specific label, use the -l flag. The following matches only Pods with labels matching `app=nginx`. --> -## 列出以标签过滤后的 Pod 的所有容器镜像 +## 列出以标签过滤后的 Pod 的所有容器镜像 {#list-container-images-filtering-by-pod-label} 要获取匹配特定标签的 Pod,请使用 -l 参数。以下匹配仅与标签 `app=nginx` 相符的 Pod。 @@ -124,7 +124,7 @@ kubectl get pods --all-namespaces -o jsonpath="{.items[*].spec.containers[*].ima To target only pods in a specific namespace, use the namespace flag. The following matches only Pods in the `kube-system` namespace. --> -## 列出以命名空间过滤后的 Pod 的所有容器镜像 +## 列出以命名空间过滤后的 Pod 的所有容器镜像 {#list-container-images-filtering-by-pod-namespace} 要获取匹配特定命名空间的 Pod,请使用 namespace 参数。以下仅匹配 `kube-system` 命名空间下的 Pod。 @@ -138,7 +138,7 @@ kubectl get pods --namespace kube-system -o jsonpath="{.items[*].spec.containers As an alternative to jsonpath, Kubectl supports using [go-templates](https://pkg.go.dev/text/template) for formatting the output: --> -## 使用 go-template 代替 jsonpath 来获取容器镜像 +## 使用 go-template 代替 jsonpath 来获取容器镜像 {#list-container-images-using-a-go-template-instead-of-jsonpath} 作为 jsonpath 的替代,Kubectl 支持使用 [go-templates](https://pkg.go.dev/text/template) 来格式化输出: @@ -154,7 +154,7 @@ kubectl get pods --all-namespaces -o go-template --template="{{range .items}}{{r * [Jsonpath](/docs/reference/kubectl/jsonpath/) reference guide * [Go template](https://pkg.go.dev/text/template) reference guide --> -### 参考 +### 参考 {#reference} * [Jsonpath](/zh-cn/docs/reference/kubectl/jsonpath/) 参考指南 * [Go template](https://pkg.go.dev/text/template) 参考指南 diff --git a/content/zh-cn/docs/tasks/access-application-cluster/port-forward-access-application-cluster.md b/content/zh-cn/docs/tasks/access-application-cluster/port-forward-access-application-cluster.md index 69a376cfa2d..1f67c2d9dbe 100644 --- a/content/zh-cn/docs/tasks/access-application-cluster/port-forward-access-application-cluster.md +++ b/content/zh-cn/docs/tasks/access-application-cluster/port-forward-access-application-cluster.md @@ -36,7 +36,7 @@ for database debugging. 1. Create a Deployment that runs MongoDB: --> -## 创建 MongoDB Deployment 和服务 +## 创建 MongoDB Deployment 和服务 {#creating-mongodb-deployment-and-service} 1. 创建一个运行 MongoDB 的 Deployment: @@ -183,7 +183,7 @@ for database debugging. 1. `kubectl port-forward` allows using resource name, such as a pod name, to select a matching pod to port forward to. --> -## 转发一个本地端口到 Pod 端口 +## 转发一个本地端口到 Pod 端口 {#forward-a-local-port-to-a-port-on-the-pod} 1. `kubectl port-forward` 允许使用资源名称 (例如 Pod 名称)来选择匹配的 Pod 来进行端口转发。 @@ -237,7 +237,7 @@ for database debugging. ``` Forwarding from 127.0.0.1:28015 -> 27017 Forwarding from [::1]:28015 -> 27017 - ``` + ``` {{< note >}} 3. 在 MongoDB 命令行提示符下,输入 `ping` 命令: diff --git a/content/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard.md b/content/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard.md index 654c5d11a19..c76c95bd0cd 100644 --- a/content/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard.md +++ b/content/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard.md @@ -56,7 +56,7 @@ Dashboard 同时展示了 Kubernetes 集群中的资源状态信息和所有报 The Dashboard UI is not deployed by default. To deploy it, run the following command: --> -## 部署 Dashboard UI +## 部署 Dashboard UI {#deploying-the-dashboard-ui} 默认情况下不会部署 Dashboard。可以通过以下命令部署: ``` @@ -71,7 +71,7 @@ Currently, Dashboard only supports logging in with a Bearer Token. To create a token for this demo, you can follow our guide on [creating a sample user](https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md). --> -## 访问 Dashboard 用户界面 +## 访问 Dashboard 用户界面 {#accessing-the-dashboard-ui} 为了保护你的集群数据,默认情况下,Dashboard 会使用最少的 RBAC 配置进行部署。 当前,Dashboard 仅支持使用 Bearer 令牌登录。 @@ -92,7 +92,7 @@ The sample user created in the tutorial will have administrative privileges and You can enable access to the Dashboard using the `kubectl` command-line tool, by running the following command: --> -### 命令行代理 +### 命令行代理 {#command-line-proxy} 你可以使用 `kubectl` 命令行工具来启用 Dashboard 访问,命令如下: @@ -121,7 +121,7 @@ Kubeconfig 身份验证方法**不**支持外部身份提供程序或基于 x509 -## 欢迎界面 +## 欢迎界面 {#welcome-view} -## 部署容器化应用 +## 部署容器化应用 {#deploying-containerized-applications} 通过一个简单的部署向导,你可以使用 Dashboard 将容器化应用作为一个 Deployment 和可选的 Service 进行创建和部署。你可以手工指定应用的详细配置,或者上传一个包含应用配置的 YAML @@ -161,7 +161,7 @@ Click the **CREATE** button in the upper right corner of any page to begin. The deploy wizard expects that you provide the following information: --> -### 指定应用的详细配置 +### 指定应用的详细配置 {#specifying-application-details} 部署向导需要你提供以下信息: @@ -380,7 +380,7 @@ Kubernetes supports declarative configuration. In this style, all configuration is stored in manifests (YAML or JSON configuration files). The manifests use Kubernetes [API](/docs/concepts/overview/kubernetes-api/) resource schemas. --> -### 上传 YAML 或者 JSON 文件 +### 上传 YAML 或者 JSON 文件 {#uploading-a-yaml-or-json-file} Kubernetes 支持声明式配置。所有的配置都存储在清单文件 (YAML 或者 JSON 配置文件)中。这些 @@ -398,7 +398,7 @@ Dashboard 上传文件。 Following sections describe views of the Kubernetes Dashboard UI; what they provide and how can they be used. --> -## 使用 Dashboard +## 使用 Dashboard {#using-dashboard} 以下各节描述了 Kubernetes Dashboard UI 视图;包括它们提供的内容,以及怎么使用它们。 @@ -409,7 +409,7 @@ When there are Kubernetes objects defined in the cluster, Dashboard shows them i By default only objects from the _default_ namespace are shown and this can be changed using the namespace selector located in the navigation menu. --> -### 导航 +### 导航 {#navigation} 当在集群中定义 Kubernetes 对象时,Dashboard 会在初始视图中显示它们。 默认情况下只会显示 _默认_ 名字空间中的对象,可以通过更改导航栏菜单中的名字空间筛选器进行改变。 @@ -427,7 +427,7 @@ Node list view contains CPU and memory usage metrics aggregated across all Nodes The details view shows the metrics for a Node, its specification, status, allocated resources, events and pods running on the node. --> -#### 管理概述 +#### 管理概述 {#admin-overview} 集群和名字空间管理的视图,Dashboard 会列出节点、名字空间和持久卷,并且有它们的详细视图。 节点列表视图包含从所有节点聚合的 CPU 和内存使用的度量值。 @@ -442,7 +442,7 @@ Each workload kind can be viewed separately. The lists summarize actionable information about the workloads, such as the number of ready pods for a ReplicaSet or current memory usage for a Pod. --> -#### 负载 +#### 负载 {#workloads} 显示选中的名字空间中所有运行的应用。 视图按照负载类型(例如:Deployment、ReplicaSet、StatefulSet)罗列应用,并且每种负载都可以单独查看。 @@ -465,7 +465,7 @@ discovering them within a cluster. For that reason, Service and Ingress views show Pods targeted by them, internal endpoints for cluster connections and external endpoints for external users. --> -#### 服务 +#### 服务 {#services} 展示允许暴露给外网服务和允许集群内部发现的 Kubernetes 资源。 因此,Service 和 Ingress 视图展示他们关联的 Pod、给集群连接使用的内部端点和给外部用户使用的外部端点。 @@ -475,7 +475,7 @@ internal endpoints for cluster connections and external endpoints for external u Storage view shows PersistentVolumeClaim resources which are used by applications for storing data. --> -#### 存储 +#### 存储 {#storage} 存储视图展示持久卷申领(PVC)资源,这些资源被应用程序用来存储数据。 @@ -496,7 +496,7 @@ The view allows for editing and managing config objects and displays secrets hid Pod lists and detail pages link to a logs viewer that is built into Dashboard. The viewer allows for drilling down logs from containers belonging to a single Pod. --> -#### 日志查看器 +#### 日志查看器 {#logs-viewer} Pod 列表和详细信息页面可以链接到 Dashboard 内置的日志查看器。 查看器可以深入查看属于同一个 Pod 的不同容器的日志。 diff --git a/content/zh-cn/docs/tasks/administer-cluster/controller-manager-leader-migration.md b/content/zh-cn/docs/tasks/administer-cluster/controller-manager-leader-migration.md index 0c548ab635c..785635a560d 100644 --- a/content/zh-cn/docs/tasks/administer-cluster/controller-manager-leader-migration.md +++ b/content/zh-cn/docs/tasks/administer-cluster/controller-manager-leader-migration.md @@ -17,8 +17,6 @@ weight: 250 -{{< feature-state for_k8s_version="v1.24" state="stable" >}} - {{< glossary_definition term_id="cloud-controller-manager" length="all">}} 这篇文章提供了一些关于 DNS 问题诊断的方法。 - - ## {{% heading "prerequisites" %}} {{< include "task-tutorial-prereqs.md" >}} @@ -28,6 +35,8 @@ kube-dns. {{< version-check >}} + + -### 创建一个简单的 Pod 作为测试环境 +### 创建一个简单的 Pod 作为测试环境 {#create-a-simple-pod-to-use-as-a-test-environment} {{< codenew file="admin/dns/dnsutils.yaml" >}} @@ -117,7 +117,7 @@ Take a look inside the resolv.conf file. (See [Customizing DNS Service](/docs/tasks/administer-cluster/dns-custom-nameservers) and [Known issues](#known-issues) below for more information) --> -### 先检查本地的 DNS 配置 +### 先检查本地的 DNS 配置 {#check-the-local-dns-configuration-first} 查看 resolv.conf 文件的内容 (阅读[定制 DNS 服务](/zh-cn/docs/tasks/administer-cluster/dns-custom-nameservers/) 和 @@ -405,7 +405,7 @@ term_id="endpoint" >}} related resources to properly resolve service names. Sample error message: --> -### CoreDNS 是否有足够的权限? +### CoreDNS 是否有足够的权限? {#does-coredns-have-sufficient-permissions} CoreDNS 必须能够列出 {{< glossary_tooltip text="service" term_id="service" >}} 和 {{< glossary_tooltip text="endpoint" term_id="endpoint" >}} 相关的资源来正确解析服务名称。 @@ -476,7 +476,7 @@ the namespace of the service. This query is limited to the pod's namespace: --> -### 你的服务在正确的名字空间中吗? +### 你的服务在正确的名字空间中吗? {#are-you-in-the-right-namespace-for-the-service} 未指定名字空间的 DNS 查询仅作用于 Pod 所在的名字空间。 diff --git a/content/zh-cn/docs/tasks/administer-cluster/encrypt-data.md b/content/zh-cn/docs/tasks/administer-cluster/encrypt-data.md index 6da9caa86d2..b21dd4ed179 100644 --- a/content/zh-cn/docs/tasks/administer-cluster/encrypt-data.md +++ b/content/zh-cn/docs/tasks/administer-cluster/encrypt-data.md @@ -28,11 +28,15 @@ This page shows how to enable and configure encryption of secret data at rest. * etcd v3.0 or later is required * To encrypt a custom resource, your cluster must be running Kubernetes v1.26 or newer. + +* Use of wildcard for resource encryption is available from Kubernetes v1.27 or newer. --> * 需要 etcd v3.0 或者更高版本 * 要加密自定义资源,你的集群必须运行 Kubernetes v1.26 或更高版本。 +* 在 Kubernetes v1.27 或更高版本中可以使用通配符配置资源加密。 + ## 理解静态数据加密 {#understanding-the-encryption-at-rest-configuration} + ```yaml apiVersion: apiserver.config.k8s.io/v1 kind: EncryptionConfiguration @@ -93,6 +100,24 @@ resources: keys: - name: key1 secret: YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTY= + - resources: + - events + providers: + - identity: {} # 即使如下指定 *.* 也不会加密 events + - resources: + - '*.apps' + providers: + - aescbc: + keys: + - name: key2 + secret: c2VjcmV0IGlzIHNlY3VyZSwgb3IgaXMgaXQ/Cg== + - resources: + - '*.*' + providers: + - aescbc: + keys: + - name: key3 + secret: c2VjcmV0IGlzIHNlY3VyZSwgSSB0aGluaw== ``` 每个条目只能指定一个 provider 类型(可以是 `identity` 或 `aescbc`,但不能在同一个项目中同时指定二者)。 列表中的第一个 provider 用于加密写入存储的资源。 当从存储器读取资源时,与存储的数据匹配的所有 provider 将按顺序尝试解密数据。 如果由于格式或密钥不匹配而导致没有 provider 能够读取存储的数据,则会返回一个错误,以防止客户端访问该资源。 -有关 `EncryptionConfiguration` 结构体的更多详细信息,请参阅[加密配置 API](/zh-cn/docs/reference/config-api/apiserver-encryption.v1/)。 + +`EncryptionConfiguration` 支持使用通配符指定应加密的资源。 +使用 “`*.`” 加密 group 内的所有资源(例如以上例子中的 “`*.apps`”)或使用 +“`*.*`” 加密所有资源。“`*.`” 可用于加密核心组中的所有资源。“`*.*`” +将加密所有资源,甚至包括 API 服务器启动之后添加的自定义资源。 + +{{< note >}} + +不允许在同一资源列表或跨多个条目中使用相互重疊的通配符,因为这样一来配置的一部分将无法生效。 +`resources` 列表的处理顺序和优先级由配置中列出的顺序决定。 +{{< /note >}} + + +如果启用了通配符,但想要针对特定资源退出加密,则可以通过添加带有资源名称的新 `resources` 数组项, +后跟附带 `identity` 提供商的 `providers` 数组项。例如,如果启用了 “`*.*`”, +但想要排除对 `events` 资源的加密,则应向 `resources` 数组添加一个新项(以 `events` 为资源名称), +后跟包含 `identity` 的 providers 数组。新项应如下所示: + +```yaml +- resources: + - events + providers: + - identity: {} +``` + + +确保新项列在资源数组中的通配符 “`*.*`” 项之前,使新项优先。 + + +有关 `EncryptionConfiguration` 结构体的更多详细信息, +请参阅[加密配置 API](/zh-cn/docs/reference/config-api/apiserver-encryption.v1/)。 {{< caution >}} {{< table caption="Kubernetes 静态数据加密的 Provider" >}} 名称 | 加密类型 | 强度 | 速度 | 密钥长度 | 其它事项 @@ -170,9 +240,13 @@ is the first provider, the first key is used for encryption. `secretbox` | XSalsa20 和 Poly1305 | 强 | 更快 | 32 字节 | 较新的标准,在需要高度评审的环境中可能不被接受。 `aesgcm` | 带有随机数的 AES-GCM | 必须每 200k 写入一次 | 最快 | 16、24 或者 32字节 | 建议不要使用,除非实施了自动密钥循环方案。 `aescbc` | 填充 [PKCS#7](https://datatracker.ietf.org/doc/html/rfc2315) 的 AES-CBC | 弱 | 快 | 32 字节 | 由于 CBC 容易受到密文填塞攻击(Padding Oracle Attack),不推荐使用。 -`kms` | 使用信封加密方案:数据使用带有 [PKCS#7](https://datatracker.ietf.org/doc/html/rfc2315) 填充的 AES-CBC(v1.25 之前),从 v1.25 开始使用 AES-GCM 通过数据加密密钥(DEK)加密,DEK 根据 Key Management Service(KMS)中的配置通过密钥加密密钥(Key Encryption Keys,KEK)加密 | 最强 | 快 | 32 字节 | 建议使用第三方工具进行密钥管理。为每个加密生成新的 DEK,并由用户控制 KEK 轮换来简化密钥轮换。[配置 KMS 提供程序](/zh-cn/docs/tasks/administer-cluster/kms-provider/) +`kms v1` | 使用信封加密方案:数据使用带有 [PKCS#7](https://datatracker.ietf.org/doc/html/rfc2315) 填充的 AES-CBC(v1.25 之前),从 v1.25 开始使用 AES-GCM 通过数据加密密钥(DEK)加密,DEK 根据 Key Management Service(KMS)中的配置通过密钥加密密钥(Key Encryption Keys,KEK)加密 | 最强 | 快 | 32 字节 | 建议使用第三方工具进行密钥管理。为每个加密生成新的 DEK,并由用户控制 KEK 轮换来简化密钥轮换。从 `v1.27` 开始,该功能处于 Beta 阶段。系统在启动时生成一个新的 DEK 并重复使用它进行加密。当 KEK 被轮转时,DEK 也会被轮转。[配置 KMS V2 provider](/zh-cn/docs/tasks/administer-cluster/kms-provider#configuring-the-kms-provider-kms-v2)。 {{< /table >}} + 每个 provider 都支持多个密钥 - 在解密时会按顺序使用密钥,如果是第一个 provider,则第一个密钥用于加密。 {{< caution >}} @@ -267,6 +341,9 @@ To create a new Secret, perform the following steps: 2. 编辑 `kube-apiserver` 静态 Pod 的清单:`/etc/kubernetes/manifests/kube-apiserver.yaml`, 代码范例如下: + ```yaml apiVersion: v1 kind: Pod @@ -339,7 +416,7 @@ program to retrieve the contents of your secret data. -2. 使用 etcdctl 命令行,从 etcd 中读取 Secret: +2. 使用 `etcdctl` 命令行,从 etcd 中读取 Secret: ``` ETCDCTL_API=3 etcdctl get /registry/secrets/default/secret1 [...] | hexdump -C @@ -458,7 +535,7 @@ When running a single `kube-apiserver` instance, step 2 may be skipped. 在不发生停机的情况下更改 Secret 需要多步操作,特别是在有多个 `kube-apiserver` 进程正在运行的高可用环境中。 -1. 生成一个新密钥并将其添加为所有服务器上当前提供程序的第二个密钥条目 +1. 生成一个新密钥并将其添加为所有服务器上当前 provider 的第二个密钥条目 1. 重新启动所有 `kube-apiserver` 进程以确保每台服务器都可以使用新密钥进行解密 1. 将新密钥设置为 `keys` 数组中的第一个条目,以便在配置中使用其进行加密 1. 重新启动所有 `kube-apiserver` 进程以确保每个服务器现在都使用新密钥进行加密 diff --git a/content/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/change-runtime-containerd.md b/content/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/change-runtime-containerd.md index 1052ba0d64d..d3e5a64fa08 100644 --- a/content/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/change-runtime-containerd.md +++ b/content/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/change-runtime-containerd.md @@ -172,7 +172,6 @@ Users using kubeadm should be aware that the `kubeadm` tool stores the CRI socke an annotation in the Node object for that host. To change it you can execute the following command on a machine that has the kubeadm `/etc/kubernetes/admin.conf` file. --> -`kubeadm` 工具将每个主机的 CRI 套接字保存在该主机对应的 Node 对象的注解中。 使用 `kubeadm` 的用户应该知道,`kubeadm` 工具将每个主机的 CRI 套接字保存在该主机对应的 Node 对象的注解中。 要更改这一注解信息,你可以在一台包含 kubeadm `/etc/kubernetes/admin.conf` 文件的机器上执行以下命令: diff --git a/content/zh-cn/docs/tasks/configure-pod-container/assign-cpu-resource.md b/content/zh-cn/docs/tasks/configure-pod-container/assign-cpu-resource.md index 20c151905f6..fc966259669 100644 --- a/content/zh-cn/docs/tasks/configure-pod-container/assign-cpu-resource.md +++ b/content/zh-cn/docs/tasks/configure-pod-container/assign-cpu-resource.md @@ -425,6 +425,7 @@ kubectl delete namespace cpu-example * [Configure Memory and CPU Quotas for a Namespace](/docs/tasks/administer-cluster/manage-resources/quota-memory-cpu-namespace/) * [Configure a Pod Quota for a Namespace](/docs/tasks/administer-cluster/manage-resources/quota-pod-namespace/) * [Configure Quotas for API Objects](/docs/tasks/administer-cluster/quota-api-object/) +* [Resize CPU and Memory Resources assigned to Containers](/docs/tasks/configure-pod-container/resize-container-resources/) --> ### 针对集群管理员 {for-cluster-administrators} @@ -435,3 +436,5 @@ kubectl delete namespace cpu-example * [为名字空间配置内存和 CPU 配额](/zh-cn/docs/tasks/administer-cluster/manage-resources/quota-memory-cpu-namespace/) * [为名字空间配置 Pod 配额](/zh-cn/docs/tasks/administer-cluster/manage-resources/quota-pod-namespace/) * [配置 API 对象的配额](/zh-cn/docs/tasks/administer-cluster/quota-api-object/) +* [调整分配给容器的 CPU 和内存资源](/zh-cn/docs/tasks/configure-pod-container/resize-container-resources/) + \ No newline at end of file diff --git a/content/zh-cn/docs/tasks/configure-pod-container/assign-memory-resource.md b/content/zh-cn/docs/tasks/configure-pod-container/assign-memory-resource.md index 71ac184837d..15407495914 100644 --- a/content/zh-cn/docs/tasks/configure-pod-container/assign-memory-resource.md +++ b/content/zh-cn/docs/tasks/configure-pod-container/assign-memory-resource.md @@ -98,8 +98,8 @@ for the Pod: --> ## 指定内存请求和限制 {#specify-a-memory-request-and-a-memory-limit} -要为容器指定内存请求,请在容器资源清单中包含 `resources:requests` 字段。 -同理,要指定内存限制,请包含 `resources:limits`。 +要为容器指定内存请求,请在容器资源清单中包含 `resources: requests` 字段。 +同理,要指定内存限制,请包含 `resources: limits`。 在本练习中,你将创建一个拥有一个容器的 Pod。 容器将会请求 100 MiB 内存,并且内存会被限制在 200 MiB 以内。 @@ -544,6 +544,8 @@ kubectl delete namespace mem-example * [Configure a Pod Quota for a Namespace](/docs/tasks/administer-cluster/manage-resources/quota-pod-namespace/) * [Configure Quotas for API Objects](/docs/tasks/administer-cluster/quota-api-object/) + +* [Resize CPU and Memory Resources assigned to Containers](/docs/tasks/configure-pod-container/resize-container-resources/) --> ### 集群管理员扩展阅读 {#for-cluster-administrators} @@ -554,4 +556,5 @@ kubectl delete namespace mem-example * [为命名空间配置内存和 CPU 配额](/zh-cn/docs/tasks/administer-cluster/manage-resources/quota-memory-cpu-namespace/) * [配置命名空间下 Pod 总数](/zh-cn/docs/tasks/administer-cluster/manage-resources/quota-pod-namespace/) * [配置 API 对象配额](/zh-cn/docs/tasks/administer-cluster/quota-api-object/) +* [调整分配给容器的 CPU 和内存资源的大小](/docs/tasks/configure-pod-container/resize-container-resources/) diff --git a/content/zh-cn/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md b/content/zh-cn/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md index 6bb607d51a1..4ad57c2e29f 100644 --- a/content/zh-cn/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md +++ b/content/zh-cn/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes.md @@ -31,7 +31,6 @@ A common pattern for liveness probes is to use the same low-cost HTTP endpoint s for readiness probes, but with a higher failureThreshold. This ensures that the pod is observed as not-ready for some period of time before it is hard killed. --> - 存活探针的常见模式是为就绪探针使用相同的低成本 HTTP 端点,但具有更高的 failureThreshold。 这样可以确保在硬性终止 Pod 之前,将观察到 Pod 在一段时间内处于非就绪状态。 @@ -75,8 +74,9 @@ scalable; and increased workload on remaining pods due to some failed pods. Understand the difference between readiness and liveness probes and when to apply them for your app. --> 错误的存活探针可能会导致级联故障。 -这会导致在高负载下容器重启;例如由于应用程序无法扩展,导致客户端请求失败;以及由于某些 Pod 失败而导致剩余 Pod 的工作负载增加。 -了解就绪探针和存活探针之间的区别,以及何时为应用程序配置使用它们非常重要。 +这会导致在高负载下容器重启;例如由于应用程序无法扩展,导致客户端请求失败;以及由于某些 +Pod 失败而导致剩余 Pod 的工作负载增加。了解就绪探针和存活探针之间的区别, +以及何时为应用程序配置使用它们非常重要。 {{< /note >}} ## {{% heading "prerequisites" %}} @@ -247,7 +247,7 @@ and restarts it. `periodSeconds` 字段指定了 kubelet 每隔 3 秒执行一次存活探测。 `initialDelaySeconds` 字段告诉 kubelet 在执行第一次探测前应该等待 3 秒。 kubelet 会向容器内运行的服务(服务在监听 8080 端口)发送一个 HTTP GET 请求来执行探测。 -如果服务器上 `/healthz` 路径下的处理程序返回成功代码,则 kubelet 认为容器是健康存活的。 +如果服务器上 `/healthz` 路径下的处理程序返回成功代码,则 kubelet 认为容器是健康存活的。 如果处理程序返回失败代码,则 kubelet 会杀死这个容器并将其重启。 返回大于或等于 200 并且小于 400 的任何代码都标示成功,其它返回代码都标示失败。 -你可以访问 [server.go](https://github.com/kubernetes/kubernetes/blob/master/test/images/agnhost/liveness/server.go)。 +你可以访问 [server.go](https://github.com/kubernetes/kubernetes/blob/master/test/images/agnhost/liveness/server.go) 阅读服务的源码。 容器存活期间的最开始 10 秒中,`/healthz` 处理程序返回 200 的状态码。 之后处理程序返回 500 的状态码。 @@ -380,11 +380,9 @@ kubectl describe pod goproxy {{< feature-state for_k8s_version="v1.24" state="beta" >}} @@ -395,22 +393,40 @@ kubelet 可以配置为使用该协议来执行应用存活性检查。 [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/) 才能配置依赖于 gRPC 的检查机制。 +这个例子展示了如何配置 Kubernetes 以将其用于应用程序的存活性检查。 +类似地,你可以配置就绪探针和启动探针。 + 下面是一个示例清单: {{< codenew file="pods/probe/grpc-liveness.yaml" >}} -要使用 gRPC 探针,必须配置 `port` 属性。如果健康状态端点配置在非默认服务之上, -你还必须设置 `service` 属性。 +要使用 gRPC 探针,必须配置 `port` 属性。 +如果要区分不同类型的探针和不同功能的探针,可以使用 `service` 字段。 +你可以将 `service` 设置为 `liveness`,并使你的 gRPC +健康检查端点对该请求的响应与将 `service` 设置为 `readiness` 时不同。 +这使你可以使用相同的端点进行不同类型的容器健康检查(而不需要在两个不同的端口上侦听)。 +如果你想指定自己的自定义服务名称并指定探测类型,Kubernetes +项目建议你使用使用一个可以关联服务和探测类型的名称来命名。 +例如:`myservice-liveness`(使用 `-` 作为分隔符)。 {{< note >}} -与 HTTP 和 TCP 探针不同,gRPC 探测不能使用命名端口或定制主机。 +与 HTTP 和 TCP 探针不同,gRPC 探测不能使用按名称指定端口, +也不能自定义主机名。 {{< /note >}} -存活探针 **不等待** 就绪性探针成功。 +存活探针**不等待**就绪性探针成功。 如果要在执行存活探针之前等待,应该使用 `initialDelaySeconds` 或 `startupProbe`。 {{< /caution >}} @@ -751,8 +767,8 @@ in the range 1 to 65535. [HTTP Probes](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#httpgetaction-v1-core) 允许针对 `httpGet` 配置额外的字段: -* `host`:连接使用的主机名,默认是 Pod 的 IP。也可以在 HTTP 头中设置 “Host” 来代替。 -* `scheme` :用于设置连接主机的方式(HTTP 还是 HTTPS)。默认是 "HTTP"。 +* `host`:连接使用的主机名,默认是 Pod 的 IP。也可以在 HTTP 头中设置 "Host" 来代替。 +* `scheme`:用于设置连接主机的方式(HTTP 还是 HTTPS)。默认是 "HTTP"。 * `path`:访问 HTTP 服务的路径。默认值为 "/"。 * `httpHeaders`:请求中自定义的 HTTP 头。HTTP 头字段允许重复。 * `port`:访问容器的端口号或者端口名。如果数字必须在 1~65535 之间。 @@ -840,7 +856,7 @@ to resolve it. --> ### 探针层面的 `terminationGracePeriodSeconds` -{{< feature-state for_k8s_version="v1.25" state="beta" >}} +{{< feature-state for_k8s_version="v1.27" state="stable" >}} {{< note >}} 从 Kubernetes 1.25 开始,默认启用 `ProbeTerminationGracePeriod` 特性。 diff --git a/content/zh-cn/docs/tasks/configure-pod-container/migrate-from-psp.md b/content/zh-cn/docs/tasks/configure-pod-container/migrate-from-psp.md index e99a2c04b1b..d5da098123c 100644 --- a/content/zh-cn/docs/tasks/configure-pod-container/migrate-from-psp.md +++ b/content/zh-cn/docs/tasks/configure-pod-container/migrate-from-psp.md @@ -12,6 +12,7 @@ reviewers: - liggitt content_type: task min-kubernetes-server-version: v1.22 +weight: 260 --> @@ -388,7 +389,7 @@ For each updated PodSecurityPolicy: 3. Create the new PodSecurityPolicies. If any Roles or ClusterRoles are granting `use` on all PSPs this could cause the new PSPs to be used instead of their mutating counter-parts. 4. Update your authorization to grant access to the new PSPs. In RBAC this means updating any Roles - or ClusterRoles that grant the `use` permision on the original PSP to also grant it to the + or ClusterRoles that grant the `use` permission on the original PSP to also grant it to the updated PSP. --> 3. 创建新的 PodSecurityPolicy。如果存在 Role 或 ClusterRole 对象为用户授权了在所有 PSP diff --git a/content/zh-cn/docs/tasks/configure-pod-container/security-context.md b/content/zh-cn/docs/tasks/configure-pod-container/security-context.md index fdd0c680447..3e2c7ca1172 100644 --- a/content/zh-cn/docs/tasks/configure-pod-container/security-context.md +++ b/content/zh-cn/docs/tasks/configure-pod-container/security-context.md @@ -710,7 +710,7 @@ To assign SELinux labels, the SELinux security module must be loaded on the host --> ### 高效重打 SELinux 卷标签 -{{< feature-state for_k8s_version="v1.25" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} -* 必须启用 Alpha 特性门控 `ReadWriteOncePod` 和 `SELinuxMountReadWriteOncePod`。 +* 必须启用 `ReadWriteOncePod` 和 `SELinuxMountReadWriteOncePod` + [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)。 -* 对应的 PersistentVolume 必须是使用 {< glossary_tooltip text="CSI" term_id="csi" >}} - 驱动程序的卷,或者是传统的 `iscsi` 卷类型的卷。 - * 如果使用基于 CSI 驱动程序的卷,CSI 驱动程序必须能够通过在 CSIDriver - 实例中设置 `spec.seLinuxMount: true` 以支持 `-o context` 挂载。 +* 对应的 PersistentVolume 必须是: + * 使用传统树内(In-Tree) `iscsi`、`rbd` 或 `fs` 卷类型的卷。 + * 或者是使用 {< glossary_tooltip text="CSI" term_id="csi" >}} 驱动程序的卷 + CSI 驱动程序必须能够通过在 CSIDriver 实例中设置 `spec.seLinuxMount: true` + 以支持 `-o context` 挂载。 -在 Kubernetes 1.25 中,kubelet 在重启后会丢失对卷标签的追踪记录。 -换言之,kubelet 可能会拒绝启动 Pod,原因类似于 “conflicting -SELinux labels of volume”, -但实际上 Pod 中并没有冲突的标签。在重启 kubelet -之前确保节点已被[完全腾空](/zh-cn/docs/tasks/administer-cluster/safely-drain-node/)。 +如果你的 Kubernetes 版本是 v1.25,请参阅此任务页面的 v1.25 版本: +[为 Pod 或 Container 配置安全上下文](https://v1-25.docs.kubernetes.io/docs/tasks/configure-pod-container/security-context/)(v1.25)。 +该文档中有一个重要的说明:kubelet 在重启后会丢失对卷标签的追踪记录。 +这个缺陷已经在 Kubernetes 1.26 中修复。 {{< /note >}} -请注意 **如果你的容器运行时环境不支持用户名字空间,字段 `pod.spec` 将被忽略, +请注意 **如果你的容器运行时环境不支持用户名字空间,那么 Pod 规约中的 `hostUsers` 字段将被静默忽略, 并且系统会在没有用户名字空间的环境中创建 Pod。** diff --git a/content/zh-cn/docs/tasks/debug/debug-application/determine-reason-pod-failure.md b/content/zh-cn/docs/tasks/debug/debug-application/determine-reason-pod-failure.md index 697459bb065..ce1059ecac1 100644 --- a/content/zh-cn/docs/tasks/debug/debug-application/determine-reason-pod-failure.md +++ b/content/zh-cn/docs/tasks/debug/debug-application/determine-reason-pod-failure.md @@ -203,11 +203,11 @@ is empty and the container exited with an error. The log output is limited to * See the `terminationMessagePath` field in [Container](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#container-v1-core). * Learn about [retrieving logs](/docs/concepts/cluster-administration/logging/). -* Learn about [Go templates](https://golang.org/pkg/text/template/). +* Learn about [Go templates](https://pkg.go.dev/text/template). --> * 参考 [Container](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#container-v1-core) 资源的 `terminationMessagePath` 字段。 * 了解[检索日志](/zh-cn/docs/concepts/cluster-administration/logging/)。 -* 了解 [Go 模板](https://golang.org/pkg/text/template/)。 +* 了解 [Go 模板](https://pkg.go.dev/text/template)。 diff --git a/content/zh-cn/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions.md b/content/zh-cn/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions.md index 3418cde1cf4..62041dac59a 100644 --- a/content/zh-cn/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions.md +++ b/content/zh-cn/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions.md @@ -505,7 +505,8 @@ anyOf: ``` 如果违反了结构化模式规则,CustomResourceDefinition 的 `NonStructural` 状况中会包含报告信息。 @@ -1195,7 +1196,7 @@ For example: required: - minReplicas - replicas - - maxReplicas + - maxReplicas ``` 当 CRD 被创建/更新时,验证规则被编译。 @@ -1256,7 +1257,7 @@ Compilation process includes type checking as well. The compilation failure: - `no_matching_overload`: this function has no overload for the types of the arguments. - + For example, a rule like `self == true` against a field of integer type will get error: --> 编译失败: @@ -1269,9 +1270,9 @@ The compilation failure: Invalid value: apiextensions.ValidationRule{Rule:"self == true", Message:""}: compilation failed: ERROR: \:1:6: found no matching overload for '_==_' applied to '(int, bool)' ``` - @@ -1285,7 +1286,7 @@ The compilation failure: - `invalid argument`:对宏的无效参数。 @@ -1633,6 +1634,64 @@ xref: [CEL types](https://github.com/google/cel-spec/blob/v0.6.0/doc/langdef.md# [OpenAPI 类型](https://swagger.io/specification/#data-types)、 [Kubernetes 结构化模式](/zh-cn/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#specifying-a-structural-schema)。 + +#### `messageExpression` 字段 {#the-messageExpression-field} + + +`message` 字段定义因验证规则失败时提示的字符串,与它类似, +`messageExpression` 允许你使用 CEL 表达式构造消息字符串。 +这使你可以在验证失败消息中插入更详细的信息。`messageExpression` +必须计算为字符串,并且可以使用在 `rule` 字段中可用的变量。 +例如: + +```yaml +x-kubernetes-validations: +- rule: "self.x <= self.maxLimit" + messageExpression: '"x exceeded max limit of " + string(self.maxLimit)' +``` + + +请记住,CEL 字符串连接(`+` 运算符)不会自动转换为字符串。 +如果你有一个非字符串标量,请使用 `string()` 函数将标量转换为字符串,如上例所示。 + + +`messageExpression` 必须计算为一个字符串,并且在编写 CRD 时进行检查。 +请注意,可以在同一个规则上设置 `message` 和 `messageExpression`,如果两者都存在,则将使用 `messageExpression`。 +但是,如果 `messageExpression` 计算出错,则将使用 `message` 中定义的字符串,而 `messageExpression` 的错误将被打印到日志。 +如果在 `messageExpression` 中定义的 CEL 表达式产生一个空字符串或包含换行符的字符串,也会发生这种回退。 + + +如果满足上述条件之一且未设置 `message` 字段,则将使用默认的检查失败消息。 + + +`messageExpression` 是一个 CEL 表达式,因此[验证函数的资源使用](#resource-use-by-validation-functions)中列出的限制也适用于它。 +如果在 `messageExpression` 执行期间由于资源限制而导致计算停止,则不会执行进一步的检查规则。 + @@ -1749,7 +1808,7 @@ Here are some examples for transition rules: -#### 验证函数的资源使用 +#### 验证函数的资源使用 {#resource-use-by-validation-functions} 运行时也使用类似的系统来观察解释器的行动。如果解释器执行了太多的指令,规则的执行将被停止,并且会产生一个错误。 每个 CustomResourceDefinition 也被允许有一定数量的资源来完成其所有验证规则的执行。 @@ -1798,7 +1857,7 @@ given, and this will happen for anything that can be iterated over (lists, maps, 如果没有给出 `foo` 的长度限制,成本系统总是假设最坏的情况,这将发生在任何可以被迭代的事物上(list、map 等)。 @@ -1823,8 +1882,8 @@ then the API server rejects this rule on validation budget grounds with error: API 服务器以验证预算为由拒绝该规则,并显示错误: ``` -spec.validation.openAPIV3Schema.properties[spec].properties[foo].x-kubernetes-validations[0].rule: Forbidden: -CEL rule exceeded budget by more than 100x (try simplifying the rule, or adding maxItems, maxProperties, and +spec.validation.openAPIV3Schema.properties[spec].properties[foo].x-kubernetes-validations[0].rule: Forbidden: +CEL rule exceeded budget by more than 100x (try simplifying the rule, or adding maxItems, maxProperties, and maxLength where arrays, maps, and strings are used) ``` @@ -1880,7 +1939,7 @@ openAPIV3Schema: ``` -### 以 OpenAPI v2 形式发布合法性检查模式 {#publish-validation-schema-in-openapi-v2} +### 以 OpenAPI 形式发布合法性检查模式 {#publish-validation-schema-in-openapi} CustomResourceDefinition 的[结构化的](#specifying-a-structural-schema)、 [启用了剪裁的](#field-pruning) [OpenAPI v3 合法性检查模式](#validation)会在 Kubernetes API 服务器上作为 -[OpenAPI v2 规约](/zh-cn/docs/concepts/overview/kubernetes-api/#openapi-and-swagger-definitions)的一部分发布出来。 +[OpenAPI 3](/zh-cn/docs/concepts/overview/kubernetes-api/#openapi-and-swagger-definitions) +和 OpenAPI v2 发布出来。建议使用 OpenAPI v3 文档,因为它是 CustomResourceDefinition OpenAPI v3 +验证模式的无损表示,而 OpenAPI v2 表示有损转换。 [kubectl](/zh-cn/docs/reference/kubectl/) 命令行工具会基于所发布的模式定义来执行客户端的合法性检查 (`kubectl create` 和 `kubectl apply`),为定制资源的模式定义提供解释(`kubectl explain`)。 所发布的模式还可被用于其他目的,例如生成客户端或者生成文档。 +#### Compatibility with OpenAPI V2 + +为了与 OpenAPI V2 兼容,OpenAPI v3 验证模式会对 OpenAPI v2 模式进行有损转换。 +该模式显示在 [OpenAPI v2 规范](/zh-cn/docs/concepts/overview/kubernetes-api/#openapi-and-swagger-definitions)中的 +`definitions` 和` paths` 字段中。 OpenAPI v3 合法性检查模式定义会被转换为 OpenAPI v2 模式定义,并出现在 [OpenAPI v2 规范](/zh-cn/docs/concepts/overview/kubernetes-api/#openapi-and-swagger-definitions)的 `definitions` 和 `paths` 字段中。 @@ -2156,16 +2227,14 @@ OpenAPI v3 合法性检查模式定义会被转换为 OpenAPI v2 模式定义, API 服务器中的[合法性检查](#validation)。 -1. 以下字段会被移除,因为它们在 OpenAPI v2 中不支持(在将来版本中将使用 OpenAPI v3, - 因而不会有这些限制) +1. 以下字段会被移除,因为它们在 OpenAPI v2 中不支持。 - 字段 `allOf`、`anyOf`、`oneOf` 和 `not` 会被删除 diff --git a/content/zh-cn/docs/tasks/inject-data-application/define-environment-variable-container.md b/content/zh-cn/docs/tasks/inject-data-application/define-environment-variable-container.md index 375d58dd440..3aba156c849 100644 --- a/content/zh-cn/docs/tasks/inject-data-application/define-environment-variable-container.md +++ b/content/zh-cn/docs/tasks/inject-data-application/define-environment-variable-container.md @@ -36,6 +36,41 @@ that run in the Pod. To set environment variables, include the `env` or --> 创建 Pod 时,可以为其下的容器设置环境变量。通过配置文件的 `env` 或者 `envFrom` 字段来设置环境变量。 + +`env` 和 `envFrom` 字段具有不同的效果。 + +`env` +:可以为容器设置环境变量,直接为你所给的每个变量指定一个值。 + + +`envFrom` +:你可以通过引用 ConfigMap 或 Secret 来设置容器的环境变量。 +使用 `envFrom` 时,引用的 ConfigMap 或 Secret 中的所有键值对都被设置为容器的环境变量。 +你也可以指定一个通用的前缀字符串。 + + +你可以阅读有关 [ConfigMap](/zh-cn/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) +和 [Secret](/zh-cn/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables) +的更多信息。 + +本页介绍如何使用 `env`。 + ## 不健康的 Pod 驱逐策略 {#unhealthy-pod-eviction-policy} -{{< feature-state for_k8s_version="v1.26" state="alpha" >}} +{{< feature-state for_k8s_version="v1.26" state="beta" >}} {{< note >}} -为了使用此行为,你必须在 -[API 服务器](/zh-cn/docs/reference/command-line-tools-reference/kube-apiserver/)上启用 +此特性默认启用,你可以通过在 +[API 服务器](/zh-cn/docs/reference/command-line-tools-reference/kube-apiserver/)上禁用 `PDBUnhealthyPodEvictionPolicy` -[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)。 +[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)来禁用它。 {{< /note >}} ### 容器资源指标 {#container-resource-metrics} -{{< feature-state for_k8s_version="v1.20" state="alpha" >}} +{{< feature-state for_k8s_version="v1.27" state="beta" >}} Seccomp 代表安全计算(Secure Computing)模式,自 2.6.12 版本以来,一直是 Linux 内核的一个特性。 它可以用来沙箱化进程的权限,限制进程从用户态到内核态的调用。 -Kubernetes 能使你自动将加载到 {{< glossary_tooltip text="节点" term_id="node" >}}上的 +Kubernetes 能使你自动将加载到{{< glossary_tooltip text="节点" term_id="node" >}}上的 seccomp 配置文件应用到你的 Pod 和容器。 识别你的工作负载所需要的权限是很困难的。在本篇教程中, @@ -137,6 +137,7 @@ ls profiles You should see three profiles listed at the end of the final step: --> 你应该看到在最后一步的末尾列出有三个配置文件: + ``` audit.json fine-grained.json violation.json ``` @@ -150,7 +151,6 @@ so each node of the cluster is a container. This allows for files to be mounted in the filesystem of each container similar to loading files onto a node. --> - ## 使用 kind 创建本地 Kubernetes 集群 {#create-a-local-kubernetes-cluster-with-kind} 为简单起见,[kind](https://kind.sigs.k8s.io/) 可用来创建加载了 seccomp 配置文件的单节点集群。 @@ -163,6 +163,7 @@ Kind 在 Docker 中运行 Kubernetes,因此集群的每个节点都是一个 Download that example kind configuration, and save it to a file named `kind.yaml`: --> 下载该示例 kind 配置,并将其保存到名为 `kind.yaml` 的文件中: + ```shell curl -L -O https://k8s.io/examples/pods/security/seccomp/kind.yaml ``` @@ -233,6 +234,12 @@ of the kubelet. Use `docker exec` to run a command in the Pod: 你应该会看到 `profiles/` 目录已成功加载到 kubelet 的默认 seccomp 路径中。 使用 `docker exec` 在 Pod 中运行命令: + ```shell # 将 6a96207fed4b 更改为你从 “docker ps” 看到的容器 ID docker exec -it 6a96207fed4b ls /var/lib/kubelet/seccomp/profiles @@ -253,21 +260,17 @@ running within kind. --> ## 启用使用 `RuntimeDefault` 作为所有工作负载的默认 seccomp 配置文件 {#enable-runtimedefault-as-default} -{{< feature-state state="beta" for_k8s_version="v1.25" >}} +{{< feature-state state="stable" for_k8s_version="v1.27" >}} -要使用 Seccomp(安全计算模式)配置文件来设定默认值,你必须要在启用 `SeccompDefault` -[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)的情况下运行 kubelet -(这是默认值)。 -你还必须显式地启用每个节点的默认行为,以及相应的 -`--seccomp-default` [命令行标志](/zh-cn/docs/reference/command-line-tools-reference/kubelet)。两者必须同时启用才能使用该特性。 +要使用 Seccomp(安全计算模式)配置文件采用默认设置这一行为,你必须使用在想要启用此行为的每个节点上启用 +`--seccomp-default` +[命令行标志](/zh-cn/docs/reference/command-line-tools-reference/kubelet)来运行 kubelet。 Kubernetes {{< skew currentVersion >}} 允许你配置 Seccomp 配置文件, 当 Pod 的规约未定义特定的 Seccomp 配置文件时应用该配置文件。 -这是一个 Beta 特性,默认启用相应的 `SeccompDefault` [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)。 但是,你仍然需要为要使用它的每个节点启用此默认设置。 -如果你已经启用了 `SeccompDefault` [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/), +如果你已经启用了 `seccompDefault` [配置](/zh-cn/docs/reference/config-api/kubelet-config.v1beta1/), 只要没有指定其他 seccomp 配置文件,那么 Pod 就会使用 `RuntimeDefault` seccomp 配置文件。 否则,默认值为 `Unconfined`。 {{< /note >}} @@ -506,26 +503,15 @@ Here's a manifest for that Pod: {{< note >}} -已弃用的 seccomp 注解 `seccomp.security.alpha.kubernetes.io/pod`(针对整个 Pod)和 -`container.seccomp.security.alpha.kubernetes.io/[name]`(针对单个容器) -将随着未来 Kubernetes 的发布而被删除。 -请在可能的情况下使用原生 API 字段而不是注解。 - -从 Kubernetes v1.25 开始,kubelet 不再支持这些注解, -也不再支持在静态 Pod 中使用注解,并且当创建带有 seccomp 字段的 Pod 时不再自动填充 seccomp 注解。 -从注释中自动填充 seccomp 字段的特性,将计划在未来的版本中删除。 +旧版本的 Kubernetes 允许你使用{{< glossary_tooltip text="注解" term_id="annotation" >}}配置 +seccomp 行为。Kubernetes {{< skew currentVersion >}} 仅支持使用位于 `.spec.securityContext` +内的字段来配置 seccomp。本教程将阐述这个方法。 {{< /note >}} ```shell # 将 6a96207fed4b 更改为你从 “docker ps” 看到的控制平面容器 ID docker exec -it 6a96207fed4b curl localhost:32373 @@ -625,6 +617,7 @@ For example: 如果你在控制平面容器中 `curl` 端点,你会看到更多的写入。 例如: + ``` Jul 6 15:37:40 my-machine kernel: [369128.669452] audit: type=1326 audit(1594067860.484:14536): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=29064 comm="http-echo" exe="/http-echo" sig=0 arch=c000003e syscall=51 compat=0 ip=0x46fe1f code=0x7ffc0000 Jul 6 15:37:40 my-machine kernel: [369128.669453] audit: type=1326 audit(1594067860.484:14537): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=29064 comm="http-echo" exe="/http-echo" sig=0 arch=c000003e syscall=54 compat=0 ip=0x46fdba code=0x7ffc0000 @@ -683,7 +676,7 @@ kubectl apply -f https://k8s.io/examples/pods/security/seccomp/ga/violation-pod. The Pod creates, but there is an issue. If you check the status of the Pod, you should see that it failed to start. --> -Pod 创建,但存在问题。 +Pod 已创建,但存在问题。 如果你检查 Pod 状态,你应该看到它没有启动。 ```shell @@ -732,7 +725,7 @@ The manifest for this example is: 如果你看一看 `fine-grained.json` 配置文件, 你会注意到第一个示例的 syslog 中看到的一些系统调用, 其中配置文件设置为 `"defaultAction": "SCMP_ACT_LOG"`。 -现在的配置文件设置 `"defaultAction": "SCMP_ACT_ERRNO"`, +现在的配置文件设置 `"defaultAction": "SCMP_ACT_ERRNO"`, 但在 `"action": "SCMP_ACT_ALLOW"` 块中明确允许一组系统调用。 理想情况下,容器将成功运行,并且你看到没有消息发送到 `syslog`。 @@ -769,6 +762,12 @@ mention calls from `http-echo`: --> 打开一个新的终端窗口并使用 `tail` 来监视提到来自 `http-echo` 的调用的日志条目: + ```shell # 你计算机上的日志路径可能与 “/var/log/syslog” 不同 tail -f /var/log/syslog | grep 'http-echo' @@ -796,6 +795,7 @@ kubectl get service fine-pod The output is similar to: --> 输出类似于: + ``` NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE fine-pod NodePort 10.111.36.142 5678:32373/TCP 72s @@ -806,6 +806,12 @@ Use `curl` to access that endpoint from inside the kind control plane container: --> 使用 `curl` 从 kind 控制平面容器内部访问端点: + ```shell # 将 6a96207fed4b 更改为你从 “docker ps” 看到的控制平面容器 ID docker exec -it 6a96207fed4b curl localhost:32373 @@ -847,4 +853,4 @@ You can learn more about Linux seccomp: 你可以了解有关 Linux seccomp 的更多信息: * [seccomp 概述](https://lwn.net/Articles/656307/) -* [Docker 的 Seccomp 安全配置文件](https://docs.docker.com/engine/security/seccomp/) \ No newline at end of file +* [Docker 的 Seccomp 安全配置文件](https://docs.docker.com/engine/security/seccomp/) diff --git a/content/zh-cn/examples/admin/konnectivity/konnectivity-agent.yaml b/content/zh-cn/examples/admin/konnectivity/konnectivity-agent.yaml index 2d34c2d69c8..0f7477e8d68 100644 --- a/content/zh-cn/examples/admin/konnectivity/konnectivity-agent.yaml +++ b/content/zh-cn/examples/admin/konnectivity/konnectivity-agent.yaml @@ -22,7 +22,7 @@ spec: - key: "CriticalAddonsOnly" operator: "Exists" containers: - - image: us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent:v0.0.16 + - image: us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent:v0.0.37 name: konnectivity-agent command: ["/proxy-agent"] args: [ diff --git a/content/zh-cn/examples/admin/konnectivity/konnectivity-server.yaml b/content/zh-cn/examples/admin/konnectivity/konnectivity-server.yaml index df5ca13d410..9c24a63dc59 100644 --- a/content/zh-cn/examples/admin/konnectivity/konnectivity-server.yaml +++ b/content/zh-cn/examples/admin/konnectivity/konnectivity-server.yaml @@ -8,12 +8,13 @@ spec: hostNetwork: true containers: - name: konnectivity-server-container - image: registry.k8s.io/kas-network-proxy/proxy-server:v0.0.32 + image: registry.k8s.io/kas-network-proxy/proxy-server:v0.0.37 command: ["/proxy-server"] args: [ "--logtostderr=true", # 下一行需与 egressSelectorConfiguration 中设置的值一致。 "--uds-name=/etc/kubernetes/konnectivity-server/konnectivity-server.socket", + "--delete-existing-uds-file", # 下面两行假定 Konnectivity 服务器被部署在与 apiserver 相同的机器上, # 并且该 API 服务器的证书和密钥位于指定的位置。 "--cluster-cert=/etc/kubernetes/pki/apiserver.crt", diff --git a/content/zh-cn/releases/patch-releases.md b/content/zh-cn/releases/patch-releases.md index ff755a51489..94e444dc0d0 100644 --- a/content/zh-cn/releases/patch-releases.md +++ b/content/zh-cn/releases/patch-releases.md @@ -149,16 +149,15 @@ releases may also occur in between these. - -| 月度补丁发布 | Cherry Pick 截止日期 | 目标日期 | -| -------------- | -------------------- | ----------- | -| 2023 年 2 月 | 2023-02-10 | 2023-02-15 | -| 2023 年 3 月 | 2023-03-10 | 2023-03-15 | -| 2023 年 4 月 | 2023-04-07 | 2023-04-12 | +| 月度补丁发布 | Cherry Pick 截止日期 | 目标日期 | +|------------|------------------|------------| +| 2023 年 4 月 | 2023-04-07 | 2023-04-12 | +| 2023 年 5 月 | 2023-05-12 | 2023-05-17 | +| 2023 年 6 月 | 2023-06-09 | 2023-06-14 | ### kube-proxy {#kube-proxy} -* `kube-proxy` 和节点上的 `kubelet` 必须是相同的次要版本。 * `kube-proxy` 版本不能比 `kube-apiserver` 版本新。 * `kube-proxy` 最多只能比 `kube-apiserver` 落后两个次要版本。 diff --git a/data/announcements/scheduled.yaml b/data/announcements/scheduled.yaml index 79e6e2e5b0c..830f5577acb 100644 --- a/data/announcements/scheduled.yaml +++ b/data/announcements/scheduled.yaml @@ -152,6 +152,19 @@ announcements: All images available in k8s.gcr.io are available at registry.k8s.io.
    Please read our [announcement](/blog/2023/03/10/image-registry-redirect/) for more details. +- name: Kubecon 2023 EU + startTime: 2023-04-15T00:00:00 #Added in https://github.com/kubernetes/website/pull/40691 + endTime: 2023-04-22T18:00:00 + style: >- + background: linear-gradient(90deg, rgba(174,28,40,1) 0%, rgba(50,79,133,1) 65%, rgba(33,70,139,1) 100%); + color: #fffff; + title: | + + KubeCon + CloudNativeCon EU 2023 Amsterdam, Netherlands + Virtual. + message: | + 4 days of incredible opportunities to collaborate, learn + share with the entire community!
    + April 18 - April 21, 2023. + - name: Redirecting k8s.gcr.io - After startTime: 2023-03-27T00:00:00 # This should run after the redirect begins endTime: 2023-05-31T00:00:00 diff --git a/data/i18n/de/de.toml b/data/i18n/de/de.toml index cd4c3d79242..e6f10daaab4 100644 --- a/data/i18n/de/de.toml +++ b/data/i18n/de/de.toml @@ -79,7 +79,7 @@ other = "Kubernetes Features" other = """Wir sind ein CNCF Abschlussprojekt

    """ [main_kubeweekly_baseline] -other = "Möchten Sie die neuesten Nachrichten von Kubernetes erhalten? Melden Sie sich für KubeWeekly an." +other = "Möchtest du die neuesten Nachrichten von Kubernetes erhalten? Melde dich für KubeWeekly an." [main_kubernetes_past_link] other = "Frühere Newsletter anzeigen" diff --git a/data/releases/schedule.yaml b/data/releases/schedule.yaml index 16f1526065f..933fffc79d1 100644 --- a/data/releases/schedule.yaml +++ b/data/releases/schedule.yaml @@ -1,4 +1,16 @@ schedules: +- release: 1.27 + releaseDate: 2024-04-11 + maintenanceModeStartDate: 2024-04-28 + endOfLifeDate: 2024-06-28 + next: + release: 1.27.1 + cherryPickDeadline: 2023-05-10 + targetDate: 2023-05-17 + previousPatches: + - release: 1.27.0 + cherryPickDeadline: "" + targetDate: 2023-04-11 - release: 1.26 releaseDate: 2022-12-09 maintenanceModeStartDate: 2023-12-28 diff --git a/go.mod b/go.mod index c84a9c62aa0..23d361595c5 100644 --- a/go.mod +++ b/go.mod @@ -1,55 +1,68 @@ module k8s.io/website -go 1.19 +go 1.20 require ( - k8s.io/apimachinery v0.26.0 + k8s.io/apimachinery v0.27.0 k8s.io/kubernetes v0.0.0 ) require ( + github.com/NYTimes/gziphandler v1.1.1 // indirect + github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect + github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/blang/semver/v4 v4.0.0 // indirect github.com/cenkalti/backoff/v4 v4.1.3 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/coreos/go-semver v0.3.0 // indirect - github.com/coreos/go-systemd/v22 v22.3.2 // indirect + github.com/coreos/go-systemd/v22 v22.4.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/docker/distribution v2.8.1+incompatible // indirect github.com/emicklei/go-restful/v3 v3.9.0 // indirect + github.com/evanphx/json-patch v4.12.0+incompatible // indirect github.com/felixge/httpsnoop v1.0.3 // indirect + github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/go-logr/logr v1.2.3 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/jsonreference v0.20.0 // indirect - github.com/go-openapi/swag v0.19.14 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.1 // indirect + github.com/go-openapi/swag v0.22.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/protobuf v1.5.2 // indirect + github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect + github.com/golang/protobuf v1.5.3 // indirect + github.com/google/cel-go v0.12.6 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/google/gofuzz v1.1.0 // indirect - github.com/google/uuid v1.1.2 // indirect + github.com/google/uuid v1.3.0 // indirect github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 // indirect + github.com/imdario/mergo v0.3.6 // indirect + github.com/inconshreveable/mousetrap v1.0.1 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.7.6 // indirect + github.com/mailru/easyjson v0.7.7 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect + github.com/mitchellh/mapstructure v1.4.1 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect + github.com/pkg/errors v0.9.1 // indirect github.com/prometheus/client_golang v1.14.0 // indirect github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/procfs v0.8.0 // indirect github.com/robfig/cron/v3 v3.0.1 // indirect + github.com/spf13/cobra v1.6.0 // indirect github.com/spf13/pflag v1.0.5 // indirect - go.etcd.io/etcd/api/v3 v3.5.5 // indirect - go.etcd.io/etcd/client/pkg/v3 v3.5.5 // indirect - go.etcd.io/etcd/client/v3 v3.5.5 // indirect + github.com/stoewer/go-strcase v1.2.0 // indirect + go.etcd.io/etcd/api/v3 v3.5.7 // indirect + go.etcd.io/etcd/client/pkg/v3 v3.5.7 // indirect + go.etcd.io/etcd/client/v3 v3.5.7 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.35.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.1 // indirect go.opentelemetry.io/otel v1.10.0 // indirect go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.10.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.10.0 // indirect @@ -61,60 +74,67 @@ require ( go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect go.uber.org/zap v1.19.0 // indirect - golang.org/x/net v0.3.1-0.20221206200815-1e63c2f08a10 // indirect + golang.org/x/crypto v0.1.0 // indirect + golang.org/x/net v0.8.0 // indirect golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect - golang.org/x/sys v0.3.0 // indirect - golang.org/x/term v0.3.0 // indirect - golang.org/x/text v0.5.0 // indirect + golang.org/x/sync v0.1.0 // indirect + golang.org/x/sys v0.6.0 // indirect + golang.org/x/term v0.6.0 // indirect + golang.org/x/text v0.8.0 // indirect golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21 // indirect - google.golang.org/grpc v1.49.0 // indirect + google.golang.org/grpc v1.51.0 // indirect google.golang.org/protobuf v1.28.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.26.0 // indirect - k8s.io/apiserver v0.0.0 // indirect - k8s.io/client-go v0.26.0 // indirect - k8s.io/component-base v0.26.0 // indirect - k8s.io/component-helpers v0.0.0 // indirect - k8s.io/klog/v2 v2.80.1 // indirect - k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect - k8s.io/utils v0.0.0-20221107191617-1a15be271d1d // indirect - sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.33 // indirect - sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect + k8s.io/api v0.27.0 // indirect + k8s.io/apiserver v0.27.0 // indirect + k8s.io/client-go v0.27.0 // indirect + k8s.io/cloud-provider v0.0.0 // indirect + k8s.io/component-base v0.27.0 // indirect + k8s.io/component-helpers v0.27.0 // indirect + k8s.io/controller-manager v0.27.0 // indirect + k8s.io/klog/v2 v2.90.1 // indirect + k8s.io/kms v0.27.0 // indirect + k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a // indirect + k8s.io/kubelet v0.0.0 // indirect + k8s.io/utils v0.0.0-20230209194617-a36077c30491 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1 // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) replace ( - k8s.io/api => k8s.io/api v0.26.0 - k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.26.0 - k8s.io/apimachinery => k8s.io/apimachinery v0.26.0 - k8s.io/apiserver => k8s.io/apiserver v0.26.0 - k8s.io/cli-runtime => k8s.io/cli-runtime v0.26.0 - k8s.io/client-go => k8s.io/client-go v0.26.0 - k8s.io/cloud-provider => k8s.io/cloud-provider v0.26.0 - k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.26.0 - k8s.io/code-generator => k8s.io/code-generator v0.26.0 - k8s.io/component-base => k8s.io/component-base v0.26.0 - k8s.io/component-helpers => k8s.io/component-helpers v0.26.0 - k8s.io/controller-manager => k8s.io/controller-manager v0.26.0 - k8s.io/cri-api => k8s.io/cri-api v0.26.0 - k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.26.0 - k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.26.0 - k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.26.0 - k8s.io/kube-proxy => k8s.io/kube-proxy v0.26.0 - k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.26.0 - k8s.io/kubectl => k8s.io/kubectl v0.26.0 - k8s.io/kubelet => k8s.io/kubelet v0.26.0 + k8s.io/api => k8s.io/api v0.27.0 + k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.27.0 + k8s.io/apimachinery => k8s.io/apimachinery v0.27.0 + k8s.io/apiserver => k8s.io/apiserver v0.27.0 + k8s.io/cli-runtime => k8s.io/cli-runtime v0.27.0 + k8s.io/client-go => k8s.io/client-go v0.27.0 + k8s.io/cloud-provider => k8s.io/cloud-provider v0.27.0 + k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.27.0 + k8s.io/code-generator => k8s.io/code-generator v0.27.0 + k8s.io/component-base => k8s.io/component-base v0.27.0 + k8s.io/component-helpers => k8s.io/component-helpers v0.27.0 + k8s.io/controller-manager => k8s.io/controller-manager v0.27.0 + k8s.io/cri-api => k8s.io/cri-api v0.27.0 + k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.27.0 + k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.27.0 + k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.27.0 + k8s.io/kube-proxy => k8s.io/kube-proxy v0.27.0 + k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.27.0 + k8s.io/kubectl => k8s.io/kubectl v0.27.0 + k8s.io/kubelet => k8s.io/kubelet v0.27.0 k8s.io/kubernetes => ../kubernetes - k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.26.0 - k8s.io/metrics => k8s.io/metrics v0.26.0 - k8s.io/mount-utils => k8s.io/mount-utils v0.26.0 - k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.26.0 - k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.26.0 - k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.26.0 - k8s.io/sample-controller => k8s.io/sample-controller v0.26.0 + k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.27.0 + k8s.io/metrics => k8s.io/metrics v0.27.0 + k8s.io/mount-utils => k8s.io/mount-utils v0.27.0 + k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.27.0 + k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.27.0 + k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.27.0 + k8s.io/sample-controller => k8s.io/sample-controller v0.27.0 ) diff --git a/go.sum b/go.sum index 9d1140f1e7e..013dc6455fc 100644 --- a/go.sum +++ b/go.sum @@ -32,8 +32,11 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I= +github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -41,6 +44,10 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 h1:yL7+Jz0jTC6yykIK/Wh74gnTJnrGr5AyrNMXuA0gves= +github.com/antlr/antlr4/runtime/Go/antlr v1.4.10/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -70,8 +77,9 @@ github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd/v22 v22.3.2 h1:D9/bQk5vlXQFZ6Kwuu6zaiXJ9oTPe68++AzAJc1DzSI= -github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/coreos/go-systemd/v22 v22.4.0 h1:y9YHcjnjynCd/DVbg5j9L/33jQM3MxJlbj/zWskzfGU= +github.com/coreos/go-systemd/v22 v22.4.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -80,22 +88,22 @@ github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6 github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= +github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c= +github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -114,25 +122,28 @@ github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= -github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.14 h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng= -github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonreference v0.20.1 h1:FBLnyygC4/IZZr893oiomc9XaghoveYTrLC1F86HID8= +github.com/go-openapi/jsonreference v0.20.1/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ= github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= @@ -155,11 +166,14 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= +github.com/google/cel-go v0.12.6 h1:kjeKudqV0OygrAqA9fX6J55S8gj+Jre2tckIm5RoG4M= +github.com/google/cel-go v0.12.6/go.mod h1:Jk7ljRzLBhkmiAwBoUxB1sZSCVBAzkqPF25olK/iRDw= github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -186,9 +200,11 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= +github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= @@ -202,6 +218,10 @@ github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4Zs github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= +github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= +github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= @@ -222,17 +242,19 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxv github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2 h1:hAHbPm5IJGijwng3PWk09JkG9WeqChjprR5s9bBZ+OM= github.com/matttproud/golang_protobuf_extensions v1.0.2/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/mitchellh/mapstructure v1.4.1 h1:CpVNEelQCZBooIPDn+AR3NpivK/TIKU8bDxdASFVQag= +github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -244,10 +266,8 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/onsi/ginkgo/v2 v2.4.0 h1:+Ig9nvqgS5OBSACXNk15PLdp0U9XPYROt9CFzVdFGIs= -github.com/onsi/gomega v1.23.0 h1:/oxKu9c2HVap+F3PfKort2Hw5DEU+HGlW8n+tguWsys= +github.com/onsi/ginkgo/v2 v2.9.1 h1:zie5Ly042PD3bsCvsSOPvRnFwyo3rKe64TJlD6nu0mk= +github.com/onsi/gomega v1.27.4 h1:Z2AnStgsdSayCMDiCU42qIz+HLqEPcgiOCXjAU/w+8E= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -260,7 +280,6 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= @@ -287,42 +306,50 @@ github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= +github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/soheilhy/cmux v0.1.5 h1:jjzc5WVemNEDTLwv9tlmemhC73tI08BNOIGwBOo10Js= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spf13/cobra v1.6.0 h1:42a0n6jwCot1pUmomAp4T7DeMD+20LFv4Q54pxLf2LI= +github.com/spf13/cobra v1.6.0/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= -github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802 h1:uruHq4dN7GR16kFc5fp3d1RIYzJW5onx8Ybykw2YQFA= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 h1:6fotK7otjonDflCTK0BCfls4SPy3NcCVb5dqqmbRknE= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2 h1:eY9dn8+vbi4tKz5Qo6v2eYzo7kUS51QINcR5jNpbZS8= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU= -go.etcd.io/etcd/api/v3 v3.5.5 h1:BX4JIbQ7hl7+jL+g+2j5UAr0o1bctCm6/Ct+ArBGkf0= -go.etcd.io/etcd/api/v3 v3.5.5/go.mod h1:KFtNaxGDw4Yx/BA4iPPwevUTAuqcsPxzyX8PHydchN8= -go.etcd.io/etcd/client/pkg/v3 v3.5.5 h1:9S0JUVvmrVl7wCF39iTQthdaaNIiAaQbmK75ogO6GU8= -go.etcd.io/etcd/client/pkg/v3 v3.5.5/go.mod h1:ggrwbk069qxpKPq8/FKkQ3Xq9y39kbFR4LnKszpRXeQ= -go.etcd.io/etcd/client/v2 v2.305.5 h1:DktRP60//JJpnPC0VBymAN/7V71GHMdjDCBt4ZPXDjI= -go.etcd.io/etcd/client/v3 v3.5.5 h1:q++2WTJbUgpQu4B6hCuT7VkdwaTP7Qz6Daak3WzbrlI= -go.etcd.io/etcd/client/v3 v3.5.5/go.mod h1:aApjR4WGlSumpnJ2kloS75h6aHUmAyaPLjHMxpc7E7c= -go.etcd.io/etcd/pkg/v3 v3.5.5 h1:Ablg7T7OkR+AeeeU32kdVhw/AGDsitkKPl7aW73ssjU= -go.etcd.io/etcd/raft/v3 v3.5.5 h1:Ibz6XyZ60OYyRopu73lLM/P+qco3YtlZMOhnXNS051I= -go.etcd.io/etcd/server/v3 v3.5.5 h1:jNjYm/9s+f9A9r6+SC4RvNaz6AqixpOvhrFdT0PvIj0= +go.etcd.io/etcd/api/v3 v3.5.7 h1:sbcmosSVesNrWOJ58ZQFitHMdncusIifYcrBfwrlJSY= +go.etcd.io/etcd/api/v3 v3.5.7/go.mod h1:9qew1gCdDDLu+VwmeG+iFpL+QlpHTo7iubavdVDgCAA= +go.etcd.io/etcd/client/pkg/v3 v3.5.7 h1:y3kf5Gbp4e4q7egZdn5T7W9TSHUvkClN6u+Rq9mEOmg= +go.etcd.io/etcd/client/pkg/v3 v3.5.7/go.mod h1:o0Abi1MK86iad3YrWhgUsbGx1pmTS+hrORWc2CamuhY= +go.etcd.io/etcd/client/v2 v2.305.7 h1:AELPkjNR3/igjbO7CjyF1fPuVPjrblliiKj+Y6xSGOU= +go.etcd.io/etcd/client/v3 v3.5.7 h1:u/OhpiuCgYY8awOHlhIhmGIGpxfBU/GZBUP3m/3/Iz4= +go.etcd.io/etcd/client/v3 v3.5.7/go.mod h1:sOWmj9DZUMyAngS7QQwCyAXXAL6WhgTOPLNS/NabQgw= +go.etcd.io/etcd/pkg/v3 v3.5.7 h1:obOzeVwerFwZ9trMWapU/VjDcYUJb5OfgC1zqEGWO/0= +go.etcd.io/etcd/raft/v3 v3.5.7 h1:aN79qxLmV3SvIq84aNTliYGmjwsW6NqJSnqmI1HLJKc= +go.etcd.io/etcd/server/v3 v3.5.7 h1:BTBD8IJUV7YFgsczZMHhMTS67XuA4KpRquL0MFOJGRk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -330,8 +357,8 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.35.0 h1:xFSRQBbXF6VvYRf2lqMJXxoB72XI1K/azav8TekHHSw= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.35.0/go.mod h1:h8TWwRAhQpOd0aM5nYsRD8+flnkj+526GEIVlarH7eY= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.0 h1:Ajldaqhxqw/gNzQA45IKFWLdG7jZuXX/wBW1d5qvbUI= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.0/go.mod h1:9NiG9I2aHTKkcxqCILhjtyNA1QEiCjdBACv4IvrFQ+c= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.1 h1:sxoY9kG1s1WpSYNyzm24rlwH4lnRYFXUVVBmKMBfRgw= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.35.1/go.mod h1:9NiG9I2aHTKkcxqCILhjtyNA1QEiCjdBACv4IvrFQ+c= go.opentelemetry.io/otel v1.10.0 h1:Y7DTJMR6zs1xkS/upamJYk0SxxN4C9AqRd77jmZnyY4= go.opentelemetry.io/otel v1.10.0/go.mod h1:NbvWjCthWHKBEUMpf0/v8ZRZlni86PpGFEMA9pnQSnQ= go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.10.0 h1:TaB+1rQhddO1sF71MpZOZAuSPW1klK2M8XxfrBMfK7Y= @@ -352,10 +379,9 @@ go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= +go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= go.uber.org/zap v1.19.0 h1:mZQZefskPPCMIBCSEH0v2/iUqqLrYtaeqwD6FUGUnFE= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -365,6 +391,7 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU= +golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -387,7 +414,6 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= @@ -396,7 +422,6 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -430,8 +455,8 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.3.1-0.20221206200815-1e63c2f08a10 h1:Frnccbp+ok2GkUS2tC84yAq/U9Vg+0sIO7aRL3T4Xnc= -golang.org/x/net v0.3.1-0.20221206200815-1e63c2f08a10/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= +golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -451,7 +476,8 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -488,19 +514,19 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.3.0 h1:qoo4akIqOcDME5bhc/NgxUdovd6BSS2uMsVjB56q1xI= -golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= +golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -509,8 +535,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -559,7 +585,7 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -619,7 +645,6 @@ google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21 h1:hrbNEivu7Zn1pxvHk6MBrq9iE22woVILTHqexqBxe6I= google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= @@ -637,13 +662,11 @@ google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= -google.golang.org/grpc v1.49.0 h1:WTLtQzmQori5FUH25Pq4WT22oCsv8USpQ+F6rqtsmxw= -google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.51.0 h1:E1eGv1FTqoLIdnBCZufiSHgKjlqG6fKFf6pPWtMTh8U= +google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -664,12 +687,13 @@ gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLks gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/natefinch/lumberjack.v2 v2.0.0 h1:1Lc07Kr7qY4U2YPouBjpCLxpiyxIVoxqXgkXLknAOE8= +gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -691,33 +715,40 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.26.0 h1:IpPlZnxBpV1xl7TGk/X6lFtpgjgntCg8PJ+qrPHAC7I= -k8s.io/api v0.26.0/go.mod h1:k6HDTaIFC8yn1i6pSClSqIwLABIcLV9l5Q4EcngKnQg= -k8s.io/apimachinery v0.26.0 h1:1feANjElT7MvPqp0JT6F3Ss6TWDwmcjLypwoPpEf7zg= -k8s.io/apimachinery v0.26.0/go.mod h1:tnPmbONNJ7ByJNz9+n9kMjNP8ON+1qoAIIC70lztu74= -k8s.io/apiserver v0.26.0 h1:q+LqIK5EZwdznGZb8bq0+a+vCqdeEEe4Ux3zsOjbc4o= -k8s.io/apiserver v0.26.0/go.mod h1:aWhlLD+mU+xRo+zhkvP/gFNbShI4wBDHS33o0+JGI84= -k8s.io/client-go v0.26.0 h1:lT1D3OfO+wIi9UFolCrifbjUUgu7CpLca0AD8ghRLI8= -k8s.io/client-go v0.26.0/go.mod h1:I2Sh57A79EQsDmn7F7ASpmru1cceh3ocVT9KlX2jEZg= -k8s.io/component-base v0.26.0 h1:0IkChOCohtDHttmKuz+EP3j3+qKmV55rM9gIFTXA7Vs= -k8s.io/component-base v0.26.0/go.mod h1:lqHwlfV1/haa14F/Z5Zizk5QmzaVf23nQzCwVOQpfC8= -k8s.io/component-helpers v0.26.0 h1:KNgwqs3EUdK0HLfW4GhnbD+q/Zl9U021VfIU7qoVYFk= -k8s.io/component-helpers v0.26.0/go.mod h1:jHN01qS/Jdj95WCbTe9S2VZ9yxpxXNY488WjF+yW4fo= -k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= -k8s.io/utils v0.0.0-20221107191617-1a15be271d1d h1:0Smp/HP1OH4Rvhe+4B8nWGERtlqAGSftbSbbmm45oFs= -k8s.io/utils v0.0.0-20221107191617-1a15be271d1d/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/api v0.27.0 h1:2owttiA8Oa+J3idFeq8TSnNpm4y6AOGPI3PDbIpp2cE= +k8s.io/api v0.27.0/go.mod h1:Wl+QRvQlh+T8SK5f4F6YBhhyH6hrFO08nl74xZb1MUE= +k8s.io/apimachinery v0.27.0 h1:vEyy/PVMbPMCPutrssCVHCf0JNZ0Px+YqPi82K2ALlk= +k8s.io/apimachinery v0.27.0/go.mod h1:5ikh59fK3AJ287GUvpUsryoMFtH9zj/ARfWCo3AyXTM= +k8s.io/apiserver v0.27.0 h1:sXt/2yVMebZef6GqJHs4IYHSdSYwwrJCafBV/KSCwDw= +k8s.io/apiserver v0.27.0/go.mod h1:8heEJ5f6EqiKwXC3Ez3ikgOvGtRSEQG/SQZkhO9UzIg= +k8s.io/client-go v0.27.0 h1:DyZS1fJkv73tEy7rWv4VF6NwGeJ7SKvNaLRXZBYLA+4= +k8s.io/client-go v0.27.0/go.mod h1:XVEmpNnM+4JYO3EENoFV/ZDv3KxKVJUnzGo70avk+C4= +k8s.io/cloud-provider v0.27.0 h1:UWEvGvfd9VDRSrtmek7dDeHfUUtycHyvIO6TGI9bFJE= +k8s.io/cloud-provider v0.27.0/go.mod h1:hUbqXpAWGaOTUhwL5k2QO9i2l9mEMhdMV9ChbvB3Gmw= +k8s.io/component-base v0.27.0 h1:g3/FkscH8Uqg9SiDCEfhfhTVwKiVo4T2+iBwUqiFkMg= +k8s.io/component-base v0.27.0/go.mod h1:PXyBQd/vYYjqqGB83rnsHffTTG6zlmxZAd0ZSOu6evk= +k8s.io/component-helpers v0.27.0 h1:rymQGJc4s30hHeb5VGuPdht8gKIPecj+Bw2FOJSavE4= +k8s.io/component-helpers v0.27.0/go.mod h1:vMjVwym/Y0BVyNvg8a4Et2vyPJAh/JhBM0OTRAt0Ceg= +k8s.io/controller-manager v0.27.0 h1:xW0V4tXJfxRmc5OEwZn0GHU0auKySRJmlVMS/tqrWPw= +k8s.io/controller-manager v0.27.0/go.mod h1:E9SEe60LMWkBTe7IUm1pVTrikc5tjzEl6RUNbBUdm3c= +k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw= +k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kms v0.27.0 h1:adCotKQybOjxwbxW7ogXyv8uQGan/3Y126S2aNW4YFY= +k8s.io/kms v0.27.0/go.mod h1:vI2R4Nhw+PZ+DYtVPVYKsIqip2IYjZWK9bESR64WdIw= +k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a h1:gmovKNur38vgoWfGtP5QOGNOA7ki4n6qNYoFAgMlNvg= +k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a/go.mod h1:y5VtZWM9sHHc2ZodIH/6SHzXj+TPU5USoA8lcIeKEKY= +k8s.io/kubelet v0.27.0 h1:zn70SDJKNmRSFG2qeU2UITzZWdEbLVWIf/u1kd1raUQ= +k8s.io/kubelet v0.27.0/go.mod h1:Z6ipUvM0AFzUWxvSmot8OodwcMN15lgkFM3bcBexBsI= +k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY= +k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.33 h1:LYqFq+6Cj2D0gFfrJvL7iElD4ET6ir3VDdhDdTK7rgc= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.33/go.mod h1:soWkSNf2tZC7aMibXEqVhCd73GOY5fJikn8qbdzemB0= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1 h1:MB1zkK+WMOmfLxEpjr1wEmkpcIhZC7kfTkZ0stg5bog= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1/go.mod h1:/4NLd21PQY0B+H+X0aDZdwUiVXYJQl/2NXA5KVtDiP4= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/hugo.toml b/hugo.toml index c34cfa20d27..796630004c9 100644 --- a/hugo.toml +++ b/hugo.toml @@ -138,10 +138,10 @@ time_format_default = "January 02, 2006 at 3:04 PM PST" description = "Production-Grade Container Orchestration" showedit = true -latest = "v1.26" +latest = "v1.27" -fullversion = "v1.26.0" -version = "v1.26" +fullversion = "v1.27.0" +version = "v1.27" githubbranch = "main" docsbranch = "main" deprecated = false @@ -181,40 +181,40 @@ js = [ ] [[params.versions]] -fullversion = "v1.26.0" -version = "v1.26" -githubbranch = "v1.26.0" +fullversion = "v1.27.0" +version = "v1.27" +githubbranch = "v1.27.0" docsbranch = "main" url = "https://kubernetes.io" [[params.versions]] -fullversion = "v1.25.5" +fullversion = "v1.26.3" +version = "v1.26" +githubbranch = "v1.26.3" +docsbranch = "release-1.26" +url = "https://v1-26.docs.kubernetes.io" + +[[params.versions]] +fullversion = "v1.25.8" version = "v1.25" -githubbranch = "v1.25.5" +githubbranch = "v1.25.8" docsbranch = "release-1.25" url = "https://v1-25.docs.kubernetes.io" [[params.versions]] -fullversion = "v1.24.9" +fullversion = "v1.24.12" version = "v1.24" -githubbranch = "v1.24.9" +githubbranch = "v1.24.12" docsbranch = "release-1.24" url = "https://v1-24.docs.kubernetes.io" [[params.versions]] -fullversion = "v1.23.15" +fullversion = "v1.23.17" version = "v1.23" -githubbranch = "v1.23.15" +githubbranch = "v1.23.17" docsbranch = "release-1.23" url = "https://v1-23.docs.kubernetes.io" -[[params.versions]] -fullversion = "v1.22.17" -version = "v1.22" -githubbranch = "v1.22.17" -docsbranch = "release-1.22" -url = "https://v1-22.docs.kubernetes.io" - # User interface configuration [params.ui] # Enable to show the side bar menu in its compact state. diff --git a/static/_redirects b/static/_redirects index 1e7babdd208..5a0e2113e87 100644 --- a/static/_redirects +++ b/static/_redirects @@ -94,6 +94,7 @@ /docs/concepts/service-catalog/ /docs/concepts/extend-kubernetes/service-catalog/ 301 /docs/concepts/services-networking/networkpolicies/ /docs/concepts/services-networking/network-policies/ 301 /docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ /docs/tasks/network/customize-hosts-file-for-pods/ 301 +/docs/concepts/services-networking/topology-aware-hints/ /docs/concepts/services-networking/topology-aware-routing/ 302 /docs/concepts/storage/etcd-store-api-object/ /docs/tasks/administer-cluster/configure-upgrade-etcd/ 301 /docs/concepts/storage/volumes/emptyDirapiVersion/ /docs/concepts/storage/volumes/#emptydir/ 301 /docs/concepts/tools/kubectl/object-management-overview/ /docs/concepts/overview/object-management-kubectl/overview/ 301 diff --git a/static/docs/reference/generated/kubectl/kubectl-commands.html b/static/docs/reference/generated/kubectl/kubectl-commands.html index d2a59477231..4fff80b171a 100644 --- a/static/docs/reference/generated/kubectl/kubectl-commands.html +++ b/static/docs/reference/generated/kubectl/kubectl-commands.html @@ -12,7 +12,7 @@ - +
    • example

    GETTING STARTED

    @@ -38,11 +38,12 @@ inspect them.

    cat pod.json | kubectl create -f -
    -

    Edit the data in registry.yaml in JSON then create the resource using the edited data

    +

    Edit the data in docker-registry.yaml in JSON then create the resource using the edited data

    -
    kubectl create -f registry.yaml --edit -o json
+
    kubectl create -f docker-registry.yaml --edit -o json
 
    
-
    Create a resource from a file or from stdin.

     JSON and YAML formats are accepted.
    
+
    Create a resource from a file or from stdin.
    
+
     JSON and YAML formats are accepted.
    
 
    Usage
    
 
    $ kubectl create -f FILENAME
    
 
    Flags
    
@@ -96,7 +97,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 raw
@@ -126,7 +127,7 @@ inspect them.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 show-managed-fields
@@ -143,8 +144,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 windows-line-endings
@@ -169,7 +170,7 @@ inspect them.
    
 
    
 
     Create a cluster role named "foo" with API Group specified
    
 
    
-
    kubectl create clusterrole foo --verb=get,list,watch --resource=rs.apps
+
    kubectl create clusterrole foo --verb=get,list,watch --resource=rs.extensions
 
    
 
    
 
     Create a cluster role named "foo" with SubResource specified
    
@@ -234,7 +235,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 resource
@@ -269,8 +270,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 verb
@@ -329,13 +330,13 @@ inspect them.
    
 group
 
 []
-Groups to bind to the clusterrole. The flag can be repeated to add multiple groups. 
+Groups to bind to the clusterrole 
 
 
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 save-config
@@ -347,7 +348,7 @@ inspect them.
    
 serviceaccount
 
 []
-Service accounts to bind to the clusterrole, in the format <namespace>:<name>. The flag can be repeated to add multiple service accounts. 
+Service accounts to bind to the clusterrole, in the format <namespace>:<name> 
 
 
 show-managed-fields
@@ -362,16 +363,10 @@ inspect them.
    
 Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. 
 
 
-user
-
-[]
-Usernames to bind to the clusterrole. The flag can be repeated to add multiple users. 
-
-
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -400,7 +395,7 @@ inspect them.
    
 
    
 
     Create a new config map named my-config from an env file
    
 
    
-
    kubectl create configmap my-config --from-env-file=path/to/foo.env --from-env-file=path/to/bar.env
+
    kubectl create configmap my-config --from-env-file=path/to/bar.env
 
    
 
    Create a config map based on a file, directory, or specified literal value.
    
 
     A single config map may package one or more key/value pairs.
    
@@ -446,8 +441,8 @@ inspect them.
    
 
 from-env-file
 
-[]
-Specify the path to a file to read lines of key=val pairs to create a configmap. 
+
+Specify the path to a file to read lines of key=val pairs to create a configmap (i.e. a Docker .env file). 
 
 
 from-file
@@ -465,7 +460,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 save-config
@@ -488,8 +483,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -547,7 +542,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 restart
@@ -582,8 +577,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -651,7 +646,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 port
@@ -686,8 +681,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -798,7 +793,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 rule
@@ -827,8 +822,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -897,7 +892,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 save-config
@@ -920,8 +915,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -968,7 +963,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 save-config
@@ -991,8 +986,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -1056,7 +1051,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 save-config
@@ -1085,8 +1080,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -1155,7 +1150,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 preemption-policy
@@ -1184,8 +1179,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 value
@@ -1249,7 +1244,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 save-config
@@ -1278,8 +1273,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -1298,7 +1293,7 @@ inspect them.
    
 
    
 
     Create a role named "foo" with API Group specified
    
 
    
-
    kubectl create role foo --verb=get,list,watch --resource=rs.apps
+
    kubectl create role foo --verb=get,list,watch --resource=rs.extensions
 
    
 
    
 
     Create a role named "foo" with SubResource specified
    
@@ -1341,7 +1336,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 resource
@@ -1376,8 +1371,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 verb
@@ -1436,13 +1431,13 @@ inspect them.
    
 group
 
 []
-Groups to bind to the role. The flag can be repeated to add multiple groups. 
+Groups to bind to the role 
 
 
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 role
@@ -1460,7 +1455,7 @@ inspect them.
    
 serviceaccount
 
 []
-Service accounts to bind to the role, in the format <namespace>:<name>. The flag can be repeated to add multiple service accounts. 
+Service accounts to bind to the role, in the format <namespace>:<name> 
 
 
 show-managed-fields
@@ -1475,16 +1470,10 @@ inspect them.
    
 Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. 
 
 
-user
-
-[]
-Usernames to bind to the role. The flag can be repeated to add multiple users. 
-
-
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -1508,13 +1497,13 @@ inspect them.
    
 
    Create a new secret for use with Docker registries.
    
 
      Dockercfg secrets are used to authenticate against Docker registries.
    
 
      When using the Docker command line to push images, you can authenticate to a given registry by running:
-  '$ docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'.
    
+    '$ docker login DOCKER_REGISTRY_SERVER --username=DOCKER_USER --password=DOCKER_PASSWORD --email=DOCKER_EMAIL'.
    
 
     That produces a ~/.dockercfg file that is used by subsequent 'docker push' and 'docker pull' commands to authenticate to the registry. The email address is optional.
    
 
      When creating applications, you may have a Docker registry that requires authentication.  In order for the
   nodes to pull images on your behalf, they must have the credentials.  You can provide this information
   by creating a dockercfg secret and attaching it to your service account.
    
 
    Usage
    
-
    $ kubectl create secret docker-registry NAME --docker-username=user --docker-password=password --docker-email=email [--docker-server=string] [--from-file=[key=]source] [--dry-run=server|client|none]
    
+
    $ kubectl create docker-registry NAME --docker-username=user --docker-password=password --docker-email=email [--docker-server=string] [--from-file=[key=]source] [--dry-run=server|client|none]
    
 
    Flags
    
 
@@ -1584,7 +1573,7 @@ inspect them.
    
-
+
@@ -1607,8 +1596,8 @@ inspect them.
    
-
-
+
+
    
 
 
    output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 save-config
 
    
 validate
 strictMust be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields.     		trueIf true, use a schema to validate the input before sending it 
 
    
 
 
    
@@ -1635,16 +1624,16 @@ inspect them.
    
 
    kubectl create secret generic my-secret --from-file=ssh-privatekey=path/to/id_rsa --from-literal=passphrase=topsecret
 
    
 
    
-
     Create a new secret named my-secret from env files
    
+
     Create a new secret named my-secret from an env file
    
 
    
-
    kubectl create secret generic my-secret --from-env-file=path/to/foo.env --from-env-file=path/to/bar.env
+
    kubectl create secret generic my-secret --from-env-file=path/to/bar.env
 
    
 
    Create a secret based on a file, directory, or specified literal value.
    
 
     A single secret may package one or more key/value pairs.
    
 
     When creating a secret based on a file, the key will default to the basename of the file, and the value will default to the file content. If the basename is an invalid key or you wish to chose your own, you may specify an alternate key.
    
 
     When creating a secret based on a directory, each file whose basename is a valid key in the directory will be packaged into the secret. Any directory entries except regular files are ignored (e.g. subdirectories, symlinks, devices, pipes, etc).
    
 
    Usage
    
-
    $ kubectl create secret generic NAME [--type=string] [--from-file=[key=]source] [--from-literal=key1=value1] [--dry-run=server|client|none]
    
+
    $ kubectl create generic NAME [--type=string] [--from-file=[key=]source] [--from-literal=key1=value1] [--dry-run=server|client|none]
    
 
    Flags
    
 
@@ -1683,8 +1672,8 @@ inspect them.
    
-
-
+
+
@@ -1702,7 +1691,7 @@ inspect them.
    
-
+
@@ -1731,8 +1720,8 @@ inspect them.
    
-
-
+
+
    
 
 
    
 from-env-file
 []Specify the path to a file to read lines of key=val pairs to create a secret. Specify the path to a file to read lines of key=val pairs to create a secret (i.e. a Docker .env file). 
 
    
 
    
 from-file
 output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 save-config
 
    
 validate
 strictMust be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields.     		trueIf true, use a schema to validate the input before sending it 
 
    
 
 
    
@@ -1746,7 +1735,7 @@ inspect them.
    
 
    Create a TLS secret from the given public/private key pair.
    
 
     The public/private key pair must exist beforehand. The public key certificate must be .PEM encoded and match the given private key.
    
 
    Usage
    
-
    $ kubectl create secret tls NAME --cert=path/to/cert/file --key=path/to/key/file [--dry-run=server|client|none]
    
+
    $ kubectl create tls NAME --cert=path/to/cert/file --key=path/to/key/file [--dry-run=server|client|none]
    
 
    Flags
    
 
@@ -1798,7 +1787,7 @@ inspect them.
    
-
+
@@ -1821,8 +1810,8 @@ inspect them.
    
-
-
+
+
    
 
 
    output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 save-config
 
    
 validate
 strictMust be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields.     		trueIf true, use a schema to validate the input before sending it 
 
    
 
 
    
@@ -1845,7 +1834,7 @@ inspect them.
    
 
    
 
    Create a ClusterIP service with the specified name.
    
 
    Usage
    
-
    $ kubectl create service clusterip NAME [--tcp=<port>:<targetPort>] [--dry-run=server|client|none]
    
+
    $ kubectl create clusterip NAME [--tcp=<port>:<targetPort>] [--dry-run=server|client|none]
    
 
    Flags
    
 
@@ -1885,7 +1874,7 @@ inspect them.
    
-
+
@@ -1914,8 +1903,8 @@ inspect them.
    
-
-
+
+
    
 
 
    output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 save-config
 
    
 validate
 strictMust be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields.     		trueIf true, use a schema to validate the input before sending it 
 
    
 
 
    
@@ -1929,7 +1918,7 @@ inspect them.
    
 
    Create an ExternalName service with the specified name.
    
 
     ExternalName service references to an external DNS address instead of only pods, which will allow application authors to reference services that exist off platform, on other clusters, or locally.
    
 
    Usage
    
-
    $ kubectl create service externalname NAME --external-name external.name [--dry-run=server|client|none]
    
+
    $ kubectl create externalname NAME --external-name external.name [--dry-run=server|client|none]
    
 
    Flags
    
 
@@ -1969,7 +1958,7 @@ inspect them.
    
-
+
@@ -1998,8 +1987,8 @@ inspect them.
    
-
-
+
+
    
 
 
    output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 save-config
 
    
 validate
 strictMust be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields.     		trueIf true, use a schema to validate the input before sending it 
 
    
 
 
    
@@ -2012,7 +2001,7 @@ inspect them.
    
 
    
 
    Create a LoadBalancer service with the specified name.
    
 
    Usage
    
-
    $ kubectl create service loadbalancer NAME [--tcp=port:targetPort] [--dry-run=server|client|none]
    
+
    $ kubectl create loadbalancer NAME [--tcp=port:targetPort] [--dry-run=server|client|none]
    
 
    Flags
    
 
@@ -2046,7 +2035,7 @@ inspect them.
    
-
+
@@ -2075,8 +2064,8 @@ inspect them.
    
-
-
+
+
    
 
 
    output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 save-config
 
    
 validate
 strictMust be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields.     		trueIf true, use a schema to validate the input before sending it 
 
    
 
 
    
@@ -2089,7 +2078,7 @@ inspect them.
    
 
    
 
    Create a NodePort service with the specified name.
    
 
    Usage
    
-
    $ kubectl create service nodeport NAME [--tcp=port:targetPort] [--dry-run=server|client|none]
    
+
    $ kubectl create nodeport NAME [--tcp=port:targetPort] [--dry-run=server|client|none]
    
 
    Flags
    
 
@@ -2129,7 +2118,7 @@ inspect them.
    
-
+
@@ -2158,8 +2147,8 @@ inspect them.
    
-
-
+
+
    
 
 
    output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 save-config
 
    
 validate
 strictMust be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields.     		trueIf true, use a schema to validate the input before sending it 
 
    
 
 
    
@@ -2206,7 +2195,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 save-config
@@ -2229,110 +2218,8 @@ inspect them.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
-
-
-
-
    
-
    token
    
-
    
-
     Request a token to authenticate to the kube-apiserver as the service account "myapp" in the current namespace
    
-
    
-
    kubectl create token myapp
-
    
-
    
-
     Request a token for a service account in a custom namespace
    
-
    
-
    kubectl create token myapp --namespace myns
-
    
-
    
-
     Request a token with a custom expiration
    
-
    
-
    kubectl create token myapp --duration 10m
-
    
-
    
-
     Request a token with a custom audience
    
-
    
-
    kubectl create token myapp --audience https://example.com
-
    
-
    
-
     Request a token bound to an instance of a Secret object
    
-
    
-
    kubectl create token myapp --bound-object-kind Secret --bound-object-name mysecret
-
    
-
    
-
     Request a token bound to an instance of a Secret object with a specific uid
    
-
    
-
    kubectl create token myapp --bound-object-kind Secret --bound-object-name mysecret --bound-object-uid 0d4691ed-659b-4935-a832-355f77ee47cc
-
    
-
    Request a service account token.
    
-
    Usage
    
-
    $ kubectl create token SERVICE_ACCOUNT_NAME
    
-
    Flags
    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
    NameShorthandDefaultUsage
    allow-missing-template-keys
 trueIf true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. 
    audience[]Audience of the requested token. If unset, defaults to requesting a token for use with the Kubernetes API server. May be repeated to request a token valid for multiple audiences. 
    bound-object-kindKind of an object to bind the token to. Supported kinds are Pod, Secret. If set, --bound-object-name must be provided. 
    bound-object-nameName of an object to bind the token to. The token will expire when the object is deleted. Requires --bound-object-kind. 
    bound-object-uidUID of an object to bind the token to. Requires --bound-object-kind and --bound-object-name. If unset, the UID of the existing object is used. 
    duration0sRequested lifetime of the issued token. The server may return a token with a longer or shorter lifetime. 
    outputoOutput format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
    show-managed-fieldsfalseIf true, keep the managedFields when printing objects in JSON or YAML format. 
    templateTemplate string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. If true, use a schema to validate the input before sending it 
 
    
     
 
    
@@ -2393,12 +2280,11 @@ inspect them.
    
 
    
 
    kubectl get rc/web service/frontend pods/web-pod-13je7
 
    
-
    
-
     List status subresource for a single pod.
    
-
    
-
    kubectl get pod web-pod-13je7 --subresource status
-
    
-
    Display one or many resources.

     Prints a table of the most important information about the specified resources. You can filter the list using a label selector and the --selector flag. If the desired resource type is namespaced you will only see results in your current namespace unless you pass --all-namespaces.

     By specifying the output as 'template' and providing a Go template as the value of the --template flag, you can filter the attributes of the fetched resources.

    Use "kubectl api-resources" for a complete list of supported resources.
    
+
    Display one or many resources.
    
+
     Prints a table of the most important information about the specified resources. You can filter the list using a label selector and the --selector flag. If the desired resource type is namespaced you will only see results in your current namespace unless you pass --all-namespaces.
    
+
     Uninitialized objects are not shown unless --include-uninitialized is passed.
    
+
     By specifying the output as 'template' and providing a Go template as the value of the --template flag, you can filter the attributes of the fetched resources.
    
+
    Use "kubectl api-resources" for a complete list of supported resources.
    
 
    Usage
    
 
    $ kubectl get [(-o|--output=)json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file|custom-columns|custom-columns-file|wide] (TYPE[.VERSION][.GROUP] [NAME | -l label] | TYPE[.VERSION][.GROUP]/NAME ...) [flags]
    
 
    Flags
    
@@ -2470,7 +2356,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file, custom-columns, custom-columns-file, wide). See custom columns [https://kubernetes.io/docs/reference/kubectl/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [https://kubernetes.io/docs/reference/kubectl/jsonpath/]. 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file|custom-columns-file|custom-columns|wide See custom columns [https://kubernetes.io/docs/reference/kubectl/overview/#custom-columns], golang template [http://golang.org/pkg/text/template/#pkg-overview] and jsonpath template [https://kubernetes.io/docs/reference/kubectl/jsonpath/]. 
 
 
 output-watch-events
@@ -2494,7 +2380,7 @@ inspect them.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 server-print
@@ -2527,12 +2413,6 @@ inspect them.
    
 If non-empty, sort list types using this field specification.  The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string. 
 
 
-subresource
-
-
-If specified, gets the subresource of the requested object. Must be one of [status scale]. This flag is alpha and may change in the future. 
-
-
 template
 
 
@@ -2548,7 +2428,7 @@ inspect them.
    
 watch
 w
 false
-After listing/getting the requested object, watch for changes. 
+After listing/getting the requested object, watch for changes. Uninitialized objects are excluded if no object name is provided. 
 
 
 watch-only
@@ -2665,7 +2545,7 @@ inspect them.
    
 expose
 
 false
-If true, create a ClusterIP service associated with the pod.  Requires --port. 
+If true, service is created for the container(s) which are run 
 
 
 field-manager
@@ -2692,6 +2572,12 @@ inspect them.
    
 Period of time in seconds given to the resource to terminate gracefully. Ignored if negative. Set to 1 for immediate shutdown. Can only be set to 0 when --force is true (force deletion). 
 
 
+hostport
+
+-1
+The host port mapping for the container port. To demonstrate a single-machine container. 
+
+
 image
 
 
@@ -2701,7 +2587,7 @@ inspect them.
    
 image-pull-policy
 
 
-The image pull policy for the container.  If left empty, this value will not be specified by the client and defaulted by the server. 
+The image pull policy for the container. If left empty, this value will not be specified by the client and defaulted by the server 
 
 
 kustomize
@@ -2713,7 +2599,7 @@ inspect them.
    
 labels
 l
 
-Comma separated labels to apply to the pod. Will override previous values. 
+Comma separated labels to apply to the pod(s). Will override previous values. 
 
 
 leave-stdin-open
@@ -2722,16 +2608,16 @@ inspect them.
    
 If the pod is started in interactive mode or with stdin, leave stdin open after the first attach completes. By default, stdin will be closed after the first attach completes. 
 
 
+limits
+
+
+The resource requirement limits for this container.  For example, 'cpu=200m,memory=512Mi'.  Note that server side components may assign limits depending on the server configuration, such as limit ranges. 
+
+
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
-
-
-override-type
-
-merge
-The method used to override the generated object: json, merge, or strategic. 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 overrides
@@ -2776,6 +2662,12 @@ inspect them.
    
 Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory. 
 
 
+requests
+
+
+The resource requirement requests for this container.  For example, 'cpu=100m,memory=256Mi'.  Note that server side components may assign requests depending on the server configuration, such as limit ranges. 
+
+
 restart
 
 Always
@@ -2785,7 +2677,7 @@ inspect them.
    
 rm
 
 false
-If true, delete the pod after it exits.  Only valid when attaching to the container, e.g. with '--attach' or with '-i/--stdin'. 
+If true, delete resources created in this command for attached containers. 
 
 
 save-config
@@ -2794,6 +2686,12 @@ inspect them.
    
 If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. 
 
 
+serviceaccount
+
+
+Service account to set in the pod spec. 
+
+
 show-managed-fields
 
 false
@@ -2803,7 +2701,7 @@ inspect them.
    
 stdin
 i
 false
-Keep stdin open on the container in the pod, even if nothing is attached. 
+Keep stdin open on the container(s) in the pod, even if nothing is attached. 
 
 
 template
@@ -2821,7 +2719,7 @@ inspect them.
    
 tty
 t
 false
-Allocate a TTY for the container in the pod. 
+Allocated a TTY for each container in the pod. 
 
 
 wait
@@ -2868,7 +2766,10 @@ inspect them.
    
 
 
    kubectl expose deployment nginx --port=80 --target-port=8000
 
    
-
    Expose a resource as a new Kubernetes service.

     Looks up a deployment, service, replica set, replication controller or pod by name and uses the selector for that resource as the selector for a new service on the specified port. A deployment or replica set will be exposed as a service only if its selector is convertible to a selector that service supports, i.e. when the selector contains only the matchLabels component. Note that if no port is specified via --port and the exposed resource has multiple ports, all will be re-used by the new service. Also if no labels are specified, the new service will re-use the labels from the resource it exposes.

     Possible resources include (case insensitive):

     pod (po), service (svc), replicationcontroller (rc), deployment (deploy), replicaset (rs)
    
+
    Expose a resource as a new Kubernetes service.
    
+
     Looks up a deployment, service, replica set, replication controller or pod by name and uses the selector for that resource as the selector for a new service on the specified port. A deployment or replica set will be exposed as a service only if its selector is convertible to a selector that service supports, i.e. when the selector contains only the matchLabels component. Note that if no port is specified via --port and the exposed resource has multiple ports, all will be re-used by the new service. Also if no labels are specified, the new service will re-use the labels from the resource it exposes.
    
+
     Possible resources include (case insensitive):
    
+
     pod (po), service (svc), replicationcontroller (rc), deployment (deploy), replicaset (rs)
    
 
    Usage
    
 
    $ kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP|SCTP] [--target-port=number-or-name] [--name=name] [--external-ip=external-ip-of-service] [--type=type]
    
 
    Flags
    
@@ -2895,6 +2796,12 @@ inspect them.
    
 ClusterIP to be assigned to the service. Leave empty to auto-allocate, or set to 'None' to create a headless service. 
 
 
+container-port
+
+
+Synonym for --target-port 
+
+
 dry-run
 
 none
@@ -2919,6 +2826,12 @@ inspect them.
    
 Filename, directory, or URL to files identifying the resource to expose a service 
 
 
+generator
+
+service/v2
+The name of the API generator to use. There are 2 generators: 'service/v1' and 'service/v2'. The only difference between them is that service port in v1 is named 'default', while it is left unnamed in v2. Default is 'service/v2'. 
+
+
 kustomize
 k
 
@@ -2946,13 +2859,7 @@ inspect them.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
-
-
-override-type
-
-merge
-The method used to override the generated object: json, merge, or strategic. 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 overrides
@@ -3041,11 +2948,6 @@ inspect them.
    
 
    kubectl delete -k dir
 
    
 
    
-
     Delete resources from all files that end with '.json' - i.e. expand wildcard characters in file names
    
-
    
-
    kubectl delete -f '*.json'
-
    
-
    
 
     Delete a pod based on the type and name in the JSON passed into stdin
    
 
    
 
    cat pod.json | kubectl delete -f -
@@ -3075,7 +2977,11 @@ inspect them.
    
 
 
    kubectl delete pods --all
 
    
-
    Delete resources by file names, stdin, resources and names, or by resources and label selector.

     JSON and YAML formats are accepted. Only one type of argument may be specified: file names, resources and names, or resources and label selector.

     Some resources, such as pods, support graceful deletion. These resources define a default period before they are forcibly terminated (the grace period) but you may override that value with the --grace-period flag, or pass --now to set a grace-period of 1. Because these resources often represent entities in the cluster, deletion may not be acknowledged immediately. If the node hosting a pod is down or cannot reach the API server, termination may take significantly longer than the grace period. To force delete a resource, you must specify the --force flag. Note: only a subset of resources support graceful deletion. In absence of the support, the --grace-period flag is ignored.

     IMPORTANT: Force deleting pods does not wait for confirmation that the pod's processes have been terminated, which can leave those processes running until the node detects the deletion and completes graceful deletion. If your processes use shared storage or talk to a remote API and depend on the name of the pod to identify themselves, force deleting those pods may result in multiple processes running on different machines using the same identification which may lead to data corruption or inconsistency. Only force delete pods when you are sure the pod is terminated, or if your application can tolerate multiple copies of the same pod running at once. Also, if you force delete pods, the scheduler may place new pods on those nodes before the node has released those resources and causing those pods to be evicted immediately.

     Note that the delete command does NOT do resource version checks, so if someone submits an update to a resource right when you submit a delete, their update will be lost along with the rest of the resource.

     After a CustomResourceDefinition is deleted, invalidation of discovery cache may take up to 6 hours. If you don't want to wait, you might want to run "kubectl api-resources" to refresh the discovery cache.
    
+
    Delete resources by file names, stdin, resources and names, or by resources and label selector.
    
+
     JSON and YAML formats are accepted. Only one type of argument may be specified: file names, resources and names, or resources and label selector.
    
+
     Some resources, such as pods, support graceful deletion. These resources define a default period before they are forcibly terminated (the grace period) but you may override that value with the --grace-period flag, or pass --now to set a grace-period of 1. Because these resources often represent entities in the cluster, deletion may not be acknowledged immediately. If the node hosting a pod is down or cannot reach the API server, termination may take significantly longer than the grace period. To force delete a resource, you must specify the --force flag. Note: only a subset of resources support graceful deletion. In absence of the support, the --grace-period flag is ignored.
    
+
     IMPORTANT: Force deleting pods does not wait for confirmation that the pod's processes have been terminated, which can leave those processes running until the node detects the deletion and completes graceful deletion. If your processes use shared storage or talk to a remote API and depend on the name of the pod to identify themselves, force deleting those pods may result in multiple processes running on different machines using the same identification which may lead to data corruption or inconsistency. Only force delete pods when you are sure the pod is terminated, or if your application can tolerate multiple copies of the same pod running at once. Also, if you force delete pods, the scheduler may place new pods on those nodes before the node has released those resources and causing those pods to be evicted immediately.
    
+
     Note that the delete command does NOT do resource version checks, so if someone submits an update to a resource right when you submit a delete, their update will be lost along with the rest of the resource.
    
 
    Usage
    
 
    $ kubectl delete ([-f FILENAME] | [-k DIRECTORY] | TYPE [(NAME | -l label | --all)])
    
 
    Flags
    
@@ -3093,7 +2999,7 @@ inspect them.
    
 all
 
 false
-Delete all resources, in the namespace of the specified resource types. 
+Delete all resources, including uninitialized ones, in the namespace of the specified resource types. 
 
 
 all-namespaces
@@ -3177,7 +3083,7 @@ inspect them.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, not including uninitialized ones. 
 
 
 timeout
@@ -3214,11 +3120,6 @@ viewing your workloads in a Kubernetes cluster.
    
 
    cat pod.json | kubectl apply -f -
 
    
 
    
-
     Apply the configuration from all files that end with '.json' - i.e. expand wildcard characters in file names
    
-
    
-
    kubectl apply -f '*.json'
-
    
-
    
 
     Note: --prune is still in Alpha # Apply the configuration in manifest.yaml that matches label app=nginx and delete all other resources that are not in the file and match label app=nginx
    
 
    
 
    kubectl apply --prune -f manifest.yaml -l app=nginx
@@ -3226,9 +3127,11 @@ viewing your workloads in a Kubernetes cluster.
    
 
    
 
     Apply the configuration in manifest.yaml and delete all the other config maps that are not in the file
    
 
    
-
    kubectl apply --prune -f manifest.yaml --all --prune-allowlist=core/v1/ConfigMap
+
    kubectl apply --prune -f manifest.yaml --all --prune-whitelist=core/v1/ConfigMap
 
    
-
    Apply a configuration to a resource by file name or stdin. The resource name must be specified. This resource will be created if it doesn't exist yet. To use 'apply', always create the resource initially with either 'apply' or 'create --save-config'.

     JSON and YAML formats are accepted.

     Alpha Disclaimer: the --prune functionality is not yet complete. Do not use unless you are aware of what the current state is. See https://issues.k8s.io/34274.
    
+
    Apply a configuration to a resource by file name or stdin. The resource name must be specified. This resource will be created if it doesn't exist yet. To use 'apply', always create the resource initially with either 'apply' or 'create --save-config'.
    
+
     JSON and YAML formats are accepted.
    
+
     Alpha Disclaimer: the --prune functionality is not yet complete. Do not use unless you are aware of what the current state is. See https://issues.k8s.io/34274.
    
 
    Usage
    
 
    $ kubectl apply (-f FILENAME | -k DIRECTORY)
    
 
    Flags
    
@@ -3276,7 +3179,7 @@ viewing your workloads in a Kubernetes cluster.
    
 filename
 f
 []
-The files that contain the configurations to apply. 
+that contains the configuration to apply 
 
 
 force
@@ -3312,7 +3215,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 overwrite
@@ -3324,13 +3227,7 @@ viewing your workloads in a Kubernetes cluster.
    
 prune
 
 false
-Automatically delete resource objects, that do not appear in the configs and are created by either apply or create --save-config. Should be used with either -l or --all. 
-
-
-prune-allowlist
-
-[]
-Overwrite the default allowlist with <group/version/kind> for --prune 
+Automatically delete resource objects, including the uninitialized ones, that do not appear in the configs and are created by either apply or create --save-config. Should be used with either -l or --all. 
 
 
 prune-whitelist
@@ -3354,7 +3251,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 server-side
@@ -3383,8 +3280,8 @@ viewing your workloads in a Kubernetes cluster.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 wait
@@ -3452,7 +3349,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 record
@@ -3479,12 +3376,6 @@ viewing your workloads in a Kubernetes cluster.
    
 Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. 
 
 
-validate
-
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
-
-
 windows-line-endings
 
 false
@@ -3551,7 +3442,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 show-managed-fields
@@ -3616,7 +3507,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 yaml
-Output format. Must be one of (yaml, json) 
+Output format. Must be one of yaml|json 
 
 
 recursive
@@ -3628,7 +3519,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 
@@ -3664,7 +3555,10 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl annotate pods foo description-
 
    
-
    Update the annotations on one or more resources.

     All Kubernetes objects support the ability to store additional data with the object as annotations. Annotations are key/value pairs that can be larger than labels and include arbitrary string values such as structured JSON. Tools and system extensions may use annotations to store their own data.

     Attempting to set an annotation that already exists will fail unless --overwrite is set. If --resource-version is specified and does not match the current resource version on the server the command will fail.

    Use "kubectl api-resources" for a complete list of supported resources.
    
+
    Update the annotations on one or more resources.
    
+
     All Kubernetes objects support the ability to store additional data with the object as annotations. Annotations are key/value pairs that can be larger than labels and include arbitrary string values such as structured JSON. Tools and system extensions may use annotations to store their own data.
    
+
     Attempting to set an annotation that already exists will fail unless --overwrite is set. If --resource-version is specified and does not match the current resource version on the server the command will fail.
    
+
    Use "kubectl api-resources" for a complete list of supported resources.
    
 
    Usage
    
 
    $ kubectl annotate [--overwrite] (-f FILENAME | TYPE NAME) KEY_1=VAL_1 ... KEY_N=VAL_N [--resource-version=version]
    
 
    Flags
    
@@ -3682,7 +3576,7 @@ viewing your workloads in a Kubernetes cluster.
    
 all
 
 false
-Select all resources, in the namespace of the specified resource types. 
+Select all resources, including uninitialized ones, in the namespace of the specified resource types. 
 
 
 all-namespaces
@@ -3742,7 +3636,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 overwrite
@@ -3772,7 +3666,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, not including uninitialized ones, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). 
 
 
 show-managed-fields
@@ -3800,7 +3694,8 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl autoscale rc foo --max=5 --cpu-percent=80
 
    
-
    Creates an autoscaler that automatically chooses and sets the number of pods that run in a Kubernetes cluster.

     Looks up a deployment, replica set, stateful set, or replication controller by name and creates an autoscaler that uses the given resource as a reference. An autoscaler can automatically increase or decrease number of pods deployed within the system as needed.
    
+
    Creates an autoscaler that automatically chooses and sets the number of pods that run in a Kubernetes cluster.
    
+
     Looks up a deployment, replica set, stateful set, or replication controller by name and creates an autoscaler that uses the given resource as a reference. An autoscaler can automatically increase or decrease number of pods deployed within the system as needed.
    
 
    Usage
    
 
    $ kubectl autoscale (-f FILENAME | TYPE NAME | TYPE/NAME) [--min=MINPODS] --max=MAXPODS [--cpu-percent=CPU]
    
 
    Flags
    
@@ -3872,7 +3767,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 record
@@ -3943,7 +3838,14 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl debug node/mynode -it --image=busybox
 
    
-
    Debug cluster resources using interactive debugging containers.

     'debug' provides automation for common debugging tasks for cluster objects identified by resource and name. Pods will be used by default if no resource is specified.

     The action taken by 'debug' varies depending on what resource is specified. Supported actions include:

        Workload: Create a copy of an existing pod with certain attributes changed, for example changing the image tag to a new version.
            Workload: Add an ephemeral container to an already running pod, for example to add debugging utilities without restarting the pod.
      *  Node: Create a new pod that runs in the node's host namespaces and can access the node's filesystem.
    
+
    Debug cluster resources using interactive debugging containers.
    
+
     'debug' provides automation for common debugging tasks for cluster objects identified by resource and name. Pods will be used by default if no resource is specified.
    
+
     The action taken by 'debug' varies depending on what resource is specified. Supported actions include:
    
+
      
+
    • Workload: Create a copy of an existing pod with certain attributes changed, for example changing the image tag to a new version.
      • 
+
    • Workload: Add an ephemeral container to an already running pod, for example to add debugging utilities without restarting the pod.
      • 
+
    • Node: Create a new pod that runs in the node's host namespaces and can access the node's filesystem.
      • 
+
    
 
    Usage
    
 
    $ kubectl debug (POD | TYPE[[.VERSION].GROUP]/NAME) [ -- COMMAND [args...] ]
    
 
    Flags
    
@@ -4000,12 +3902,6 @@ viewing your workloads in a Kubernetes cluster.
    
 The image pull policy for the container. If left empty, this value will not be specified by the client and defaulted by the server. 
 
 
-profile
-
-legacy
-Debugging profile. 
-
-
 quiet
 q
 false
@@ -4067,7 +3963,12 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    cat service.yaml | kubectl diff -f -
 
    
-
    Diff configurations specified by file name or stdin between the current online configuration, and the configuration as it would be if applied.

     The output is always YAML.

     KUBECTL_EXTERNAL_DIFF environment variable can be used to select your own diff command. Users can use external commands with params too, example: KUBECTL_EXTERNAL_DIFF="colordiff -N -u"

     By default, the "diff" command available in your path will be run with the "-u" (unified diff) and "-N" (treat absent files as empty) options.

     Exit status: 0 No differences were found. 1 Differences were found. >1 Kubectl or diff failed with an error.

     Note: KUBECTL_EXTERNAL_DIFF, if used, is expected to follow that convention.
    
+
    Diff configurations specified by file name or stdin between the current online configuration, and the configuration as it would be if applied.
    
+
     The output is always YAML.
    
+
     KUBECTL_EXTERNAL_DIFF environment variable can be used to select your own diff command. Users can use external commands with params too, example: KUBECTL_EXTERNAL_DIFF="colordiff -N -u"
    
+
     By default, the "diff" command available in your path will be run with the "-u" (unified diff) and "-N" (treat absent files as empty) options.
    
+
     Exit status: 0 No differences were found. 1 Differences were found. >1 Kubectl or diff failed with an error.
    
+
     Note: KUBECTL_EXTERNAL_DIFF, if used, is expected to follow that convention.
    
 
    Usage
    
 
    $ kubectl diff -f FILENAME
    
 
    Flags
    
@@ -4106,18 +4007,6 @@ viewing your workloads in a Kubernetes cluster.
    
 Process the kustomization directory. This flag can't be used together with -f or -R. 
 
 
-prune
-
-false
-Include resources that would be deleted by pruning. Can be used with -l and default shows all resources would be pruned 
-
-
-prune-allowlist
-
-[]
-Overwrite the default whitelist with <group/version/kind> for --prune 
-
-
 recursive
 R
 false
@@ -4127,7 +4016,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 server-side
@@ -4135,25 +4024,19 @@ viewing your workloads in a Kubernetes cluster.
    
 false
 If true, apply runs in the server instead of the client. 
 
-
-show-managed-fields
-
-false
-If true, include managed fields in the diff. 
-
 
 
 
    
 
    edit
    
 
    
-
     Edit the service named 'registry'
    
+
     Edit the service named 'docker-registry'
    
 
    
-
    kubectl edit svc/registry
+
    kubectl edit svc/docker-registry
 
    
 
    
 
     Use an alternative editor
    
 
    
-
    KUBE_EDITOR="nano" kubectl edit svc/registry
+
    KUBE_EDITOR="nano" kubectl edit svc/docker-registry
 
    
 
    
 
     Edit the job 'myjob' in JSON using the v1 API format
    
@@ -4165,12 +4048,12 @@ viewing your workloads in a Kubernetes cluster.
    
 
    
 
    kubectl edit deployment/mydeployment -o yaml --save-config
 
    
-
    
-
     Edit the deployment/mydeployment's status subresource
    
-
    
-
    kubectl edit deployment mydeployment --subresource='status'
-
    
-
    Edit a resource from the default editor.

     The edit command allows you to directly edit any API resource you can retrieve via the command-line tools. It will open the editor defined by your KUBE_EDITOR, or EDITOR environment variables, or fall back to 'vi' for Linux or 'notepad' for Windows. You can edit multiple objects, although changes are applied one at a time. The command accepts file names as well as command-line arguments, although the files you point to must be previously saved versions of resources.

     Editing is done with the API version used to fetch the resource. To edit using a specific API version, fully-qualify the resource, version, and group.

     The default format is YAML. To edit in JSON, specify "-o json".

     The flag --windows-line-endings can be used to force Windows line endings, otherwise the default for your operating system will be used.

     In the event an error occurs while updating, a temporary file will be created on disk that contains your unapplied changes. The most common error when updating a resource is another editor changing the resource on the server. When this occurs, you will have to apply your changes to the newer version of the resource, or update your temporary saved copy to include the latest resource version.
    
+
    Edit a resource from the default editor.
    
+
     The edit command allows you to directly edit any API resource you can retrieve via the command-line tools. It will open the editor defined by your KUBE_EDITOR, or EDITOR environment variables, or fall back to 'vi' for Linux or 'notepad' for Windows. You can edit multiple objects, although changes are applied one at a time. The command accepts file names as well as command-line arguments, although the files you point to must be previously saved versions of resources.
    
+
     Editing is done with the API version used to fetch the resource. To edit using a specific API version, fully-qualify the resource, version, and group.
    
+
     The default format is YAML. To edit in JSON, specify "-o json".
    
+
     The flag --windows-line-endings can be used to force Windows line endings, otherwise the default for your operating system will be used.
    
+
     In the event an error occurs while updating, a temporary file will be created on disk that contains your unapplied changes. The most common error when updating a resource is another editor changing the resource on the server. When this occurs, you will have to apply your changes to the newer version of the resource, or update your temporary saved copy to include the latest resource version.
    
 
    Usage
    
 
    $ kubectl edit (RESOURCE/NAME | -f FILENAME)
    
 
    Flags
    
@@ -4212,7 +4095,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 output-patch
@@ -4245,12 +4128,6 @@ viewing your workloads in a Kubernetes cluster.
    
 If true, keep the managedFields when printing objects in JSON or YAML format. 
 
 
-subresource
-
-
-If specified, edit will operate on the subresource of the requested object. Must be one of [status]. This flag is alpha and may change in the future. 
-
-
 template
 
 
@@ -4259,8 +4136,8 @@ viewing your workloads in a Kubernetes cluster.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 windows-line-endings
@@ -4407,7 +4284,13 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl label pods foo bar-
 
    
-
    Update the labels on a resource.

        A label key and value must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 63 characters each.
            Optionally, the key can begin with a DNS subdomain prefix and a single '/', like example.com/my-app.
        If --overwrite is true, then existing labels can be overwritten, otherwise attempting to overwrite a label will result in an error.
            If --resource-version is specified, then updates will use this resource version, otherwise the existing resource-version will be used.
    
+
    Update the labels on a resource.
    
+
      
+
    • A label key and value must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to  63 characters each.
      • 
+
    • Optionally, the key can begin with a DNS subdomain prefix and a single '/', like example.com/my-app.
      • 
+
    • If --overwrite is true, then existing labels can be overwritten, otherwise attempting to overwrite a label will result in an error.
      • 
+
    • If --resource-version is specified, then updates will use this resource version, otherwise the existing resource-version will be used.
      • 
+
    
 
    Usage
    
 
    $ kubectl label [--overwrite] (-f FILENAME | TYPE NAME) KEY_1=VAL_1 ... KEY_N=VAL_N [--resource-version=version]
    
 
    Flags
    
@@ -4425,7 +4308,7 @@ viewing your workloads in a Kubernetes cluster.
    
 all
 
 false
-Select all resources, in the namespace of the specified resource types 
+Select all resources, including uninitialized ones, in the namespace of the specified resource types 
 
 
 all-namespaces
@@ -4485,7 +4368,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 overwrite
@@ -4515,7 +4398,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, not including uninitialized ones, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). 
 
 
 show-managed-fields
@@ -4558,12 +4441,8 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
 
    
-
    
-
     Update a deployment's replicas through the scale subresource using a merge patch.
    
-
    
-
    kubectl patch deployment nginx-deployment --subresource='scale' --type='merge' -p '{"spec":{"replicas":2}}'
-
    
-
    Update fields of a resource using strategic merge patch, a JSON merge patch, or a JSON patch.

     JSON and YAML formats are accepted.

     Note: Strategic merge patch is not supported for custom resources.
    
+
    Update fields of a resource using strategic merge patch, a JSON merge patch, or a JSON patch.
    
+
     JSON and YAML formats are accepted.
    
 
    Usage
    
 
    $ kubectl patch (-f FILENAME | TYPE NAME) [-p PATCH|--patch-file FILE]
    
 
    Flags
    
@@ -4617,7 +4496,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 patch
@@ -4650,12 +4529,6 @@ viewing your workloads in a Kubernetes cluster.
    
 If true, keep the managedFields when printing objects in JSON or YAML format. 
 
 
-subresource
-
-
-If specified, patch will operate on the subresource of the requested object. Must be one of [status scale]. This flag is alpha and may change in the future. 
-
-
 template
 
 
@@ -4691,7 +4564,9 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl replace --force -f ./pod.json
 
    
-
    Replace a resource by file name or stdin.

     JSON and YAML formats are accepted. If replacing an existing resource, the complete resource spec must be provided. This can be obtained by

      $ kubectl get TYPE NAME -o yaml
    
+
    Replace a resource by file name or stdin.
    
+
     JSON and YAML formats are accepted. If replacing an existing resource, the complete resource spec must be provided. This can be obtained by
    
+
      $ kubectl get TYPE NAME -o yaml
    
 
    Usage
    
 
    $ kubectl replace -f FILENAME
    
 
    Flags
    
@@ -4733,7 +4608,7 @@ viewing your workloads in a Kubernetes cluster.
    
 filename
 f
 []
-The files that contain the configurations to replace. 
+to use to replace the resource. 
 
 
 force
@@ -4757,7 +4632,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 raw
@@ -4784,12 +4659,6 @@ viewing your workloads in a Kubernetes cluster.
    
 If true, keep the managedFields when printing objects in JSON or YAML format. 
 
 
-subresource
-
-
-If specified, replace will operate on the subresource of the requested object. Must be one of [status scale]. This flag is alpha and may change in the future. 
-
-
 template
 
 
@@ -4804,8 +4673,8 @@ viewing your workloads in a Kubernetes cluster.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 wait
@@ -4827,17 +4696,13 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl rollout status daemonset/foo
 
    
-
    
-
     Restart a deployment
    
-
    
-
    kubectl rollout restart deployment/abc
-
    
-
    
-
     Restart deployments with the app=nginx label
    
-
    
-
    kubectl rollout restart deployment --selector=app=nginx
-
    
-
    Manage the rollout of one or many resources.
      
     Valid resource types include:

        deployments
            daemonsets
      *  statefulsets
    
+
    Manage the rollout of a resource.
    
+
     Valid resource types include:
    
+
      
+
    • deployments
      • 
+
    • daemonsets
      • 
+
    • statefulsets
      • 
+
    
 
    Usage
    
 
    $ kubectl rollout SUBCOMMAND
    
 
    
@@ -4888,7 +4753,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 recursive
@@ -4903,12 +4768,6 @@ viewing your workloads in a Kubernetes cluster.
    
 See the details, including podTemplate of the revision specified 
 
 
-selector
-l
-
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
-
-
 show-managed-fields
 
 false
@@ -4972,7 +4831,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 recursive
@@ -4981,12 +4840,6 @@ viewing your workloads in a Kubernetes cluster.
    
 Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory. 
 
 
-selector
-l
-
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
-
-
 show-managed-fields
 
 false
@@ -5012,13 +4865,8 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl rollout restart daemonset/abc
 
    
-
    
-
     Restart deployments with the app=nginx label
    
-
    
-
    kubectl rollout restart deployment --selector=app=nginx
-
    
 
    Restart a resource.
    
-
      Resource rollout will be restarted.
    
+
       Resource rollout will be restarted.
    
 
    Usage
    
 
    $ kubectl rollout restart RESOURCE
    
 
    Flags
    
@@ -5060,7 +4908,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 recursive
@@ -5069,12 +4917,6 @@ viewing your workloads in a Kubernetes cluster.
    
 Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory. 
 
 
-selector
-l
-
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
-
-
 show-managed-fields
 
 false
@@ -5138,7 +4980,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 recursive
@@ -5147,12 +4989,6 @@ viewing your workloads in a Kubernetes cluster.
    
 Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory. 
 
 
-selector
-l
-
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
-
-
 show-managed-fields
 
 false
@@ -5213,12 +5049,6 @@ viewing your workloads in a Kubernetes cluster.
    
 Pin to a specific revision for showing its status. Defaults to 0 (last revision). 
 
 
-selector
-l
-
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
-
-
 timeout
 
 0s
@@ -5291,7 +5121,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 recursive
@@ -5300,12 +5130,6 @@ viewing your workloads in a Kubernetes cluster.
    
 Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory. 
 
 
-selector
-l
-
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
-
-
 show-managed-fields
 
 false
@@ -5352,7 +5176,9 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    kubectl scale --replicas=3 statefulset/web
 
    
-
    Set a new size for a deployment, replica set, replication controller, or stateful set.

     Scale also allows users to specify one or more preconditions for the scale action.

     If --current-replicas or --resource-version is specified, it is validated before the scale is attempted, and it is guaranteed that the precondition holds true when the scale is sent to the server.
    
+
    Set a new size for a deployment, replica set, replication controller, or stateful set.
    
+
     Scale also allows users to specify one or more preconditions for the scale action.
    
+
     If --current-replicas or --resource-version is specified, it is validated before the scale is attempted, and it is guaranteed that the precondition holds true when the scale is sent to the server.
    
 
    Usage
    
 
    $ kubectl scale [--resource-version=version] [--current-replicas=count] --replicas=COUNT (-f FILENAME | TYPE NAME)
    
 
    Flags
    
@@ -5406,7 +5232,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 record
@@ -5436,7 +5262,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 show-managed-fields
@@ -5460,7 +5286,8 @@ viewing your workloads in a Kubernetes cluster.
    
 
 
    
 
    set
    
-
    Configure application resources.

     These commands help you make changes to existing application resources.
    
+
    Configure application resources.
    
+
     These commands help you make changes to existing application resources.
    
 
    Usage
    
 
    $ kubectl set SUBCOMMAND
    
 
    
@@ -5614,7 +5441,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 overwrite
@@ -5644,7 +5471,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on 
 
 
 show-managed-fields
@@ -5702,7 +5529,7 @@ viewing your workloads in a Kubernetes cluster.
    
 all
 
 false
-Select all resources, in the namespace of the specified resource types 
+Select all resources, including uninitialized ones, in the namespace of the specified resource types 
 
 
 allow-missing-template-keys
@@ -5744,7 +5571,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 record
@@ -5762,7 +5589,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, not including uninitialized ones, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 show-managed-fields
@@ -5820,7 +5647,7 @@ viewing your workloads in a Kubernetes cluster.
    
 all
 
 false
-Select all resources, in the namespace of the specified resource types 
+Select all resources, including uninitialized ones, in the namespace of the specified resource types 
 
 
 allow-missing-template-keys
@@ -5874,7 +5701,7 @@ viewing your workloads in a Kubernetes cluster.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 record
@@ -5898,7 +5725,7 @@ viewing your workloads in a Kubernetes cluster.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, not including uninitialized ones,supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 show-managed-fields
@@ -5923,7 +5750,7 @@ viewing your workloads in a Kubernetes cluster.
    
 kubectl create deployment my-dep -o yaml --dry-run=client | kubectl label --local -f - environment=qa -o yaml | kubectl create -f -
 
    
 
    Set the selector on a resource. Note that the new selector will overwrite the old selector if the resource had one prior to the invocation of 'set selector'.
    
-
     A selector must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 63 characters. If --resource-version is specified, then updates will use this resource version, otherwise the existing resource-version will be used. Note: currently selectors can only be set on Service objects.
    
+
     A selector must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to  63 characters. If --resource-version is specified, then updates will use this resource version, otherwise the existing resource-version will be used. Note: currently selectors can only be set on Service objects.
    
 
    Usage
    
 
    $ kubectl set selector (-f FILENAME | TYPE NAME) EXPRESSIONS [--resource-version=version]
    
 
    Flags
    
@@ -5977,7 +5804,7 @@ kubectl create deployment my-dep -o yaml --dry-run<
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 record
@@ -6043,7 +5870,7 @@ kubectl create deployment my-dep -o yaml --dry-run<
 all
 
 false
-Select all resources, in the namespace of the specified resource types 
+Select all resources, including uninitialized ones, in the namespace of the specified resource types 
 
 
 allow-missing-template-keys
@@ -6085,7 +5912,7 @@ kubectl create deployment my-dep -o yaml --dry-run<
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 record
@@ -6148,7 +5975,7 @@ kubectl create deployment my-dep -o yaml --dry-run<
 all
 
 false
-Select all resources, in the namespace of the specified resource types 
+Select all resources, including uninitialized ones, in the namespace of the specified resource types 
 
 
 allow-missing-template-keys
@@ -6196,7 +6023,7 @@ kubectl create deployment my-dep -o yaml --dry-run<
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 recursive
@@ -6208,7 +6035,7 @@ kubectl create deployment my-dep -o yaml --dry-run<
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, not including uninitialized ones, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 serviceaccount
@@ -6228,12 +6055,6 @@ kubectl create deployment my-dep -o yaml --dry-run<
 
 Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. 
 
-
-user
-
-[]
-Usernames to bind to the role 
-
 
 
 
    
@@ -6244,24 +6065,22 @@ kubectl create deployment my-dep -o yaml --dry-run<
 
    kubectl wait --for=condition=Ready pod/busybox1
 
    
 
    
-
     The default value of status condition is true; you can wait for other targets after an equal delimiter (compared after Unicode simple case folding, which is a more general form of case-insensitivity):
    
+
     The default value of status condition is true; you can set it to false
    
 
    
 
    kubectl wait --for=condition=Ready=false pod/busybox1
 
    
 
    
-
     Wait for the pod "busybox1" to contain the status phase to be "Running".
    
-
    
-
    kubectl wait --for=jsonpath='{.status.phase}'=Running pod/busybox1
-
    
-
    
 
     Wait for the pod "busybox1" to be deleted, with a timeout of 60s, after having issued the "delete" command
    
 
    
 
    kubectl delete pod/busybox1
 kubectl wait --for=delete pod/busybox1 --timeout=60s
 
    
-
    Experimental: Wait for a specific condition on one or many resources.

     The command takes multiple resources and waits until the specified condition is seen in the Status field of every given resource.

     Alternatively, the command can wait for the given set of resources to be deleted by providing the "delete" keyword as the value to the --for flag.

     A successful message will be printed to stdout indicating when the specified condition has been met. You can use -o option to change to output destination.
    
+
    Experimental: Wait for a specific condition on one or many resources.
    
+
     The command takes multiple resources and waits until the specified condition is seen in the Status field of every given resource.
    
+
     Alternatively, the command can wait for the given set of resources to be deleted by providing the "delete" keyword as the value to the --for flag.
    
+
     A successful message will be printed to stdout indicating when the specified condition has been met. You can use -o option to change to output destination.
    
 
    Usage
    
-
    $ kubectl wait ([-f FILENAME] | resource.group/resource.name | resource.group [(-l label | --all)]) [--for=delete|--for condition=available|--for=jsonpath='{}'=value]
    
+
    $ kubectl wait ([-f FILENAME] | resource.group/resource.name | resource.group [(-l label | --all)]) [--for=delete|--for condition=available]
    
 
    Flags
    
 
@@ -6307,7 +6126,7 @@ kubectl wait --for=delete pod/busybox1 for
 
-
+
@@ -6319,7 +6138,7 @@ kubectl wait --for=delete pod/busybox1 output
 
-
+
@@ -6472,7 +6291,7 @@ applications.
    kubectl auth can-i --list --namespace=foo
 
    Check whether an action is allowed.
    
-
     VERB is a logical Kubernetes API verb like 'get', 'list', 'watch', 'delete', etc. TYPE is a Kubernetes resource. Shortcuts and groups will be resolved. NONRESOURCEURL is a partial URL that starts with "/". NAME is the name of a particular Kubernetes resource. This command pairs nicely with impersonation. See --as global flag.
    
+
     VERB is a logical Kubernetes API verb like 'get', 'list', 'watch', 'delete', etc. TYPE is a Kubernetes resource. Shortcuts and groups will be resolved. NONRESOURCEURL is a partial URL that starts with "/". NAME is the name of a particular Kubernetes resource.
    Usage
    $ kubectl auth can-i VERB [TYPE | TYPE/NAME | NONRESOURCEURL]
    Flags
    
@@ -6571,7 +6390,7 @@ applications.
    
-
+
@@ -6663,12 +6482,6 @@ applications.
    
-
-
-
-
-
-
    
 
    
 The condition to wait on: [delete|condition=condition-name[=condition-value]|jsonpath='{JSONPath expression}'=JSONPath Condition]. The default condition-value is true.  Condition values are compared after Unicode simple case folding, which is a more general form of case-insensitivity. The condition to wait on: [delete|condition=condition-name]. The default status value of condition-name is true, you can set false with condition=condition-name=false 
 
    
 
    
 localo
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 recursive
 
 
 
 
 
 output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
    
 
    
 recursive
 false
 The copied file/directory's ownership and permissions will not be preserved in the container 
 
    retries0Set number of retries to complete a copy operation from a container. Specify 0 to disable or any negative value for infinite retrying. The default is 0 (no retry). 
    
 
 
    
 
    
@@ -6699,11 +6512,15 @@ applications.
    
 
    kubectl describe po -l name=myLabel
 
    
 
    
-
     Describe all pods managed by the 'frontend' replication controller # (rc-created pods get the name of the rc as a prefix in the pod name)
    
+
     Describe all pods managed by the 'frontend' replication controller (rc-created pods # get the name of the rc as a prefix in the pod the name)
    
 
    
 
    kubectl describe pods frontend
 
    
-
    Show details of a specific resource or group of resources.

     Print a detailed description of the selected resources, including related resources such as events or controllers. You may select a single object by name, all objects of that type, provide a name prefix, or label selector. For example:

      $ kubectl describe TYPE NAME_PREFIX
      
     will first check for an exact match on TYPE and NAME_PREFIX. If no such resource exists, it will output details for every resource that has a name prefixed with NAME_PREFIX.

    Use "kubectl api-resources" for a complete list of supported resources.
    
+
    Show details of a specific resource or group of resources.
    
+
     Print a detailed description of the selected resources, including related resources such as events or controllers. You may select a single object by name, all objects of that type, provide a name prefix, or label selector. For example:
    
+
      $ kubectl describe TYPE NAME_PREFIX
    
+
     will first check for an exact match on TYPE and NAME_PREFIX. If no such resource exists, it will output details for every resource that has a name prefixed with NAME_PREFIX.
    
+
    Use "kubectl api-resources" for a complete list of supported resources.
    
 
    Usage
    
 
    $ kubectl describe (-f FILENAME | TYPE [NAME_PREFIX | -l label] | TYPE/NAME)
    
 
    Flags
    
@@ -6751,7 +6568,7 @@ applications.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 show-events
@@ -6762,109 +6579,6 @@ applications.
    
 
 
 
    
-
    events
    
-
    
-
     List recent events in the default namespace.
    
-
    
-
    kubectl events
-
    
-
    
-
     List recent events in all namespaces.
    
-
    
-
    kubectl events --all-namespaces
-
    
-
    
-
     List recent events for the specified pod, then wait for more events and list them as they arrive.
    
-
    
-
    kubectl events --for pod/web-pod-13je7 --watch
-
    
-
    
-
     List recent events in given format. Supported ones, apart from default, are json and yaml.
    
-
    
-
    kubectl events -oyaml
-
    
-
    
-
     List recent only events in given event types
    
-
    
-
    kubectl events --types=Warning,Normal
-
    
-
    Display events

     Prints a table of the most important information about events. You can request events for a namespace, for all namespace, or filtered to only those pertaining to a specified resource.
    
-
    Usage
    
-
    $ kubectl events [(-o|--output=)json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file] [--for TYPE/NAME] [--watch] [--event=Normal,Warning]
    
-
    Flags
    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
    NameShorthandDefaultUsage
    all-namespacesAfalseIf present, list the requested object(s) across all namespaces. Namespace in current context is ignored even if specified with --namespace. 
    allow-missing-template-keystrueIf true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. 
    chunk-size500Return large lists in chunks rather than all at once. Pass 0 to disable. This flag is beta and may change in the future. 
    forFilter events to only those pertaining to the specified resource. 
    no-headersfalseWhen using the default output format, don't print headers. 
    outputoOutput format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
    show-managed-fieldsfalseIf true, keep the managedFields when printing objects in JSON or YAML format. 
    templateTemplate string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. 
    types[]Output only events of given types. 
    watchwfalseAfter listing the requested events, watch for more events. 
    
-
    
 
    exec
    
 
    
 
     Get output from running the 'date' command from pod mypod, using the first container by default
    
@@ -7083,7 +6797,7 @@ applications.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on. 
 
 
 since
@@ -7148,7 +6862,9 @@ applications.
    
 
    
 
    kubectl port-forward pod/mypod :5000
 
    
-
    Forward one or more local ports to a pod.

     Use resource type/name such as deployment/mydeployment to select a pod. Resource type defaults to 'pod' if omitted.

     If there are multiple pods matching the criteria, a pod will be selected automatically. The forwarding session ends when the selected pod terminates, and a rerun of the command is needed to resume forwarding.
    
+
    Forward one or more local ports to a pod.
    
+
     Use resource type/name such as deployment/mydeployment to select a pod. Resource type defaults to 'pod' if omitted.
    
+
     If there are multiple pods matching the criteria, a pod will be selected automatically. The forwarding session ends when the selected pod terminates, and a rerun of the command is needed to resume forwarding.
    
 
    Usage
    
 
    $ kubectl port-forward TYPE/NAME [options] [LOCAL_PORT:]REMOTE_PORT [...[LOCAL_PORT_N:]REMOTE_PORT_N]
    
 
    Flags
    
@@ -7247,12 +6963,6 @@ applications.
    
 Prefix to serve the proxied API under. 
 
 
-append-server-path
-
-false
-If true, enables automatic path appending of the kube context server path to each request. 
-
-
 disable-filter
 
 false
@@ -7304,7 +7014,9 @@ applications.
    
 
 
    
 
    top
    
-
    Display Resource (CPU/Memory) usage.

     The top command allows you to see the resource consumption for nodes or pods.

     This command requires Metrics Server to be correctly configured and working on the server.
    
+
    Display Resource (CPU/Memory) usage.
    
+
     The top command allows you to see the resource consumption for nodes or pods.
    
+
     This command requires Metrics Server to be correctly configured and working on the server.
    
 
    Usage
    
 
    $ kubectl top
    
 
    
@@ -7344,13 +7056,7 @@ applications.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
-
-
-show-capacity
-
-false
-Print node resources based on Capacity instead of Allocatable(default) of the nodes. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 sort-by
@@ -7432,7 +7138,7 @@ applications.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 sort-by
@@ -7441,12 +7147,6 @@ applications.
    
 If non-empty, sort pods list using specified field. The field can be either 'cpu' or 'memory'. 
 
 
-sum
-
-false
-Print the sum of the resource usage 
-
-
 use-protocol-buffers
 
 true
@@ -7466,102 +7166,6 @@ applications.
    
 
    Usage
    
 
    $ kubectl api-versions
    
 
    
-
    api-resources
    
-
    
-
     Print the supported API resources
    
-
    
-
    kubectl api-resources
-
    
-
    
-
     Print the supported API resources with more information
    
-
    
-
    kubectl api-resources -o wide
-
    
-
    
-
     Print the supported API resources sorted by a column
    
-
    
-
    kubectl api-resources --sort-by=name
-
    
-
    
-
     Print the supported namespaced resources
    
-
    
-
    kubectl api-resources --namespaced=true
-
    
-
    
-
     Print the supported non-namespaced resources
    
-
    
-
    kubectl api-resources --namespaced=false
-
    
-
    
-
     Print the supported API resources with a specific APIGroup
    
-
    
-
    kubectl api-resources --api-group=rbac.authorization.k8s.io
-
    
-
    Print the supported API resources on the server.
    
-
    Usage
    
-
    $ kubectl api-resources
    
-
    Flags
    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
    NameShorthandDefaultUsage
    api-groupLimit to resources in the specified API group. 
    cachedfalseUse the cached list of resources if available. 
    categories[]Limit to resources that belong the the specified categories. 
    namespacedtrueIf false, non-namespaced resources will be returned, otherwise returning namespaced resources by default. 
    no-headersfalseWhen using the default or custom-column output format, don't print headers (default print headers). 
    outputoOutput format. One of: (wide, name). 
    sort-byIf non-empty, sort list of resources using specified field. The field can be either 'name' or 'kind'. 
    verbs[]Limit to resources that support the specified verbs. 
    
-
    
 
    certificate
    
 
    Modify certificate resources.
    
 
    Usage
    
@@ -7617,7 +7221,7 @@ applications.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 recursive
@@ -7689,7 +7293,7 @@ applications.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 recursive
@@ -7780,7 +7384,7 @@ applications.
    
 output
 o
 json
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 output-directory
@@ -7839,7 +7443,7 @@ applications.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on 
 
 
 
@@ -7855,7 +7459,11 @@ applications.
    
 
 
    kubectl drain foo --grace-period=900
 
    
-
    Drain node in preparation for maintenance.

     The given node will be marked unschedulable to prevent new pods from arriving. 'drain' evicts the pods if the API server supports https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ eviction https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ . Otherwise, it will use normal DELETE to delete the pods. The 'drain' evicts or deletes all pods except mirror pods (which cannot be deleted through the API server).  If there are daemon set-managed pods, drain will not proceed without --ignore-daemonsets, and regardless it will not delete any daemon set-managed pods, because those pods would be immediately replaced by the daemon set controller, which ignores unschedulable markings.  If there are any pods that are neither mirror pods nor managed by a replication controller, replica set, daemon set, stateful set, or job, then drain will not delete any pods unless you use --force.  --force will also allow deletion to proceed if the managing resource of one or more pods is missing.

     'drain' waits for graceful termination. You should not operate on the machine until the command completes.

     When you are ready to put the node back into service, use kubectl uncordon, which will make the node schedulable again.

    https://kubernetes.io/images/docs/kubectl_drain.svg Workflowhttps://kubernetes.io/images/docs/kubectl_drain.svg
    
+
    Drain node in preparation for maintenance.
    
+
     The given node will be marked unschedulable to prevent new pods from arriving. 'drain' evicts the pods if the API server supports https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ . Otherwise, it will use normal DELETE to delete the pods. The 'drain' evicts or deletes all pods except mirror pods (which cannot be deleted through the API server).  If there are daemon set-managed pods, drain will not proceed without --ignore-daemonsets, and regardless it will not delete any daemon set-managed pods, because those pods would be immediately replaced by the daemon set controller, which ignores unschedulable markings.  If there are any pods that are neither mirror pods nor managed by a replication controller, replica set, daemon set, stateful set, or job, then drain will not delete any pods unless you use --force.  --force will also allow deletion to proceed if the managing resource of one or more pods is missing.
    
+
     'drain' waits for graceful termination. You should not operate on the machine until the command completes.
    
+
     When you are ready to put the node back into service, use kubectl uncordon, which will make the node schedulable again.
    
+
     https://kubernetes.io/images/docs/kubectl_drain.svg
    
 
    Usage
    
 
    $ kubectl drain NODE
    
 
    Flags
    
@@ -7903,7 +7511,7 @@ applications.
    
 force
 
 false
-Continue even if there are pods that do not declare a controller. 
+Continue even if there are pods not managed by a ReplicationController, ReplicaSet, Job, DaemonSet or StatefulSet. 
 
 
 grace-period
@@ -7918,6 +7526,12 @@ applications.
    
 Ignore DaemonSet-managed pods. 
 
 
+ignore-errors
+
+false
+Ignore errors occurred between drain nodes in group. 
+
+
 pod-selector
 
 
@@ -7927,7 +7541,7 @@ applications.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on 
 
 
 skip-wait-for-delete-timeout
@@ -7970,7 +7584,15 @@ applications.
    
 
 
    kubectl taint nodes foo bar:NoSchedule
 
    
-
    Update the taints on one or more nodes.

        A taint consists of a key, value, and effect. As an argument here, it is expressed as key=value:effect.
            The key must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 253 characters.
        Optionally, the key can begin with a DNS subdomain prefix and a single '/', like example.com/my-app.
            The value is optional. If given, it must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 63 characters.
        The effect must be NoSchedule, PreferNoSchedule or NoExecute.
            Currently taint can only apply to node.
    
+
    Update the taints on one or more nodes.
    
+
      
+
    • A taint consists of a key, value, and effect. As an argument here, it is expressed as key=value:effect.
      • 
+
    • The key must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to  253 characters.
      • 
+
    • Optionally, the key can begin with a DNS subdomain prefix and a single '/', like example.com/my-app.
      • 
+
    • The value is optional. If given, it must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to  63 characters.
      • 
+
    • The effect must be NoSchedule, PreferNoSchedule or NoExecute.
      • 
+
    • Currently taint can only apply to node.
      • 
+
    
 
    Usage
    
 
    $ kubectl taint NODE NAME KEY_1=VAL_1:TAINT_EFFECT_1 ... KEY_N=VAL_N:TAINT_EFFECT_N
    
 
    Flags
    
@@ -8012,7 +7634,7 @@ applications.
    
 output
 o
 
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 overwrite
@@ -8024,7 +7646,7 @@ applications.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2) 
 
 
 show-managed-fields
@@ -8041,8 +7663,8 @@ applications.
    
 
 validate
 
-strict
-Must be one of: strict (or true), warn, ignore (or false).
            "true" or "strict" will use a schema to validate the input and fail the request if invalid. It will perform server side validation if ServerSideFieldValidation is enabled on the api-server, but will fall back to less reliable client-side validation if not.
            "warn" will warn about unknown or duplicate fields without blocking the request if server-side field validation is enabled on the API server, and behave as "ignore" otherwise.
            "false" or "ignore" will not perform any schema validation, silently dropping any unknown or duplicate fields. 
+true
+If true, use a schema to validate the input before sending it 
 
 
 
@@ -8077,7 +7699,7 @@ applications.
    
 selector
 l
 
-Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Matching objects must satisfy all of the specified label constraints. 
+Selector (label query) to filter on 
 
 
 
@@ -8088,28 +7710,40 @@ applications.
    
 
    Usage
    
 
    $ kubectl alpha
    
 
    
-
    auth
    
-
    Inspect authorization
    
-
    Usage
    
-
    $ kubectl alpha auth
    
-
    
-
    auth whoami
    
+
    api-resources
    
 
    
-
     Get your subject attributes.
    
+
     Print the supported API resources
    
 
    
-
    kubectl alpha auth whoami
+
    kubectl api-resources
 
    
 
    
-
     Get your subject attributes in JSON format.
    
+
     Print the supported API resources with more information
    
 
    
-
    kubectl alpha auth whoami -o json
+
    kubectl api-resources -o wide
 
    
-
    Experimental: Check who you are and your attributes (groups, extra).
    
-
      This command is helpful to get yourself aware of the current user attributes,
-  especially when dynamic authentication, e.g., token webhook, auth proxy, or OIDC provider,
-  is enabled in the Kubernetes cluster.
    
+
    
+
     Print the supported API resources sorted by a column
    
+
    
+
    kubectl api-resources --sort-by=name
+
    
+
    
+
     Print the supported namespaced resources
    
+
    
+
    kubectl api-resources --namespaced=true
+
    
+
    
+
     Print the supported non-namespaced resources
    
+
    
+
    kubectl api-resources --namespaced=false
+
    
+
    
+
     Print the supported API resources with a specific APIGroup
    
+
    
+
    kubectl api-resources --api-group=extensions
+
    
+
    Print the supported API resources on the server.
    
 
    Usage
    
-
    $ kubectl alpha auth whoami
    
+
    $ kubectl api-resources
    
 
    Flags
    
 
@@ -8122,28 +7756,46 @@ applications.
    
-
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
+
+
+
+
+
+
-
+
-
+
-
-
+
+
-
+
-
-
+
+
    
 
 
 
 
    allow-missing-template-keysapi-groupLimit to resources in the specified API group. 
    cachedfalseUse the cached list of resources if available. 
    namespaced
 
 trueIf true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. If false, non-namespaced resources will be returned, otherwise returning namespaced resources by default. 
    no-headersfalseWhen using the default or custom-column output format, don't print headers (default print headers). 
 
    
 
    
 output
 o
 Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). Output format. One of: wide|name. 
 
    
 
    show-managed-fieldssort-by
 falseIf true, keep the managedFields when printing objects in JSON or YAML format. If non-empty, sort list of resources using specified field. The field can be either 'name' or 'kind'. 
 
    
 
    templateverbs
 Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. []Limit to resources that support the specified verbs. 
 
    
     
 
    
@@ -8192,66 +7844,28 @@ source $HOME/.bash_profile
 
 
    kubectl completion zsh > "${fpath[1]}/_kubectl"
 
    
-
    
-
     Load the kubectl completion code for fish[2] into the current shell
    
-
    
-
    kubectl completion fish | source
-
    
-
    
-
     To load completions for each session, execute once:
    
-
    
-
    kubectl completion fish > ~/.config/fish/completions/kubectl.fish
-
    
-
    
-
     Load the kubectl completion code for powershell into the current shell
    
-
    
-
    kubectl completion powershell | Out-String | Invoke-Expression
-
    
-
    
-
     Set kubectl completion code for powershell to run on startup ## Save completion code to a script and execute in the profile
    
-
    
-
    kubectl completion powershell > $HOME\.kube\completion.ps1
-Add-Content $PROFILE "$HOME\.kube\completion.ps1"
-
    
-
    
-
     Execute completion code in the profile
    
-
    
-
    Add-Content $PROFILE "if (Get-Command kubectl -ErrorAction SilentlyContinue) {
-kubectl completion powershell | Out-String | Invoke-Expression
-}"
-
    
-
    
-
     Add completion code directly to the $PROFILE script
    
-
    
-
    kubectl completion powershell >> $PROFILE
-
    
-
    Output shell completion code for the specified shell (bash, zsh, fish, or powershell). The shell code must be evaluated to provide interactive completion of kubectl commands.  This can be done by sourcing it from the .bash_profile.

     Detailed instructions on how to do this are available here:

      for macOS:
      https://kubernetes.io/docs/tasks/tools/install-kubectl-macos/#enable-shell-autocompletion
      
      for linux:
      https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/#enable-shell-autocompletion
      
      for windows:
      https://kubernetes.io/docs/tasks/tools/install-kubectl-windows/#enable-shell-autocompletion
      
     Note for zsh users: [1] zsh completions are only supported in versions of zsh >= 5.2.
    
+
    Output shell completion code for the specified shell (bash or zsh). The shell code must be evaluated to provide interactive completion of kubectl commands.  This can be done by sourcing it from the .bash_profile.
    
+
     Detailed instructions on how to do this are available here:
    
+
      for macOS:
+  https://kubernetes.io/docs/tasks/tools/install-kubectl-macos/#enable-shell-autocompletion
    
+
      for linux:
+  https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/#enable-shell-autocompletion
    
+
      for windows:
+  https://kubernetes.io/docs/tasks/tools/install-kubectl-windows/#enable-shell-autocompletion
    
+
     Note for zsh users: [1] zsh completions are only supported in versions of zsh >= 5.2.
    
 
    Usage
    
 
    $ kubectl completion SHELL
    
 
    
 
    config
    
-
    Modify kubeconfig files using subcommands like "kubectl config set current-context my-context"

     The loading order follows these rules:

      1.  If the --kubeconfig flag is set, then only that file is loaded. The flag may only be set once and no merging takes place.
      2.  If $KUBECONFIG environment variable is set, then it is used as a list of paths (normal path delimiting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list.
      3.  Otherwise, ${HOME}/.kube/config is used and no merging takes place.
    
+
    Modify kubeconfig files using subcommands like "kubectl config set current-context my-context"
    
+
     The loading order follows these rules:
    
+
      
+
    1. If the --kubeconfig flag is set, then only that file is loaded. The flag may only be set once and no merging takes place.
      2. 
+
    2. If $KUBECONFIG environment variable is set, then it is used as a list of paths (normal path delimiting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list.
      3. 
+
    3. Otherwise, ${HOME}/.kube/config is used and no merging takes place.
      4. 
+
    
 
    Usage
    
 
    $ kubectl config SUBCOMMAND
    
-
    Flags
    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
    NameShorthandDefaultUsage
    kubeconfiguse a particular kubeconfig file 
    
 
    
 
    current-context
    
 
    
@@ -8338,7 +7952,7 @@ kubectl completion powershell | Out-String | Invoke-Ex
 output
 o
 
-Output format. One of: (name). 
+Output format. One of: name 
 
 
 
@@ -8425,7 +8039,7 @@ kubectl completion powershell | Out-String | Invoke-Ex
 
    kubectl config set-cluster e2e --embed-certs --certificate-authority=~/.kube/e2e/kubernetes.ca.crt
 
    
 
    
-
     Disable cert checking for the e2e cluster entry
    
+
     Disable cert checking for the dev cluster entry
    
 
    
 
    kubectl config set-cluster e2e --insecure-skip-tls-verify=true
 
    
@@ -8434,11 +8048,6 @@ kubectl completion powershell | Out-String | Invoke-Ex
 
    
 
    kubectl config set-cluster e2e --tls-server-name=my-cluster-name
 
    
-
    
-
     Set proxy url for the e2e cluster entry
    
-
    
-
    kubectl config set-cluster e2e --proxy-url=https://1.2.3.4
-
    
 
    Set a cluster entry in kubeconfig.
    
 
     Specifying a name that already exists will merge new fields on top of existing values for those fields.
    
 
    Usage
    
@@ -8455,41 +8064,11 @@ kubectl completion powershell | Out-String | Invoke-Ex
 
 
 
-certificate-authority
-
-
-Path to certificate-authority file for the cluster entry in kubeconfig 
-
-
 embed-certs
 
 false
 embed-certs for the cluster entry in kubeconfig 
 
-
-insecure-skip-tls-verify
-
-false
-insecure-skip-tls-verify for the cluster entry in kubeconfig 
-
-
-proxy-url
-
-
-proxy-url for the cluster entry in kubeconfig 
-
-
-server
-
-
-server for the cluster entry in kubeconfig 
-
-
-tls-server-name
-
-
-tls-server-name for the cluster entry in kubeconfig 
-
 
 
 
    
@@ -8515,29 +8094,11 @@ kubectl completion powershell | Out-String | Invoke-Ex
 
 
 
-cluster
-
-
-cluster for the context entry in kubeconfig 
-
-
 current
 
 false
 Modify the current context 
 
-
-namespace
-
-
-namespace for the context entry in kubeconfig 
-
-
-user
-
-
-user for the context entry in kubeconfig 
-
 
 
 
    
@@ -8627,18 +8188,6 @@ kubectl completion powershell | Out-String | Invoke-Ex
 'key=value' arguments for the auth provider 
 
 
-client-certificate
-
-
-Path to client-certificate file for the user entry in kubeconfig 
-
-
-client-key
-
-
-Path to client-key file for the user entry in kubeconfig 
-
-
 embed-certs
 
 false
@@ -8668,24 +8217,6 @@ kubectl completion powershell | Out-String | Invoke-Ex
 []
 'key=value' environment values for the exec credential plugin 
 
-
-password
-
-
-password for the user entry in kubeconfig 
-
-
-token
-
-
-token for the user entry in kubeconfig 
-
-
-username
-
-
-username for the user entry in kubeconfig 
-
 
 
 
    
@@ -8722,7 +8253,7 @@ kubectl completion powershell | Out-String | Invoke-Ex
 
    kubectl config view
 
    
 
    
-
     Show merged kubeconfig settings and raw certificate data and exposed secrets
    
+
     Show merged kubeconfig settings and raw certificate data
    
 
    
 
    kubectl config view --raw
 
    
@@ -8774,13 +8305,13 @@ kubectl completion powershell | Out-String | Invoke-Ex
 output
 o
 yaml
-Output format. One of: (json, yaml, name, go-template, go-template-file, template, templatefile, jsonpath, jsonpath-as-json, jsonpath-file). 
+Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file. 
 
 
 raw
 
 false
-Display raw byte data and sensitive data 
+Display raw byte data 
 
 
 show-managed-fields
@@ -8808,7 +8339,11 @@ kubectl completion powershell | Out-String | Invoke-Ex
 
 
    kubectl explain pods.spec.containers
 
    
-
    List the fields for supported resources.

     This command describes the fields associated with each supported API resource. Fields are identified via a simple JSONPath identifier:

      <type>.<fieldName>[.<fieldName>]
      
     Add the --recursive flag to display all of the fields at once without descriptions. Information about each field is retrieved from the server in OpenAPI format.

    Use "kubectl api-resources" for a complete list of supported resources.
    
+
    List the fields for supported resources.
    
+
     This command describes the fields associated with each supported API resource. Fields are identified via a simple JSONPath identifier:
    
+
      <type>.<fieldName>[.<fieldName>]
    
+
     Add the --recursive flag to display all of the fields at once without descriptions. Information about each field is retrieved from the server in OpenAPI format.
    
+
    Use "kubectl api-resources" for a complete list of supported resources.
    
 
    Usage
    
 
    $ kubectl explain RESOURCE
    
 
    Flags
    
@@ -8848,16 +8383,13 @@ kubectl completion powershell | Out-String | Invoke-Ex
 
    $ kubectl options
    
 
    
 
    plugin
    
-
    Provides utilities for interacting with plugins.

     Plugins provide extended functionality that is not part of the major command-line distribution. Please refer to the documentation and examples for more information about how write your own plugins.

     The easiest way to discover and install plugins is via the kubernetes sub-project krew. To install krew, visit https://krew.sigs.k8s.io/docs/user-guide/setup/install/ krew.sigs.k8s.io https://krew.sigs.k8s.io/docs/user-guide/setup/install/
    
+
    Provides utilities for interacting with plugins.
    
+
     Plugins provide extended functionality that is not part of the major command-line distribution. Please refer to the documentation and examples for more information about how write your own plugins.
    
+
     The easiest way to discover and install plugins is via the kubernetes sub-project krew. To install krew, visit https://krew.sigs.k8s.io/docs/user-guide/setup/install/
    
 
    Usage
    
 
    $ kubectl plugin [flags]
    
 
    
 
    list
    
-
    
-
     List all available plugins
    
-
    
-
    kubectl plugin list
-
    
 
    List all available plugin files on a user's PATH.
    
 
     Available plugin files are those that are: - executable - anywhere on the user's PATH - begin with "kubectl-"
    
 
    Usage
    
diff --git a/static/docs/reference/generated/kubectl/navData.js b/static/docs/reference/generated/kubectl/navData.js
index 636aa29b90f..e6f8f066deb 100644
--- a/static/docs/reference/generated/kubectl/navData.js
+++ b/static/docs/reference/generated/kubectl/navData.js
@@ -1 +1 @@
-(function(){navData = {"toc":[{"section":"version","subsections":[]},{"section":"plugin","subsections":[{"section":"-em-list-em-"}]},{"section":"options","subsections":[]},{"section":"explain","subsections":[]},{"section":"config","subsections":[{"section":"-em-view-em-"},{"section":"-em-use-context-em-"},{"section":"-em-unset-em-"},{"section":"-em-set-credentials-em-"},{"section":"-em-set-context-em-"},{"section":"-em-set-cluster-em-"},{"section":"-em-set-em-"},{"section":"-em-rename-context-em-"},{"section":"-em-get-users-em-"},{"section":"-em-get-contexts-em-"},{"section":"-em-get-clusters-em-"},{"section":"-em-delete-user-em-"},{"section":"-em-delete-context-em-"},{"section":"-em-delete-cluster-em-"},{"section":"-em-current-context-em-"}]},{"section":"completion","subsections":[]},{"section":"alpha","subsections":[{"section":"-em-auth-whoami-em-"},{"section":"-em-auth-em-"}]},{"section":"-strong-kubectl-settings-and-usage-strong-","subsections":[]},{"section":"uncordon","subsections":[]},{"section":"taint","subsections":[]},{"section":"drain","subsections":[]},{"section":"cordon","subsections":[]},{"section":"cluster-info","subsections":[{"section":"-em-dump-em-"}]},{"section":"certificate","subsections":[{"section":"-em-deny-em-"},{"section":"-em-approve-em-"}]},{"section":"api-resources","subsections":[]},{"section":"api-versions","subsections":[]},{"section":"-strong-cluster-management-strong-","subsections":[]},{"section":"top","subsections":[{"section":"-em-pod-em-"},{"section":"-em-node-em-"}]},{"section":"proxy","subsections":[]},{"section":"port-forward","subsections":[]},{"section":"logs","subsections":[]},{"section":"exec","subsections":[]},{"section":"events","subsections":[]},{"section":"describe","subsections":[]},{"section":"cp","subsections":[]},{"section":"auth","subsections":[{"section":"-em-reconcile-em-"},{"section":"-em-can-i-em-"}]},{"section":"attach","subsections":[]},{"section":"-strong-working-with-apps-strong-","subsections":[]},{"section":"wait","subsections":[]},{"section":"set","subsections":[{"section":"-em-subject-em-"},{"section":"-em-serviceaccount-em--1"},{"section":"-em-selector-em-"},{"section":"-em-resources-em-"},{"section":"-em-image-em-"},{"section":"-em-env-em-"}]},{"section":"scale","subsections":[]},{"section":"rollout","subsections":[{"section":"-em-undo-em-"},{"section":"-em-status-em-"},{"section":"-em-resume-em-"},{"section":"-em-restart-em-"},{"section":"-em-pause-em-"},{"section":"-em-history-em-"}]},{"section":"replace","subsections":[]},{"section":"patch","subsections":[]},{"section":"label","subsections":[]},{"section":"kustomize","subsections":[]},{"section":"edit","subsections":[]},{"section":"diff","subsections":[]},{"section":"debug","subsections":[]},{"section":"autoscale","subsections":[]},{"section":"annotate","subsections":[]},{"section":"apply","subsections":[{"section":"-em-view-last-applied-em-"},{"section":"-em-set-last-applied-em-"},{"section":"-em-edit-last-applied-em-"}]},{"section":"-strong-app-management-strong-","subsections":[]},{"section":"delete","subsections":[]},{"section":"expose","subsections":[]},{"section":"run","subsections":[]},{"section":"get","subsections":[]},{"section":"create","subsections":[{"section":"-em-token-em-"},{"section":"-em-serviceaccount-em-"},{"section":"-em-service-nodeport-em-"},{"section":"-em-service-loadbalancer-em-"},{"section":"-em-service-externalname-em-"},{"section":"-em-service-clusterip-em-"},{"section":"-em-service-em-"},{"section":"-em-secret-tls-em-"},{"section":"-em-secret-generic-em-"},{"section":"-em-secret-docker-registry-em-"},{"section":"-em-secret-em-"},{"section":"-em-rolebinding-em-"},{"section":"-em-role-em-"},{"section":"-em-quota-em-"},{"section":"-em-priorityclass-em-"},{"section":"-em-poddisruptionbudget-em-"},{"section":"-em-namespace-em-"},{"section":"-em-job-em-"},{"section":"-em-ingress-em-"},{"section":"-em-deployment-em-"},{"section":"-em-cronjob-em-"},{"section":"-em-configmap-em-"},{"section":"-em-clusterrolebinding-em-"},{"section":"-em-clusterrole-em-"}]},{"section":"-strong-getting-started-strong-","subsections":[]}],"flatToc":["version","-em-list-em-","plugin","options","explain","-em-view-em-","-em-use-context-em-","-em-unset-em-","-em-set-credentials-em-","-em-set-context-em-","-em-set-cluster-em-","-em-set-em-","-em-rename-context-em-","-em-get-users-em-","-em-get-contexts-em-","-em-get-clusters-em-","-em-delete-user-em-","-em-delete-context-em-","-em-delete-cluster-em-","-em-current-context-em-","config","completion","-em-auth-whoami-em-","-em-auth-em-","alpha","-strong-kubectl-settings-and-usage-strong-","uncordon","taint","drain","cordon","-em-dump-em-","cluster-info","-em-deny-em-","-em-approve-em-","certificate","api-resources","api-versions","-strong-cluster-management-strong-","-em-pod-em-","-em-node-em-","top","proxy","port-forward","logs","exec","events","describe","cp","-em-reconcile-em-","-em-can-i-em-","auth","attach","-strong-working-with-apps-strong-","wait","-em-subject-em-","-em-serviceaccount-em--1","-em-selector-em-","-em-resources-em-","-em-image-em-","-em-env-em-","set","scale","-em-undo-em-","-em-status-em-","-em-resume-em-","-em-restart-em-","-em-pause-em-","-em-history-em-","rollout","replace","patch","label","kustomize","edit","diff","debug","autoscale","annotate","-em-view-last-applied-em-","-em-set-last-applied-em-","-em-edit-last-applied-em-","apply","-strong-app-management-strong-","delete","expose","run","get","-em-token-em-","-em-serviceaccount-em-","-em-service-nodeport-em-","-em-service-loadbalancer-em-","-em-service-externalname-em-","-em-service-clusterip-em-","-em-service-em-","-em-secret-tls-em-","-em-secret-generic-em-","-em-secret-docker-registry-em-","-em-secret-em-","-em-rolebinding-em-","-em-role-em-","-em-quota-em-","-em-priorityclass-em-","-em-poddisruptionbudget-em-","-em-namespace-em-","-em-job-em-","-em-ingress-em-","-em-deployment-em-","-em-cronjob-em-","-em-configmap-em-","-em-clusterrolebinding-em-","-em-clusterrole-em-","create","-strong-getting-started-strong-"]};})();
\ No newline at end of file
+(function(){navData = {"toc":[{"section":"version","subsections":[]},{"section":"plugin","subsections":[{"section":"-em-list-em-"}]},{"section":"options","subsections":[]},{"section":"explain","subsections":[]},{"section":"config","subsections":[{"section":"-em-view-em-"},{"section":"-em-use-context-em-"},{"section":"-em-unset-em-"},{"section":"-em-set-credentials-em-"},{"section":"-em-set-context-em-"},{"section":"-em-set-cluster-em-"},{"section":"-em-set-em-"},{"section":"-em-rename-context-em-"},{"section":"-em-get-users-em-"},{"section":"-em-get-contexts-em-"},{"section":"-em-get-clusters-em-"},{"section":"-em-delete-user-em-"},{"section":"-em-delete-context-em-"},{"section":"-em-delete-cluster-em-"},{"section":"-em-current-context-em-"}]},{"section":"completion","subsections":[]},{"section":"api-resources","subsections":[]},{"section":"alpha","subsections":[]},{"section":"-strong-kubectl-settings-and-usage-strong-","subsections":[]},{"section":"uncordon","subsections":[]},{"section":"taint","subsections":[]},{"section":"drain","subsections":[]},{"section":"cordon","subsections":[]},{"section":"cluster-info","subsections":[{"section":"-em-dump-em-"}]},{"section":"certificate","subsections":[{"section":"-em-deny-em-"},{"section":"-em-approve-em-"}]},{"section":"api-versions","subsections":[]},{"section":"-strong-cluster-management-strong-","subsections":[]},{"section":"top","subsections":[{"section":"-em-pod-em-"},{"section":"-em-node-em-"}]},{"section":"proxy","subsections":[]},{"section":"port-forward","subsections":[]},{"section":"logs","subsections":[]},{"section":"exec","subsections":[]},{"section":"describe","subsections":[]},{"section":"cp","subsections":[]},{"section":"auth","subsections":[{"section":"-em-reconcile-em-"},{"section":"-em-can-i-em-"}]},{"section":"attach","subsections":[]},{"section":"-strong-working-with-apps-strong-","subsections":[]},{"section":"wait","subsections":[]},{"section":"set","subsections":[{"section":"-em-subject-em-"},{"section":"-em-serviceaccount-em--1"},{"section":"-em-selector-em-"},{"section":"-em-resources-em-"},{"section":"-em-image-em-"},{"section":"-em-env-em-"}]},{"section":"scale","subsections":[]},{"section":"rollout","subsections":[{"section":"-em-undo-em-"},{"section":"-em-status-em-"},{"section":"-em-resume-em-"},{"section":"-em-restart-em-"},{"section":"-em-pause-em-"},{"section":"-em-history-em-"}]},{"section":"replace","subsections":[]},{"section":"patch","subsections":[]},{"section":"label","subsections":[]},{"section":"kustomize","subsections":[]},{"section":"edit","subsections":[]},{"section":"diff","subsections":[]},{"section":"debug","subsections":[]},{"section":"autoscale","subsections":[]},{"section":"annotate","subsections":[]},{"section":"apply","subsections":[{"section":"-em-view-last-applied-em-"},{"section":"-em-set-last-applied-em-"},{"section":"-em-edit-last-applied-em-"}]},{"section":"-strong-app-management-strong-","subsections":[]},{"section":"delete","subsections":[]},{"section":"expose","subsections":[]},{"section":"run","subsections":[]},{"section":"get","subsections":[]},{"section":"create","subsections":[{"section":"-em-serviceaccount-em-"},{"section":"-em-service-nodeport-em-"},{"section":"-em-service-loadbalancer-em-"},{"section":"-em-service-externalname-em-"},{"section":"-em-service-clusterip-em-"},{"section":"-em-service-em-"},{"section":"-em-secret-tls-em-"},{"section":"-em-secret-generic-em-"},{"section":"-em-secret-docker-registry-em-"},{"section":"-em-secret-em-"},{"section":"-em-rolebinding-em-"},{"section":"-em-role-em-"},{"section":"-em-quota-em-"},{"section":"-em-priorityclass-em-"},{"section":"-em-poddisruptionbudget-em-"},{"section":"-em-namespace-em-"},{"section":"-em-job-em-"},{"section":"-em-ingress-em-"},{"section":"-em-deployment-em-"},{"section":"-em-cronjob-em-"},{"section":"-em-configmap-em-"},{"section":"-em-clusterrolebinding-em-"},{"section":"-em-clusterrole-em-"}]},{"section":"-strong-getting-started-strong-","subsections":[]}],"flatToc":["version","-em-list-em-","plugin","options","explain","-em-view-em-","-em-use-context-em-","-em-unset-em-","-em-set-credentials-em-","-em-set-context-em-","-em-set-cluster-em-","-em-set-em-","-em-rename-context-em-","-em-get-users-em-","-em-get-contexts-em-","-em-get-clusters-em-","-em-delete-user-em-","-em-delete-context-em-","-em-delete-cluster-em-","-em-current-context-em-","config","completion","api-resources","alpha","-strong-kubectl-settings-and-usage-strong-","uncordon","taint","drain","cordon","-em-dump-em-","cluster-info","-em-deny-em-","-em-approve-em-","certificate","api-versions","-strong-cluster-management-strong-","-em-pod-em-","-em-node-em-","top","proxy","port-forward","logs","exec","describe","cp","-em-reconcile-em-","-em-can-i-em-","auth","attach","-strong-working-with-apps-strong-","wait","-em-subject-em-","-em-serviceaccount-em--1","-em-selector-em-","-em-resources-em-","-em-image-em-","-em-env-em-","set","scale","-em-undo-em-","-em-status-em-","-em-resume-em-","-em-restart-em-","-em-pause-em-","-em-history-em-","rollout","replace","patch","label","kustomize","edit","diff","debug","autoscale","annotate","-em-view-last-applied-em-","-em-set-last-applied-em-","-em-edit-last-applied-em-","apply","-strong-app-management-strong-","delete","expose","run","get","-em-serviceaccount-em-","-em-service-nodeport-em-","-em-service-loadbalancer-em-","-em-service-externalname-em-","-em-service-clusterip-em-","-em-service-em-","-em-secret-tls-em-","-em-secret-generic-em-","-em-secret-docker-registry-em-","-em-secret-em-","-em-rolebinding-em-","-em-role-em-","-em-quota-em-","-em-priorityclass-em-","-em-poddisruptionbudget-em-","-em-namespace-em-","-em-job-em-","-em-ingress-em-","-em-deployment-em-","-em-cronjob-em-","-em-configmap-em-","-em-clusterrolebinding-em-","-em-clusterrole-em-","create","-strong-getting-started-strong-"]};})();
\ No newline at end of file
diff --git a/static/docs/reference/generated/kubectl/node_modules/jquery.scrollto/jquery.scrollTo.min.js b/static/docs/reference/generated/kubectl/node_modules/jquery.scrollto/jquery.scrollTo.min.js
index 65a020d92ad..3f7d1457532 100644
--- a/static/docs/reference/generated/kubectl/node_modules/jquery.scrollto/jquery.scrollTo.min.js
+++ b/static/docs/reference/generated/kubectl/node_modules/jquery.scrollto/jquery.scrollTo.min.js
@@ -1,7 +1,7 @@
-/**
- * Copyright (c) 2007-2015 Ariel Flesler - afleslergmailcom | http://flesler.blogspot.com
- * Licensed under MIT
- * @author Ariel Flesler
- * @version 2.1.2
- */
-;(function(f){"use strict";"function"===typeof define&&define.amd?define(["jquery"],f):"undefined"!==typeof module&&module.exports?module.exports=f(require("jquery")):f(jQuery)})(function($){"use strict";function n(a){return!a.nodeName||-1!==$.inArray(a.nodeName.toLowerCase(),["iframe","#document","html","body"])}function h(a){return $.isFunction(a)||$.isPlainObject(a)?a:{top:a,left:a}}var p=$.scrollTo=function(a,d,b){return $(window).scrollTo(a,d,b)};p.defaults={axis:"xy",duration:0,limit:!0};$.fn.scrollTo=function(a,d,b){"object"=== typeof d&&(b=d,d=0);"function"===typeof b&&(b={onAfter:b});"max"===a&&(a=9E9);b=$.extend({},p.defaults,b);d=d||b.duration;var u=b.queue&&1=f[g]?0:Math.min(f[g],n));!a&&11;if(queue){duration/=2}settings.offset=both(settings.offset);settings.over=both(settings.over);return this.each(function(){if(target===null){return}var win=isWin(this),elem=win?this.contentWindow||window:this,$elem=$(elem),targ=target,attr={},toff;switch(typeof targ){case 'number':case 'string':if(/^([+-]=?)?\d+(\.\d+)?(px|%)?$/.test(targ)){targ=both(targ);break}targ=win?$(targ):$(targ,elem);case 'object':if(targ.length===0){return}if(targ.is||targ.style){toff=(targ=$(targ)).offset()}}var offset=isFunction(settings.offset)&&settings.offset(elem,targ)||settings.offset;$.each(settings.axis.split(''),function(i,axis){var Pos=axis==='x'?'Left':'Top',pos=Pos.toLowerCase(),key='scroll'+Pos,prev=$elem[key](),max=$scrollTo.max(elem,axis);if(toff){attr[key]=toff[pos]+(win?0:prev-$elem.offset()[pos]);if(settings.margin){attr[key]-=parseInt(targ.css('margin'+Pos),10)||0;attr[key]-=parseInt(targ.css('border'+Pos+'Width'),10)||0}attr[key]+=offset[pos]||0;if(settings.over[pos]){attr[key]+=targ[axis==='x'?'width':'height']()*settings.over[pos]}}else{var val=targ[pos];attr[key]=val.slice&&val.slice(-1)==='%'?parseFloat(val)/100*max:val}if(settings.limit&&/^\d+$/.test(attr[key])){attr[key]=attr[key]<=0?0:Math.min(attr[key],max)}if(!i&&settings.axis.length>1){if(prev===attr[key]){attr={}}else if(queue){animate(settings.onAfterFirst);attr={}}}});animate(settings.onAfter);function animate(callback){var opts=$.extend({},settings,{queue:true,duration:duration,complete:callback&&function(){callback.call(elem,targ,settings)}});$elem.animate(attr,opts)}})};$scrollTo.max=function(elem,axis){var Dim=axis==='x'?'Width':'Height',scroll='scroll'+Dim;if(!isWin(elem)){return elem[scroll]-$(elem)[Dim.toLowerCase()]()}var size='client'+Dim,doc=elem.ownerDocument||elem.document,html=doc.documentElement,body=doc.body;return Math.max(html[scroll],body[scroll])-Math.min(html[size],body[size])};function both(val){return isFunction(val)||$.isPlainObject(val)?val:{top:val,left:val}}$.Tween.propHooks.scrollLeft=$.Tween.propHooks.scrollTop={get:function(t){return $(t.elem)[t.prop]()},set:function(t){var curr=this.get(t);if(t.options.interrupt&&t._last&&t._last!==curr){return $(t.elem).stop()}var next=Math.round(t.now);if(curr!==next){$(t.elem)[t.prop](next);t._last=this.get(t)}}};return $scrollTo});
diff --git a/static/docs/reference/generated/kubectl/node_modules/jquery/dist/jquery.min.js b/static/docs/reference/generated/kubectl/node_modules/jquery/dist/jquery.min.js
index a1c07fd803b..c4c6022f298 100644
--- a/static/docs/reference/generated/kubectl/node_modules/jquery/dist/jquery.min.js
+++ b/static/docs/reference/generated/kubectl/node_modules/jquery/dist/jquery.min.js
@@ -1,2 +1,2 @@
-/*! jQuery v3.4.1 | (c) JS Foundation and other contributors | jquery.org/license */
-!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],E=C.document,r=Object.getPrototypeOf,s=t.slice,g=t.concat,u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.4.1",k=function(e,t){return new k.fn.init(e,t)},p=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;function d(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp($),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+$),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\([\\da-f]{1,6}"+M+"?|("+M+")|.)","ig"),ne=function(e,t,n){var r="0x"+t-65536;return r!=r||n?t:r<0?String.fromCharCode(r+65536):String.fromCharCode(r>>10|55296,1023&r|56320)},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(m.childNodes),m.childNodes),t[m.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&((e?e.ownerDocument||e:m)!==C&&T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!A[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&U.test(t)){(s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=k),o=(l=h(t)).length;while(o--)l[o]="#"+s+" "+xe(l[o]);c=l.join(","),f=ee.test(t)&&ye(e.parentNode)||e}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){A(t,!0)}finally{s===k&&e.removeAttribute("id")}}}return g(t.replace(B,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[k]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e.namespaceURI,n=(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:m;return r!==C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),m!==C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=k,!C.getElementsByName||!C.getElementsByName(k).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){a.appendChild(e).innerHTML="",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+k+"-]").length||v.push("~="),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+k+"+*").length||v.push(".#.+[+~]")}),ce(function(e){e.innerHTML="";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",$)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},D=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)===(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e===C||e.ownerDocument===m&&y(m,e)?-1:t===C||t.ownerDocument===m&&y(m,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e===C?-1:t===C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]===m?-1:s[r]===m?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if((e.ownerDocument||e)!==C&&T(e),d.matchesSelector&&E&&!A[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){A(t,!0)}return 0":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=p[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&p(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?k.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?k.grep(e,function(e){return e===n!==r}):"string"!=typeof n?k.grep(e,function(e){return-1)[^>]*|#([\w-]+))$/;(k.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||q,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:L.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof k?t[0]:t,k.merge(this,k.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),D.test(r[1])&&k.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(k):k.makeArray(e,this)}).prototype=k.fn,q=k(E);var H=/^(?:parents|prev(?:Until|All))/,O={children:!0,contents:!0,next:!0,prev:!0};function P(e,t){while((e=e[t])&&1!==e.nodeType);return e}k.fn.extend({has:function(e){var t=k(e,this),n=t.length;return this.filter(function(){for(var e=0;e\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i,ge={option:[1,""],thead:[1,"","
    "],col:[2,"","
    "],tr:[2,"","
    "],td:[3,"","
    "],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?k.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;nx",y.noCloneChecked=!!me.cloneNode(!0).lastChild.defaultValue;var Te=/^key/,Ce=/^(?:mouse|pointer|contextmenu|drag|drop)|click/,Ee=/^([^.]*)(?:\.(.+)|)/;function ke(){return!0}function Se(){return!1}function Ne(e,t){return e===function(){try{return E.activeElement}catch(e){}}()==("focus"===t)}function Ae(e,t,n,r,i,o){var a,s;if("object"==typeof t){for(s in"string"!=typeof n&&(r=r||n,n=void 0),t)Ae(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=Se;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return k().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=k.guid++)),e.each(function(){k.event.add(this,t,i,r,n)})}function De(e,i,o){o?(Q.set(e,i,!1),k.event.add(e,i,{namespace:!1,handler:function(e){var t,n,r=Q.get(this,i);if(1&e.isTrigger&&this[i]){if(r.length)(k.event.special[i]||{}).delegateType&&e.stopPropagation();else if(r=s.call(arguments),Q.set(this,i,r),t=o(this,i),this[i](),r!==(n=Q.get(this,i))||t?Q.set(this,i,!1):n={},r!==n)return e.stopImmediatePropagation(),e.preventDefault(),n.value}else r.length&&(Q.set(this,i,{value:k.event.trigger(k.extend(r[0],k.Event.prototype),r.slice(1),this)}),e.stopImmediatePropagation())}})):void 0===Q.get(e,i)&&k.event.add(e,i,ke)}k.event={global:{},add:function(t,e,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Q.get(t);if(v){n.handler&&(n=(o=n).handler,i=o.selector),i&&k.find.matchesSelector(ie,i),n.guid||(n.guid=k.guid++),(u=v.events)||(u=v.events={}),(a=v.handle)||(a=v.handle=function(e){return"undefined"!=typeof k&&k.event.triggered!==e.type?k.event.dispatch.apply(t,arguments):void 0}),l=(e=(e||"").match(R)||[""]).length;while(l--)d=g=(s=Ee.exec(e[l])||[])[1],h=(s[2]||"").split(".").sort(),d&&(f=k.event.special[d]||{},d=(i?f.delegateType:f.bindType)||d,f=k.event.special[d]||{},c=k.extend({type:d,origType:g,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&k.expr.match.needsContext.test(i),namespace:h.join(".")},o),(p=u[d])||((p=u[d]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(t,r,h,a)||t.addEventListener&&t.addEventListener(d,a)),f.add&&(f.add.call(t,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),k.event.global[d]=!0)}},remove:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Q.hasData(e)&&Q.get(e);if(v&&(u=v.events)){l=(t=(t||"").match(R)||[""]).length;while(l--)if(d=g=(s=Ee.exec(t[l])||[])[1],h=(s[2]||"").split(".").sort(),d){f=k.event.special[d]||{},p=u[d=(r?f.delegateType:f.bindType)||d]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=p.length;while(o--)c=p[o],!i&&g!==c.origType||n&&n.guid!==c.guid||s&&!s.test(c.namespace)||r&&r!==c.selector&&("**"!==r||!c.selector)||(p.splice(o,1),c.selector&&p.delegateCount--,f.remove&&f.remove.call(e,c));a&&!p.length&&(f.teardown&&!1!==f.teardown.call(e,h,v.handle)||k.removeEvent(e,d,v.handle),delete u[d])}else for(d in u)k.event.remove(e,d+t[l],n,r,!0);k.isEmptyObject(u)&&Q.remove(e,"handle events")}},dispatch:function(e){var t,n,r,i,o,a,s=k.event.fix(e),u=new Array(arguments.length),l=(Q.get(this,"events")||{})[s.type]||[],c=k.event.special[s.type]||{};for(u[0]=s,t=1;t\x20\t\r\n\f]*)[^>]*)\/>/gi,qe=/\s*$/g;function Oe(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&k(e).children("tbody")[0]||e}function Pe(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function Re(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Me(e,t){var n,r,i,o,a,s,u,l;if(1===t.nodeType){if(Q.hasData(e)&&(o=Q.access(e),a=Q.set(t,o),l=o.events))for(i in delete a.handle,a.events={},l)for(n=0,r=l[i].length;n")},clone:function(e,t,n){var r,i,o,a,s,u,l,c=e.cloneNode(!0),f=oe(e);if(!(y.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||k.isXMLDoc(e)))for(a=ve(c),r=0,i=(o=ve(e)).length;r").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var Vt,Gt=[],Yt=/(=)\?(?=&|$)|\?\?/;k.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Gt.pop()||k.expando+"_"+kt++;return this[e]=!0,e}}),k.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Yt.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Yt.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Yt,"$1"+r):!1!==e.jsonp&&(e.url+=(St.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||k.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?k(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,Gt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((Vt=E.implementation.createHTMLDocument("").body).innerHTML="
    ",2===Vt.childNodes.length),k.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(y.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=D.exec(e))?[t.createElement(i[1])]:(i=we([e],t,o),o&&o.length&&k(o).remove(),k.merge([],i.childNodes)));var r,i,o},k.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1").append(k.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},k.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){k.fn[t]=function(e){return this.on(t,e)}}),k.expr.pseudos.animated=function(t){return k.grep(k.timers,function(e){return t===e.elem}).length},k.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=k.css(e,"position"),c=k(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=k.css(e,"top"),u=k.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,k.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},k.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){k.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===k.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===k.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=k(e).offset()).top+=k.css(e,"borderTopWidth",!0),i.left+=k.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-k.css(r,"marginTop",!0),left:t.left-i.left-k.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===k.css(e,"position"))e=e.offsetParent;return e||ie})}}),k.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;k.fn[t]=function(e){return _(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),k.each(["top","left"],function(e,n){k.cssHooks[n]=ze(y.pixelPosition,function(e,t){if(t)return t=_e(e,n),$e.test(t)?k(e).position()[n]+"px":t})}),k.each({Height:"height",Width:"width"},function(a,s){k.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){k.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return _(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?k.css(e,t,i):k.style(e,t,n,i)},s,n?e:void 0,n)}})}),k.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){k.fn[n]=function(e,t){return 0+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp(F),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+F),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&(U.test(t)||z.test(t))){(f=ee.test(t)&&ye(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){N(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return g(t.replace($,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:p;return r!=C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.createElement("div")),"undefined"!=typeof e.querySelectorAll&&!e.querySelectorAll(":scope fieldset div").length}),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=S,!C.getElementsByName||!C.getElementsByName(S).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){var t;a.appendChild(e).innerHTML="",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+S+"-]").length||v.push("~="),(t=C.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||v.push("\\["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",F)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},j=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&y(p,e)?-1:t==C||t.ownerDocument==p&&y(p,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e==C?-1:t==C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]==p?-1:s[r]==p?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if(T(e),d.matchesSelector&&E&&!N[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){N(t,!0)}return 0":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=m[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&m(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?S.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?S.grep(e,function(e){return e===n!==r}):"string"!=typeof n?S.grep(e,function(e){return-1)[^>]*|#([\w-]+))$/;(S.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||D,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:q.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof S?t[0]:t,S.merge(this,S.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),N.test(r[1])&&S.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(S):S.makeArray(e,this)}).prototype=S.fn,D=S(E);var L=/^(?:parents|prev(?:Until|All))/,H={children:!0,contents:!0,next:!0,prev:!0};function O(e,t){while((e=e[t])&&1!==e.nodeType);return e}S.fn.extend({has:function(e){var t=S(e,this),n=t.length;return this.filter(function(){for(var e=0;e\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i;ce=E.createDocumentFragment().appendChild(E.createElement("div")),(fe=E.createElement("input")).setAttribute("type","radio"),fe.setAttribute("checked","checked"),fe.setAttribute("name","t"),ce.appendChild(fe),y.checkClone=ce.cloneNode(!0).cloneNode(!0).lastChild.checked,ce.innerHTML="",y.noCloneChecked=!!ce.cloneNode(!0).lastChild.defaultValue,ce.innerHTML="",y.option=!!ce.lastChild;var ge={thead:[1,"","
    "],col:[2,"","
    "],tr:[2,"","
    "],td:[3,"","
    "],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?S.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;n",""]);var me=/<|&#?\w+;/;function xe(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d\s*$/g;function je(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&S(e).children("tbody")[0]||e}function De(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function qe(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Le(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(Y.hasData(e)&&(s=Y.get(e).events))for(i in Y.remove(t,"handle events"),s)for(n=0,r=s[i].length;n").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var _t,zt=[],Ut=/(=)\?(?=&|$)|\?\?/;S.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=zt.pop()||S.expando+"_"+wt.guid++;return this[e]=!0,e}}),S.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Ut.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Ut.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Ut,"$1"+r):!1!==e.jsonp&&(e.url+=(Tt.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||S.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?S(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,zt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((_t=E.implementation.createHTMLDocument("").body).innerHTML="
    ",2===_t.childNodes.length),S.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(y.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=N.exec(e))?[t.createElement(i[1])]:(i=xe([e],t,o),o&&o.length&&S(o).remove(),S.merge([],i.childNodes)));var r,i,o},S.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1").append(S.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},S.expr.pseudos.animated=function(t){return S.grep(S.timers,function(e){return t===e.elem}).length},S.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=S.css(e,"position"),c=S(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=S.css(e,"top"),u=S.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,S.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},S.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){S.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===S.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===S.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=S(e).offset()).top+=S.css(e,"borderTopWidth",!0),i.left+=S.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-S.css(r,"marginTop",!0),left:t.left-i.left-S.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===S.css(e,"position"))e=e.offsetParent;return e||re})}}),S.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;S.fn[t]=function(e){return $(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),S.each(["top","left"],function(e,n){S.cssHooks[n]=Fe(y.pixelPosition,function(e,t){if(t)return t=We(e,n),Pe.test(t)?S(e).position()[n]+"px":t})}),S.each({Height:"height",Width:"width"},function(a,s){S.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){S.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return $(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?S.css(e,t,i):S.style(e,t,n,i)},s,n?e:void 0,n)}})}),S.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){S.fn[t]=function(e){return this.on(t,e)}}),S.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),S.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){S.fn[n]=function(e,t){return 0
+
+
+
+Kubernetes API Reference Docs
+
+
+
+
+
+
+
    
+
    
+
+
    
+
    
+  
    
+ Copyright 2016-2023 The Kubernetes Authors.
+  
    
+  
    
+    
    Generated at: 2023-04-12 08:42:47 (CST)
    
+    
    API Version: v1.27.0
    
+  
    
+
    API OVERVIEW
    
+
+
    Welcome to the Kubernetes API.  You can use the Kubernetes API to read
+and write Kubernetes resource objects via a Kubernetes API endpoint.
    
+
+
    Resource Categories
    
+
+
    This is a high-level overview of the basic types of resources provide by the Kubernetes API and their primary functions.
    
+
    Workloads are objects you use to manage and run your containers on the cluster.
    
+
    Discovery & LB resources are objects you use to "stitch" your workloads together into an externally accessible, load-balanced Service.
    
+
    Config & Storage resources are objects you use to inject initialization data into your applications, and to persist data that is external to your container.
    
+
    Cluster resources objects define how the cluster itself is configured; these are typically used only by cluster operators.
    
+
    Metadata resources are objects you use to configure the behavior of other resources within the cluster, such as HorizontalPodAutoscaler for scaling workloads.
    
+
+
    
+
+
    Resource Objects
    
+
+
    Resource objects typically have 3 components:
    
+
      
+
    • Resource ObjectMeta: This is metadata about the resource, such as its name, type, api version, annotations, and labels.  This contains
+fields that maybe updated both by the end user and the system (e.g. annotations).
      • 
+
    • ResourceSpec: This is defined by the user and describes the desired state of system.  Fill this in when creating or updating an object.
      • 
+
    • ResourceStatus: This is filled in by the server and reports the current state of the system.  In most cases, users don't need to change this.
      • 
+
    
+
+
    
+
+
    Resource Operations
    
+
+
    Most resources provide the following Operations:
    
+
+
    Create
    
+
+
    Create operations will create the resource in the storage backend.  After a resource is create the system will apply
+the desired state.
    
+
+
    Update
    
+
+
    Updates come in 2 forms: Replace and Patch:
+
+
      
+
    • Replace:
+Replacing a resource object will update the resource by replacing the existing spec with the provided one.  For
+read-then-write operations this is safe because an optimistic lock failure will occur if the resource was modified
+between the read and write. Note: The ResourceStatus will be ignored by the system and will not be updated.
+To update the status, one must invoke the specific status update operation.
      
+
+Note: Replacing a resource object may not result immediately in changes being propagated to downstream objects.  For instance
+replacing a ConfigMap or Secret resource will not result in all Pods seeing the changes unless the Pods are
+restarted out of band.
      • 
+
+
    • Patch:
+Patch will apply a change to a specific field.  How the change is merged is defined per field.  Lists may either be
+replaced or merged.  Merging lists will not preserve ordering.
      
+
+Patches will never cause optimistic locking failures, and the last write will win.  Patches are recommended
+when the full state is not read before an update, or when failing on optimistic locking is undesirable. When patching
+complex types, arrays and maps, how the patch is applied is defined on a per-field basis and may either replace
+the field's current value, or merge the contents into the current value.
      • 
+
    
+
+
    Read
    
+
+
    Reads come in 3 forms: Get, List and Watch:
    
+
+
      
+
    • Get: Get will retrieve a specific resource object by name.
      • 
+
    • List: List will retrieve all resource objects of a specific type within a namespace, and the results can be restricted to resources matching a selector query.
      
+List All Namespaces: Like List but retrieves resources across all namespaces.
      • 
+
    • Watch: Watch will stream results for an object(s) as it is updated.  Similar to a callback, watch is used to respond to resource changes.
      • 
+
    
+
+
    Delete
    
+
+
    Delete will delete a resource.  Depending on the specific resource, child objects may or may not be garbage collected by the server.  See
+notes on specific resource objects for details.
    
+
+
    Additional Operations
    
+
+
    Resources may define additional operations specific to that resource type.
    
+
+
      
+	
    • Rollback: Rollback a PodTemplate to a previous version.  Only available for some resource types.
      • 
+	
    • Read / Write Scale: Read or Update the number of replicas for the given resource.  Only available for some resource types.
      • 
+	
    • Read / Write Status: Read or Update the Status for a resource object.  The Status can only changed through these update operations.
      • 
+
    
+
    
+
    API Groups
    
+
    The API Groups and their versions are summarized in the following table.
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    GroupVersion
    admissionregistration.k8s.iov1, v1alpha1
    apiextensions.k8s.iov1
    apiregistration.k8s.iov1
    appsv1
    authentication.k8s.iov1, v1beta1, v1alpha1
    authorization.k8s.iov1
    autoscalingv2, v1
    batchv1
    certificates.k8s.iov1, v1alpha1
    coordination.k8s.iov1
    corev1
    discovery.k8s.iov1
    events.k8s.iov1
    flowcontrol.apiserver.k8s.iov1beta3, v1beta2
    internal.apiserver.k8s.iov1alpha1
    networking.k8s.iov1, v1alpha1
    node.k8s.iov1
    policyv1
    rbac.authorization.k8s.iov1
    resource.k8s.iov1alpha2
    scheduling.k8s.iov1
    storage.k8s.iov1
    
+
    WORKLOADS
    
+
+
    Workloads resources are responsible for managing and running your containers on the cluster. Containers are created
+by Controllers through Pods. Pods run Containers and provide environmental dependencies such as shared or
+persistent storage Volumes and Configuration or Secret
+data injected into the container.
    
+
+
    The most common Controllers are:
    
+
      
+
    • Deployments for stateless persistent apps (e.g. HTTP servers).
      • 
+
    • StatefulSets for stateful persistent apps (e.g. databases).
      • 
+
    • Jobs for run-to-completion apps (e.g. batch Jobs).
      • 
+
    
+
+
    
+
    Container v1 core
    
+
+
    
+  
    
+
    Container Config to run nginx (must be embedded in a PodSpec to run).
    
+  
    
+
    
+name: nginx
+# Run the nginx:1.14 image
+image: nginx:1.14
+
+
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Container
    
+
     Warning:
    Containers are only ever created within the context of a Pod.  This is usually done using a Controller.  See Controllers: Deployment, Job, or StatefulSet
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    args
    string array    		Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
    command
    string array    		Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
    env
    EnvVar array
    patch strategy: merge
    patch merge key: name    		List of environment variables to set in the container. Cannot be updated.
    envFrom
    EnvFromSource array    		List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
    image
    string    		Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.
    imagePullPolicy
    string    		Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
    lifecycle
    Lifecycle    		Actions that the management system should take in response to container lifecycle events. Cannot be updated.
    livenessProbe
    Probe    		Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
    name
    string    		Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
    ports
    ContainerPort array
    patch strategy: merge
    patch merge key: containerPort    		List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.
    readinessProbe
    Probe    		Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
    resizePolicy
    ContainerResizePolicy array    		Resources resize policy for the container.
    resources
    ResourceRequirements    		Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
    securityContext
    SecurityContext    		SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
    startupProbe
    Probe    		StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
    stdin
    boolean    		Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
    stdinOnce
    boolean    		Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
    terminationMessagePath
    string    		Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.
    terminationMessagePolicy
    string    		Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
    tty
    boolean    		Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.
    volumeDevices
    VolumeDevice array
    patch strategy: merge
    patch merge key: devicePath    		volumeDevices is the list of block devices to be used by the container.
    volumeMounts
    VolumeMount array
    patch strategy: merge
    patch merge key: mountPath    		Pod volumes to mount into the container's filesystem. Cannot be updated.
    workingDir
    string    		Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
    
+
    ContainerStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    allocatedResources
    object    		AllocatedResources represents the compute resources allocated for this container by the node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission and after successfully admitting desired pod resize.
    containerID
    string    		ContainerID is the ID of the container in the format '<type>://<container_id>'. Where type is a container runtime identifier, returned from Version call of CRI API (for example "containerd").
    image
    string    		Image is the name of container image that the container is running. The container image may not match the image used in the PodSpec, as it may have been resolved by the runtime. More info: https://kubernetes.io/docs/concepts/containers/images.
    imageID
    string    		ImageID is the image ID of the container's image. The image ID may not match the image ID of the image used in the PodSpec, as it may have been resolved by the runtime.
    lastState
    ContainerState    		LastTerminationState holds the last termination state of the container to help debug container crashes and restarts. This field is not populated if the container is still running and RestartCount is 0.
    name
    string    		Name is a DNS_LABEL representing the unique name of the container. Each container in a pod must have a unique name across all container types. Cannot be updated.
    ready
    boolean    		Ready specifies whether the container is currently passing its readiness check. The value will change as readiness probes keep executing. If no readiness probes are specified, this field defaults to true once the container is fully started (see Started field).  The value is typically used to determine whether a container is ready to accept traffic.
    resources
    ResourceRequirements    		Resources represents the compute resource requests and limits that have been successfully enacted on the running container after it has been started or has been successfully resized.
    restartCount
    integer    		RestartCount holds the number of times the container has been restarted. Kubelet makes an effort to always increment the value, but there are cases when the state may be lost due to node restarts and then the value may be reset to 0. The value is never negative.
    started
    boolean    		Started indicates whether the container has finished its postStart lifecycle hook and passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. In both cases, startup probes will run again. Is always true when no startupProbe is defined and container is running and has passed the postStart lifecycle hook. The null value must be treated the same as false.
    state
    ContainerState    		State holds details about the container's current condition.
    
+
    CronJob v1 batch
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1CronJob
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    CronJobSpec    		Specification of the desired behavior of a cron job, including the schedule. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    CronJobStatus    		Current status of a cron job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    CronJobSpec v1 batch
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    concurrencyPolicy
    string    		Specifies how to treat concurrent executions of a Job. Valid values are:  - "Allow" (default): allows CronJobs to run concurrently; - "Forbid": forbids concurrent runs, skipping next run if previous run hasn't finished yet; - "Replace": cancels currently running job and replaces it with a new one
    failedJobsHistoryLimit
    integer    		The number of failed finished jobs to retain. Value must be non-negative integer. Defaults to 1.
    jobTemplate
    JobTemplateSpec    		Specifies the job that will be created when executing a CronJob.
    schedule
    string    		The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.
    startingDeadlineSeconds
    integer    		Optional deadline in seconds for starting the job if it misses scheduled time for any reason.  Missed jobs executions will be counted as failed ones.
    successfulJobsHistoryLimit
    integer    		The number of successful finished jobs to retain. Value must be non-negative integer. Defaults to 3.
    suspend
    boolean    		This flag tells the controller to suspend subsequent executions, it does not apply to already started executions.  Defaults to false.
    timeZone
    string    		The time zone name for the given schedule, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones. If not specified, this will default to the time zone of the kube-controller-manager process. The set of valid time zone names and the time zone offset is loaded from the system-wide time zone database by the API server during CronJob validation and the controller manager during execution. If no system-wide time zone database can be found a bundled version of the database is used instead. If the time zone name becomes invalid during the lifetime of a CronJob or due to a change in host configuration, the controller will stop creating new new Jobs and will create a system event with the reason UnknownTimeZone. More information can be found in https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones
    
+
    CronJobStatus v1 batch
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    active
    ObjectReference array    		A list of pointers to currently running jobs.
    lastScheduleTime
    Time    		Information when was the last time the job was successfully scheduled.
    lastSuccessfulTime
    Time    		Information when was the last time the job successfully completed.
    
+
    CronJobList v1 batch
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    CronJob array    		items is the list of CronJobs.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a CronJob
    
+
    HTTP Request
    
+POST /apis/batch/v1/namespaces/{namespace}/cronjobs
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CronJob
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    CronJob    		OK
    201
    CronJob    		Created
    202
    CronJob    		Accepted
    
+
    Patch
    
+
    partially update the specified CronJob
    
+
    HTTP Request
    
+PATCH /apis/batch/v1/namespaces/{namespace}/cronjobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CronJob
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CronJob    		OK
    201
    CronJob    		Created
    
+
    Replace
    
+
    replace the specified CronJob
    
+
    HTTP Request
    
+PUT /apis/batch/v1/namespaces/{namespace}/cronjobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CronJob
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CronJob
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CronJob    		OK
    201
    CronJob    		Created
    
+
    Delete
    
+
    delete a CronJob
    
+
    HTTP Request
    
+DELETE /apis/batch/v1/namespaces/{namespace}/cronjobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CronJob
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of CronJob
    
+
    HTTP Request
    
+DELETE /apis/batch/v1/namespaces/{namespace}/cronjobs
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified CronJob
    
+
    HTTP Request
    
+GET /apis/batch/v1/namespaces/{namespace}/cronjobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CronJob
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CronJob    		OK
    
+
    List
    
+
    list or watch objects of kind CronJob
    
+
    HTTP Request
    
+GET /apis/batch/v1/namespaces/{namespace}/cronjobs
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CronJobList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind CronJob
    
+
    HTTP Request
    
+GET /apis/batch/v1/cronjobs
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CronJobList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind CronJob. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/batch/v1/watch/namespaces/{namespace}/cronjobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CronJob
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/batch/v1/watch/namespaces/{namespace}/cronjobs
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of CronJob. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/batch/v1/watch/cronjobs
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified CronJob
    
+
    HTTP Request
    
+PATCH /apis/batch/v1/namespaces/{namespace}/cronjobs/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CronJob
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CronJob    		OK
    201
    CronJob    		Created
    
+
    Read Status
    
+
    read status of the specified CronJob
    
+
    HTTP Request
    
+GET /apis/batch/v1/namespaces/{namespace}/cronjobs/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CronJob
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CronJob    		OK
    
+
    Replace Status
    
+
    replace status of the specified CronJob
    
+
    HTTP Request
    
+PUT /apis/batch/v1/namespaces/{namespace}/cronjobs/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CronJob
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CronJob
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CronJob    		OK
    201
    CronJob    		Created
    
+
    DaemonSet v1 apps
    
+
+
    
+  
    
+
    DaemonSet Config to print the `hostname` on each Node in the cluster every 10 seconds.
    
+  
    
+
    
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  # Unique key of the DaemonSet instance
+  name: daemonset-example
+spec:
+  selector:
+    matchLabels:
+      app: daemonset-example
+  template:
+    metadata:
+      labels:
+        app: daemonset-example
+    spec:
+      containers:
+      # This container is run once on each Node in the cluster
+      - name: daemonset-example
+        image: ubuntu:trusty
+        command:
+        - /bin/sh
+        args:
+        - -c
+        # This script is run through `sh -c <script>`
+        - >-
+          while [ true ]; do
+          echo "DaemonSet running on $(hostname)" ;
+          sleep 10 ;
+          done
+
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1DaemonSet
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    DaemonSetSpec    		The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    DaemonSetStatus    		The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    DaemonSetSpec v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    minReadySeconds
    integer    		The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).
    revisionHistoryLimit
    integer    		The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.
    selector
    LabelSelector    		A label query over pods that are managed by the daemon set. Must match in order to be controlled. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
    template
    PodTemplateSpec    		An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template's node selector (or on every node if no node selector is specified). The only allowed template.spec.restartPolicy value is "Always". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
    updateStrategy
    DaemonSetUpdateStrategy    		An update strategy to replace existing DaemonSet pods with new pods.
    
+
    DaemonSetStatus v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    collisionCount
    integer    		Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.
    conditions
    DaemonSetCondition array
    patch strategy: merge
    patch merge key: type    		Represents the latest available observations of a DaemonSet's current state.
    currentNumberScheduled
    integer    		The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
    desiredNumberScheduled
    integer    		The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
    numberAvailable
    integer    		The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)
    numberMisscheduled
    integer    		The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
    numberReady
    integer    		numberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running with a Ready Condition.
    numberUnavailable
    integer    		The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)
    observedGeneration
    integer    		The most recent generation observed by the daemon set controller.
    updatedNumberScheduled
    integer    		The total number of nodes that are running updated daemon pod
    
+
    DaemonSetList v1 apps
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    DaemonSet array    		A list of daemon sets.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    RollingUpdateDaemonSet v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    maxSurgeThe maximum number of nodes with an existing available DaemonSet pod that can have an updated DaemonSet pod during during an update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up to a minimum of 1. Default value is 0. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their a new pod created before the old pod is marked as deleted. The update starts by launching new pods on 30% of nodes. Once an updated pod is available (Ready for at least minReadySeconds) the old DaemonSet pod on that node is marked deleted. If the old pod becomes unavailable for any reason (Ready transitions to false, is evicted, or is drained) an updated pod is immediatedly created on that node without considering surge limits. Allowing surge implies the possibility that the resources consumed by the daemonset on any given node can double if the readiness check fails, and so resource intensive daemonsets should take into account that they may cause evictions during disruption.
    maxUnavailableThe maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0 if MaxSurge is 0 Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update.
    
+
    Write Operations
    
+
    Create
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ echo 'apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: daemonset-example
+spec:
+  selector:
+    matchLabels:
+      app: daemonset-example
+  template:
+    metadata:
+      labels:
+        app: daemonset-example
+    spec:
+      containers:
+      - name: daemonset-example
+        image: ubuntu:trusty
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - >-
+          while [ true ]; do
+          echo "DaemonSet running on $(hostname)" ;
+          sleep 10 ;
+          done
+' | kubectl create -f -
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X POST -H 'Content-Type: application/yaml' --data '
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: daemonset-example
+spec:
+  selector:
+    matchLabels:
+      app: daemonset-example
+  template:
+    metadata:
+      labels:
+        app: daemonset-example
+    spec:
+      containers:
+      - name: daemonset-example
+        image: ubuntu:trusty
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - >-
+          while [ true ]; do
+          echo "DaemonSet running on $(hostname)" ;
+          sleep 10 ;
+          done
+' http://127.0.0.1:8001/apis/apps/v1/namespaces/default/daemonsets
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+daemonset "daemonset-example" created
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "DaemonSet",
+  "apiVersion": "apps/v1",
+  "metadata": {
+    "name": "daemonset-example",
+    "namespace": "default",
+    "selfLink": "/apis/apps/v1/namespaces/default/daemonsets/daemonset-example",
+    "uid": "65552ced-b0e2-11e6-aef0-42010af00229",
+    "resourceVersion": "3558",
+    "generation": 1,
+    "creationTimestamp": "2016-11-22T18:35:09Z",
+    "labels": {
+      "app": "daemonset-example"
+    }
+  },
+  "spec": {
+    "selector": {
+      "matchLabels": {
+        "app": "daemonset-example"
+      }
+    },
+    "template": {
+      "metadata": {
+        "creationTimestamp": null,
+        "labels": {
+          "app": "daemonset-example"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "daemonset-example",
+            "image": "ubuntu:trusty",
+            "command": [
+              "/bin/sh"
+            ],
+            "args": [
+              "-c",
+              "while [ true ]; do echo \"DaemonSet running on $(hostname)\" ; sleep 10 ; done"
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "IfNotPresent"
+          }
+        ],
+        "restartPolicy": "Always",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    }
+  },
+  "status": {
+    "currentNumberScheduled": 0,
+    "numberMisscheduled": 0,
+    "desiredNumberScheduled": 0
+  }
+}
+
    
+
    create a DaemonSet
    
+
    HTTP Request
    
+POST /apis/apps/v1/namespaces/{namespace}/daemonsets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DaemonSet
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSet    		OK
    201
    DaemonSet    		Created
    202
    DaemonSet    		Accepted
    
+
    Patch
    
+
    partially update the specified DaemonSet
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/daemonsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the DaemonSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSet    		OK
    201
    DaemonSet    		Created
    
+
    Replace
    
+
    replace the specified DaemonSet
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/daemonsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the DaemonSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DaemonSet
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSet    		OK
    201
    DaemonSet    		Created
    
+
    Delete
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl delete daemonset daemonset-example
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X DELETE -H 'Content-Type: application/yaml' --data '
+gracePeriodSeconds: 0
+orphanDependents: false
+' 'http://127.0.0.1:8001/apis/apps/v1/namespaces/default/daemonsets/daemonset-example'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+daemonset "daemonset-example" deleted
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Status",
+  "apiVersion": "v1",
+  "metadata": {},
+  "status": "Success",
+  "code": 200
+}
+
+
    
+
    delete a DaemonSet
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/daemonsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the DaemonSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of DaemonSet
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/daemonsets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get daemonset daemonset-example -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET http://127.0.0.1:8001/apis/apps/v1/namespaces/default/daemonsets/daemonset-example
+
    
+
    read the specified DaemonSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/daemonsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the DaemonSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSet    		OK
    
+
    List
    
+
    list or watch objects of kind DaemonSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/daemonsets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSetList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind DaemonSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/daemonsets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSetList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind DaemonSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/daemonsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the DaemonSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/daemonsets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of DaemonSet. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/daemonsets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified DaemonSet
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/daemonsets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the DaemonSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSet    		OK
    201
    DaemonSet    		Created
    
+
    Read Status
    
+
    read status of the specified DaemonSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/daemonsets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the DaemonSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSet    		OK
    
+
    Replace Status
    
+
    replace status of the specified DaemonSet
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/daemonsets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the DaemonSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DaemonSet
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    DaemonSet    		OK
    201
    DaemonSet    		Created
    
+
    Deployment v1 apps
    
+
+
    
+  
    
+
    Deployment Config to run 3 nginx instances (max rollback set to 10 revisions).
    
+  
    
+
    
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  # Unique key of the Deployment instance
+  name: deployment-example
+spec:
+  # 3 Pods should exist at all times.
+  replicas: 3
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        # Apply this label to pods and default
+        # the Deployment label selector to this value
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        # Run this image
+        image: nginx:1.14
+
+
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1Deployment
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    DeploymentSpec    		Specification of the desired behavior of the Deployment.
    status
    DeploymentStatus    		Most recently observed status of the Deployment.
    
+
    DeploymentSpec v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    minReadySeconds
    integer    		Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
    paused
    boolean    		Indicates that the deployment is paused.
    progressDeadlineSeconds
    integer    		The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.
    replicas
    integer    		Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.
    revisionHistoryLimit
    integer    		The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.
    selector
    LabelSelector    		Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. It must match the pod template's labels.
    strategy
    DeploymentStrategy
    patch strategy: retainKeys    		The deployment strategy to use to replace existing pods with new ones.
    template
    PodTemplateSpec    		Template describes the pods that will be created. The only allowed template.spec.restartPolicy value is "Always".
    
+
    DeploymentStatus v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    availableReplicas
    integer    		Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
    collisionCount
    integer    		Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.
    conditions
    DeploymentCondition array
    patch strategy: merge
    patch merge key: type    		Represents the latest available observations of a deployment's current state.
    observedGeneration
    integer    		The generation observed by the deployment controller.
    readyReplicas
    integer    		readyReplicas is the number of pods targeted by this Deployment with a Ready Condition.
    replicas
    integer    		Total number of non-terminated pods targeted by this deployment (their labels match the selector).
    unavailableReplicas
    integer    		Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.
    updatedReplicas
    integer    		Total number of non-terminated pods targeted by this deployment that have the desired template spec.
    
+
    DeploymentList v1 apps
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Deployment array    		Items is the list of Deployments.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata.
    
+
    DeploymentStrategy v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    rollingUpdate
    RollingUpdateDeployment    		Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.
    type
    string    		Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate.
    
+
    RollingUpdateDeployment v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    maxSurgeThe maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.
    maxUnavailableThe maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.
    
+
    Write Operations
    
+
    Create
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ echo 'apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: deployment-example
+spec:
+  replicas: 3
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.14
+        ports:
+        - containerPort: 80
+' | kubectl create -f -
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X POST -H 'Content-Type: application/yaml' --data '
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: deployment-example
+spec:
+  replicas: 3
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.14
+        ports:
+        - containerPort: 80
+' http://127.0.0.1:8001/apis/apps/v1/namespaces/default/deployments
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+deployment "deployment-example" created
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Deployment",
+  "apiVersion": "apps/v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/apis/apps/v1/namespaces/default/deployments/deployment-example",
+    "uid": "4ccca349-9cb1-11e6-9c54-42010a800148",
+    "resourceVersion": "2118306",
+    "generation": 1,
+    "creationTimestamp": "2016-10-28T01:53:19Z",
+    "labels": {
+      "app": "nginx"
+    }
+  },
+  "spec": {
+    "replicas": 3,
+    "selector": {
+      "matchLabels": {
+        "app": "nginx"
+      }
+    },
+    "template": {
+      "metadata": {
+        "creationTimestamp": null,
+        "labels": {
+          "app": "nginx"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "nginx",
+            "image": "nginx:1.14",
+            "ports": [
+              {
+                "containerPort": 80,
+                "protocol": "TCP"
+              }
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "IfNotPresent"
+          }
+        ],
+        "restartPolicy": "Always",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    },
+    "strategy": {
+      "type": "RollingUpdate",
+      "rollingUpdate": {
+        "maxUnavailable": 1,
+        "maxSurge": 1
+      }
+    },
+    "revisionHistoryLimit": 10
+  },
+  "status": {}
+}
+
+
    
+
    create a Deployment
    
+
    HTTP Request
    
+POST /apis/apps/v1/namespaces/{namespace}/deployments
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Deployment
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Deployment    		OK
    201
    Deployment    		Created
    202
    Deployment    		Accepted
    
+
    Patch
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl patch deployment deployment-example -p \
+	'{"spec":{"template":{"spec":{"containers":[{"name":"nginx","image":"nginx:1.16"}]}}}}'
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X PATCH -H 'Content-Type: application/strategic-merge-patch+json' --data '
+{"spec":{"template":{"spec":{"containers":[{"name":"nginx","image":"nginx:1.16"}]}}}}' \
+	'http://127.0.0.1:8001/apis/apps/v1/namespaces/default/deployments/deployment-example'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+"deployment-example" patched
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Deployment",
+  "apiVersion": "apps/v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/apis/apps/v1/namespaces/default/deployments/deployment-example",
+    "uid": "5dc3a8e6-b0ee-11e6-aef0-42010af00229",
+    "resourceVersion": "164489",
+    "generation": 11,
+    "creationTimestamp": "2016-11-22T20:00:50Z",
+    "labels": {
+      "app": "nginx"
+    },
+    "annotations": {
+      "deployment.kubernetes.io/revision": "5"
+    }
+  },
+  "spec": {
+    "replicas": 3,
+    "selector": {
+      "matchLabels": {
+        "app": "nginx"
+      }
+    },
+    "template": {
+      "metadata": {
+        "creationTimestamp": null,
+        "labels": {
+          "app": "nginx"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "nginx",
+            "image": "nginx:1.16",
+            "ports": [
+              {
+                "containerPort": 80,
+                "protocol": "TCP"
+              }
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "IfNotPresent"
+          }
+        ],
+        "restartPolicy": "Always",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    },
+    "strategy": {
+      "type": "RollingUpdate",
+      "rollingUpdate": {
+        "maxUnavailable": 1,
+        "maxSurge": 1
+      }
+    },
+    "revisionHistoryLimit": 10
+  },
+  "status": {
+    "observedGeneration": 10,
+    "replicas": 3,
+    "updatedReplicas": 3,
+    "availableReplicas": 3
+  }
+}
+
+
    
+
    partially update the specified Deployment
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/deployments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Deployment
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Deployment    		OK
    201
    Deployment    		Created
    
+
    Replace
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ echo 'apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: deployment-example
+spec:
+  replicas: 3
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.16
+        ports:
+        - containerPort: 80
+' | kubectl replace -f -
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X PUT -H 'Content-Type: application/yaml' --data '
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: deployment-example
+spec:
+  replicas: 3
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.16
+        ports:
+        - containerPort: 80
+' http://127.0.0.1:8001/apis/apps/v1/namespaces/default/deployments/deployment-example
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+deployment "deployment-example" replaced
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Deployment",
+  "apiVersion": "apps/v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/apis/apps/v1/namespaces/default/deployments/deployment-example",
+    "uid": "4ccca349-9cb1-11e6-9c54-42010a800148",
+    "resourceVersion": "2119082",
+    "generation": 5,
+    "creationTimestamp": "2016-10-28T01:53:19Z",
+    "labels": {
+      "app": "nginx"
+    }
+  },
+  "spec": {
+    "replicas": 3,
+    "selector": {
+      "matchLabels": {
+        "app": "nginx"
+      }
+    },
+    "template": {
+      "metadata": {
+        "creationTimestamp": null,
+        "labels": {
+          "app": "nginx"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "nginx",
+            "image": "nginx:1.16",
+            "ports": [
+              {
+                "containerPort": 80,
+                "protocol": "TCP"
+              }
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "IfNotPresent"
+          }
+        ],
+        "restartPolicy": "Always",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    },
+    "strategy": {
+      "type": "RollingUpdate",
+      "rollingUpdate": {
+        "maxUnavailable": 1,
+        "maxSurge": 1
+      }
+    },
+    "revisionHistoryLimit": 10
+  },
+  "status": {
+    "observedGeneration": 4,
+    "replicas": 3,
+    "updatedReplicas": 3,
+    "availableReplicas": 3
+  }
+}
+
+
    
+
    replace the specified Deployment
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/deployments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Deployment
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Deployment
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Deployment    		OK
    201
    Deployment    		Created
    
+
    Delete
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl delete deployment deployment-example
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X DELETE -H 'Content-Type: application/yaml' --data '
+gracePeriodSeconds: 0
+orphanDependents: false
+' 'http://127.0.0.1:8001/apis/apps/v1/namespaces/default/deployments/deployment-example'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+deployment "deployment-example" deleted
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Status",
+  "apiVersion": "v1",
+  "metadata": {},
+  "status": "Success",
+  "code": 200
+}
+
+
    
+
    delete a Deployment
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/deployments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Deployment
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Deployment
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/deployments
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get deployment deployment-example -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET http://127.0.0.1:8001/apis/apps/v1/namespaces/default/deployments/deployment-example
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+{
+  "kind": "Deployment",
+  "apiVersion": "apps/v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/apis/apps/v1/namespaces/default/deployments/deployment-example",
+    "uid": "1b33145a-9c63-11e6-9c54-42010a800148",
+    "resourceVersion": "2064726",
+    "generation": 4,
+    "creationTimestamp": "2016-10-27T16:33:35Z",
+    "labels": {
+      "app": "nginx"
+    },
+    "annotations": {
+      "deployment.kubernetes.io/revision": "1"
+    }
+  },
+  "spec": {
+    "replicas": 3,
+    "selector": {
+      "matchLabels": {
+        "app": "nginx"
+      }
+    },
+    "template": {
+      "metadata": {
+        "creationTimestamp": null,
+        "labels": {
+          "app": "nginx"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "nginx",
+            "image": "nginx:1.14",
+            "ports": [
+              {
+                "containerPort": 80,
+                "protocol": "TCP"
+              }
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "IfNotPresent"
+          }
+        ],
+        "restartPolicy": "Always",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    },
+    "strategy": {
+      "type": "RollingUpdate",
+      "rollingUpdate": {
+        "maxUnavailable": 1,
+        "maxSurge": 1
+      }
+    }
+  },
+  "status": {
+    "observedGeneration": 4,
+    "replicas": 3,
+    "updatedReplicas": 3,
+    "availableReplicas": 3
+  }
+}
+
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Deployment",
+  "apiVersion": "apps/v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/apis/apps/v1/namespaces/default/deployments/deployment-example",
+    "uid": "1b33145a-9c63-11e6-9c54-42010a800148",
+    "resourceVersion": "2064726",
+    "generation": 4,
+    "creationTimestamp": "2016-10-27T16:33:35Z",
+    "labels": {
+      "app": "nginx"
+    },
+    "annotations": {
+      "deployment.kubernetes.io/revision": "1"
+    }
+  },
+  "spec": {
+    "replicas": 3,
+    "selector": {
+      "matchLabels": {
+        "app": "nginx"
+      }
+    },
+    "template": {
+      "metadata": {
+        "creationTimestamp": null,
+        "labels": {
+          "app": "nginx"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "nginx",
+            "image": "nginx:1.14",
+            "ports": [
+              {
+                "containerPort": 80,
+                "protocol": "TCP"
+              }
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "IfNotPresent"
+          }
+        ],
+        "restartPolicy": "Always",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    },
+    "strategy": {
+      "type": "RollingUpdate",
+      "rollingUpdate": {
+        "maxUnavailable": 1,
+        "maxSurge": 1
+      }
+    }
+  },
+  "status": {
+    "observedGeneration": 4,
+    "replicas": 3,
+    "updatedReplicas": 3,
+    "availableReplicas": 3
+  }
+}
+
+
    
+
    read the specified Deployment
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/deployments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Deployment
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Deployment    		OK
    
+
    List
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get deployment -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET 'http://127.0.0.1:8001/apis/apps/v1/namespaces/default/deployments'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+{
+  "kind": "List",
+  "apiVersion": "v1",
+  "metadata": {},
+  "items": [
+    {
+      "kind": "Deployment",
+      "apiVersion": "app/v1beta1",
+      "metadata": {
+        "name": "docs",
+        "namespace": "default",
+        "selfLink": "/apis/app/v1beta1/namespaces/default/deployments/docs",
+        "uid": "ef49e1d2-915e-11e6-be81-42010a80003f",
+        "resourceVersion": "1924126",
+        "generation": 21,
+        "creationTimestamp": "2016-10-13T16:06:00Z",
+        "labels": {
+          "run": "docs"
+        },
+        "annotations": {
+          "deployment.kubernetes.io/revision": "10",
+          "replicatingperfection.net/push-image": "true"
+        }
+      },
+      "spec": {
+        "replicas": 1,
+        "selector": {
+          "matchLabels": {
+            "run": "docs"
+          }
+        },
+        "template": {
+          "metadata": {
+            "creationTimestamp": null,
+            "labels": {
+              "auto-pushed-image-pwittrock/api-docs": "1477496453",
+              "run": "docs"
+            }
+          },
+          "spec": {
+            "containers": [
+              {
+                "name": "docs",
+                "image": "pwittrock/api-docs:v9",
+                "resources": {},
+                "terminationMessagePath": "/dev/termination-log",
+                "imagePullPolicy": "Always"
+              }
+            ],
+            "restartPolicy": "Always",
+            "terminationGracePeriodSeconds": 30,
+            "dnsPolicy": "ClusterFirst",
+            "securityContext": {}
+          }
+        },
+        "strategy": {
+          "type": "RollingUpdate",
+          "rollingUpdate": {
+            "maxUnavailable": 1,
+            "maxSurge": 1
+          }
+        }
+      },
+      "status": {
+        "observedGeneration": 21,
+        "replicas": 1,
+        "updatedReplicas": 1,
+        "availableReplicas": 1
+      }
+    },
+    {
+      "kind": "Deployment",
+      "apiVersion": "app/v1beta1",
+      "metadata": {
+        "name": "deployment-example",
+        "namespace": "default",
+        "selfLink": "/apis/app/v1beta1/namespaces/default/deployments/deployment-example",
+        "uid": "1b33145a-9c63-11e6-9c54-42010a800148",
+        "resourceVersion": "2064726",
+        "generation": 4,
+        "creationTimestamp": "2016-10-27T16:33:35Z",
+        "labels": {
+          "app": "nginx"
+        },
+        "annotations": {
+          "deployment.kubernetes.io/revision": "1"
+        }
+      },
+      "spec": {
+        "replicas": 3,
+        "selector": {
+          "matchLabels": {
+            "app": "nginx"
+          }
+        },
+        "template": {
+          "metadata": {
+            "creationTimestamp": null,
+            "labels": {
+              "app": "nginx"
+            }
+          },
+          "spec": {
+            "containers": [
+              {
+                "name": "nginx",
+                "image": "nginx:1.14",
+                "ports": [
+                  {
+                    "containerPort": 80,
+                    "protocol": "TCP"
+                  }
+                ],
+                "resources": {},
+                "terminationMessagePath": "/dev/termination-log",
+                "imagePullPolicy": "IfNotPresent"
+              }
+            ],
+            "restartPolicy": "Always",
+            "terminationGracePeriodSeconds": 30,
+            "dnsPolicy": "ClusterFirst",
+            "securityContext": {}
+          }
+        },
+        "strategy": {
+          "type": "RollingUpdate",
+          "rollingUpdate": {
+            "maxUnavailable": 1,
+            "maxSurge": 1
+          }
+        }
+      },
+      "status": {
+        "observedGeneration": 4,
+        "replicas": 3,
+        "updatedReplicas": 3,
+        "availableReplicas": 3
+      }
+    }
+  ]
+}
+
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "List",
+  "apiVersion": "v1",
+  "metadata": {},
+  "items": [
+    {
+      "kind": "Deployment",
+      "apiVersion": "app/v1beta1",
+      "metadata": {
+        "name": "docs",
+        "namespace": "default",
+        "selfLink": "/apis/app/v1beta1/namespaces/default/deployments/docs",
+        "uid": "ef49e1d2-915e-11e6-be81-42010a80003f",
+        "resourceVersion": "1924126",
+        "generation": 21,
+        "creationTimestamp": "2016-10-13T16:06:00Z",
+        "labels": {
+          "run": "docs"
+        },
+        "annotations": {
+          "deployment.kubernetes.io/revision": "10",
+          "replicatingperfection.net/push-image": "true"
+        }
+      },
+      "spec": {
+        "replicas": 1,
+        "selector": {
+          "matchLabels": {
+            "run": "docs"
+          }
+        },
+        "template": {
+          "metadata": {
+            "creationTimestamp": null,
+            "labels": {
+              "auto-pushed-image-pwittrock/api-docs": "1477496453",
+              "run": "docs"
+            }
+          },
+          "spec": {
+            "containers": [
+              {
+                "name": "docs",
+                "image": "pwittrock/api-docs:v9",
+                "resources": {},
+                "terminationMessagePath": "/dev/termination-log",
+                "imagePullPolicy": "Always"
+              }
+            ],
+            "restartPolicy": "Always",
+            "terminationGracePeriodSeconds": 30,
+            "dnsPolicy": "ClusterFirst",
+            "securityContext": {}
+          }
+        },
+        "strategy": {
+          "type": "RollingUpdate",
+          "rollingUpdate": {
+            "maxUnavailable": 1,
+            "maxSurge": 1
+          }
+        }
+      },
+      "status": {
+        "observedGeneration": 21,
+        "replicas": 1,
+        "updatedReplicas": 1,
+        "availableReplicas": 1
+      }
+    },
+    {
+      "kind": "Deployment",
+      "apiVersion": "app/v1beta1",
+      "metadata": {
+        "name": "deployment-example",
+        "namespace": "default",
+        "selfLink": "/apis/app/v1beta1/namespaces/default/deployments/deployment-example",
+        "uid": "1b33145a-9c63-11e6-9c54-42010a800148",
+        "resourceVersion": "2064726",
+        "generation": 4,
+        "creationTimestamp": "2016-10-27T16:33:35Z",
+        "labels": {
+          "app": "nginx"
+        },
+        "annotations": {
+          "deployment.kubernetes.io/revision": "1"
+        }
+      },
+      "spec": {
+        "replicas": 3,
+        "selector": {
+          "matchLabels": {
+            "app": "nginx"
+          }
+        },
+        "template": {
+          "metadata": {
+            "creationTimestamp": null,
+            "labels": {
+              "app": "nginx"
+            }
+          },
+          "spec": {
+            "containers": [
+              {
+                "name": "nginx",
+                "image": "nginx:1.14",
+                "ports": [
+                  {
+                    "containerPort": 80,
+                    "protocol": "TCP"
+                  }
+                ],
+                "resources": {},
+                "terminationMessagePath": "/dev/termination-log",
+                "imagePullPolicy": "IfNotPresent"
+              }
+            ],
+            "restartPolicy": "Always",
+            "terminationGracePeriodSeconds": 30,
+            "dnsPolicy": "ClusterFirst",
+            "securityContext": {}
+          }
+        },
+        "strategy": {
+          "type": "RollingUpdate",
+          "rollingUpdate": {
+            "maxUnavailable": 1,
+            "maxSurge": 1
+          }
+        }
+      },
+      "status": {
+        "observedGeneration": 4,
+        "replicas": 3,
+        "updatedReplicas": 3,
+        "availableReplicas": 3
+      }
+    }
+  ]
+}
+
+
    
+
    list or watch objects of kind Deployment
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/deployments
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    DeploymentList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Deployment
    
+
    HTTP Request
    
+GET /apis/apps/v1/deployments
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    DeploymentList    		OK
    
+
    Watch
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get deployment deployment-example --watch -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET 'http://127.0.0.1:8001/apis/apps/v1/watch/namespaces/default/deployments/deployment-example'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+{
+	"type": "ADDED",
+	"object": {
+		"kind": "Deployment",
+		"apiVersion": "apps/v1",
+		"metadata": {
+			"name": "deployment-example",
+			"namespace": "default",
+			"selfLink": "/apis/apps/v1/namespaces/default/deployments/deployment-example",
+			"uid": "64c12290-9cbf-11e6-9c54-42010a800148",
+			"resourceVersion": "2128095",
+			"generation": 2,
+			"creationTimestamp": "2016-10-28T03:34:12Z",
+			"labels": {
+				"app": "nginx"
+			},
+			"annotations": {
+				"deployment.kubernetes.io/revision": "3"
+			}
+		},
+		"spec": {
+			"replicas": 3,
+			"selector": {
+				"matchLabels": {
+					"app": "nginx"
+				}
+			},
+			"template": {
+				"metadata": {
+					"creationTimestamp": null,
+					"labels": {
+						"app": "nginx"
+					}
+				},
+				"spec": {
+					"containers": [
+						{
+							"name": "nginx",
+							"image": "nginx:1.14",
+							"ports": [
+								{
+									"containerPort": 80,
+									"protocol": "TCP"
+								}
+							],
+							"resources": {
+							},
+							"terminationMessagePath": "/dev/termination-log",
+							"imagePullPolicy": "IfNotPresent"
+						}
+					],
+					"restartPolicy": "Always",
+					"terminationGracePeriodSeconds": 30,
+					"dnsPolicy": "ClusterFirst",
+					"securityContext": {
+					}
+				}
+			},
+			"strategy": {
+				"type": "RollingUpdate",
+				"rollingUpdate": {
+					"maxUnavailable": 1,
+					"maxSurge": 1
+				}
+			}
+		},
+		"status": {
+			"observedGeneration": 2,
+			"replicas": 3,
+			"updatedReplicas": 3,
+			"availableReplicas": 3
+		}
+	}
+}
+
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+	"type": "ADDED",
+	"object": {
+		"kind": "Deployment",
+		"apiVersion": "apps/v1",
+		"metadata": {
+			"name": "deployment-example",
+			"namespace": "default",
+			"selfLink": "/apis/apps/v1/namespaces/default/deployments/deployment-example",
+			"uid": "64c12290-9cbf-11e6-9c54-42010a800148",
+			"resourceVersion": "2128095",
+			"generation": 2,
+			"creationTimestamp": "2016-10-28T03:34:12Z",
+			"labels": {
+				"app": "nginx"
+			},
+			"annotations": {
+				"deployment.kubernetes.io/revision": "3"
+			}
+		},
+		"spec": {
+			"replicas": 3,
+			"selector": {
+				"matchLabels": {
+					"app": "nginx"
+				}
+			},
+			"template": {
+				"metadata": {
+					"creationTimestamp": null,
+					"labels": {
+						"app": "nginx"
+					}
+				},
+				"spec": {
+					"containers": [
+						{
+							"name": "nginx",
+							"image": "nginx:1.14",
+							"ports": [
+								{
+									"containerPort": 80,
+									"protocol": "TCP"
+								}
+							],
+							"resources": {
+							},
+							"terminationMessagePath": "/dev/termination-log",
+							"imagePullPolicy": "IfNotPresent"
+						}
+					],
+					"restartPolicy": "Always",
+					"terminationGracePeriodSeconds": 30,
+					"dnsPolicy": "ClusterFirst",
+					"securityContext": {
+					}
+				}
+			},
+			"strategy": {
+				"type": "RollingUpdate",
+				"rollingUpdate": {
+					"maxUnavailable": 1,
+					"maxSurge": 1
+				}
+			}
+		},
+		"status": {
+			"observedGeneration": 2,
+			"replicas": 3,
+			"updatedReplicas": 3,
+			"availableReplicas": 3
+		}
+	}
+}
+
+
    
+
    watch changes to an object of kind Deployment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/deployments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Deployment
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/deployments
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Deployment. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/deployments
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified Deployment
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/deployments/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Deployment
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Deployment    		OK
    201
    Deployment    		Created
    
+
    Read Status
    
+
    read status of the specified Deployment
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/deployments/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Deployment
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Deployment    		OK
    
+
    Replace Status
    
+
    replace status of the specified Deployment
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/deployments/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Deployment
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Deployment
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Deployment    		OK
    201
    Deployment    		Created
    
+
    Misc Operations
    
+
    Read Scale
    
+
    read scale of the specified Deployment
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/deployments/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    
+
    Replace Scale
    
+
    replace scale of the specified Deployment
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/deployments/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Scale
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    201
    Scale    		Created
    
+
    Patch Scale
    
+
    partially update scale of the specified Deployment
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/deployments/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    201
    Scale    		Created
    
+
    Job v1 batch
    
+
+
    
+  
    
+
    Job Config to print pi up to 2000 digits (then exit).
    
+  
    
+
    
+apiVersion: batch/v1
+kind: Job
+metadata:
+  # Unique key of the Job instance
+  name: example-job
+spec:
+  template:
+    metadata:
+      name: example-job
+    spec:
+      containers:
+      - name: pi
+        image: perl
+        command: ["perl"]
+        args: ["-Mbignum=bpi", "-wle", "print bpi(2000)"]
+      # Do not restart containers after they exit
+      restartPolicy: Never
+
+
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1Job
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    JobSpec    		Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    JobStatus    		Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    JobSpec v1 batch
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    activeDeadlineSeconds
    integer    		Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. If a Job is suspended (at creation or through an update), this timer will effectively be stopped and reset when the Job is resumed again.
    backoffLimit
    integer    		Specifies the number of retries before marking this job failed. Defaults to 6
    completionMode
    string    		completionMode specifies how Pod completions are tracked. It can be `NonIndexed` (default) or `Indexed`.  `NonIndexed` means that the Job is considered complete when there have been .spec.completions successfully completed Pods. Each Pod completion is homologous to each other.  `Indexed` means that the Pods of a Job get an associated completion index from 0 to (.spec.completions - 1), available in the annotation batch.kubernetes.io/job-completion-index. The Job is considered complete when there is one successfully completed Pod for each index. When value is `Indexed`, .spec.completions must be specified and `.spec.parallelism` must be less than or equal to 10^5. In addition, The Pod name takes the form `$(job-name)-$(index)-$(random-string)`, the Pod hostname takes the form `$(job-name)-$(index)`.  More completion modes can be added in the future. If the Job controller observes a mode that it doesn't recognize, which is possible during upgrades due to version skew, the controller skips updates for the Job.
    completions
    integer    		Specifies the desired number of successfully finished pods the job should be run with.  Setting to null means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value.  Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
    manualSelector
    boolean    		manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` unset unless you are certain what you are doing. When false or unset, the system pick labels unique to this job and appends those labels to the pod template.  When true, the user is responsible for picking unique labels and specifying the selector.  Failure to pick a unique label may cause this and other jobs to not function correctly.  However, You may see `manualSelector=true` in jobs that were created with the old `extensions/v1beta1` API. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector
    parallelism
    integer    		Specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
    podFailurePolicy
    PodFailurePolicy    		Specifies the policy of handling failed pods. In particular, it allows to specify the set of actions and conditions which need to be satisfied to take the associated action. If empty, the default behaviour applies - the counter of failed pods, represented by the jobs's .status.failed field, is incremented and it is checked against the backoffLimit. This field cannot be used in combination with restartPolicy=OnFailure.  This field is alpha-level. To use this field, you must enable the `JobPodFailurePolicy` feature gate (disabled by default).
    selector
    LabelSelector    		A label query over pods that should match the pod count. Normally, the system sets this field for you. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
    suspend
    boolean    		suspend specifies whether the Job controller should create Pods or not. If a Job is created with suspend set to true, no Pods are created by the Job controller. If a Job is suspended after creation (i.e. the flag goes from false to true), the Job controller will delete all active Pods associated with this Job. Users must design their workload to gracefully handle this. Suspending a Job will reset the StartTime field of the Job, effectively resetting the ActiveDeadlineSeconds timer too. Defaults to false.
    template
    PodTemplateSpec    		Describes the pod that will be created when executing a job. The only allowed template.spec.restartPolicy values are "Never" or "OnFailure". More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
    ttlSecondsAfterFinished
    integer    		ttlSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Job won't be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes.
    
+
    JobStatus v1 batch
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    active
    integer    		The number of pending and running pods.
    completedIndexes
    string    		completedIndexes holds the completed indexes when .spec.completionMode = "Indexed" in a text format. The indexes are represented as decimal integers separated by commas. The numbers are listed in increasing order. Three or more consecutive numbers are compressed and represented by the first and last element of the series, separated by a hyphen. For example, if the completed indexes are 1, 3, 4, 5 and 7, they are represented as "1,3-5,7".
    completionTime
    Time    		Represents time when the job was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. The completion time is only set when the job finishes successfully.
    conditions
    JobCondition array
    patch strategy: merge
    patch merge key: type    		The latest available observations of an object's current state. When a Job fails, one of the conditions will have type "Failed" and status true. When a Job is suspended, one of the conditions will have type "Suspended" and status true; when the Job is resumed, the status of this condition will become false. When a Job is completed, one of the conditions will have type "Complete" and status true. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
    failed
    integer    		The number of pods which reached phase Failed.
    ready
    integer    		The number of pods which have a Ready condition.  This field is beta-level. The job controller populates the field when the feature gate JobReadyPods is enabled (enabled by default).
    startTime
    Time    		Represents time when the job controller started processing a job. When a Job is created in the suspended state, this field is not set until the first time it is resumed. This field is reset every time a Job is resumed from suspension. It is represented in RFC3339 form and is in UTC.
    succeeded
    integer    		The number of pods which reached phase Succeeded.
    uncountedTerminatedPods
    UncountedTerminatedPods    		uncountedTerminatedPods holds the UIDs of Pods that have terminated but the job controller hasn't yet accounted for in the status counters.  The job controller creates pods with a finalizer. When a pod terminates (succeeded or failed), the controller does three steps to account for it in the job status:  1. Add the pod UID to the arrays in this field. 2. Remove the pod finalizer. 3. Remove the pod UID from the arrays while increasing the corresponding     counter.  Old jobs might not be tracked using this field, in which case the field remains null.
    
+
    JobList v1 batch
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Job array    		items is the list of Jobs.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ echo 'apiVersion: batch/v1
+kind: Job
+metadata:
+  name: example-job
+spec:
+  template:
+    metadata:
+      name: example-job
+    spec:
+      containers:
+      - name: pi
+        image: perl
+        command: ["perl",  "-Mbignum=bpi", "-wle", "print bpi(2000)"]
+      restartPolicy: Never
+' | kubectl create -f -
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X POST -H 'Content-Type: application/yaml' --data '
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: example-job
+spec:
+  template:
+    metadata:
+      name: example-job
+    spec:
+      containers:
+      - name: pi
+        image: perl
+        command: ["perl",  "-Mbignum=bpi", "-wle", "print bpi(2000)"]
+      restartPolicy: Never
+' http://127.0.0.1:8001/apis/batch/v1/namespaces/default/jobs
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+job "example-job" created
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Job",
+  "apiVersion": "batch/v1",
+  "metadata": {
+    "name": "example-job",
+    "namespace": "default",
+    "selfLink": "/apis/batch/v1/namespaces/default/jobs/example-job",
+    "uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+    "resourceVersion": "7479",
+    "creationTimestamp": "2016-11-04T18:45:25Z"
+  },
+  "spec": {
+    "parallelism": 1,
+    "completions": 1,
+    "selector": {
+      "matchLabels": {
+        "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7"
+      }
+    },
+    "template": {
+      "metadata": {
+        "name": "example-job",
+        "creationTimestamp": null,
+        "labels": {
+          "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+          "job-name": "example-job"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "pi",
+            "image": "perl",
+            "command": [
+              "perl",
+              "-Mbignum=bpi",
+              "-wle",
+              "print bpi(2000)"
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "Always"
+          }
+        ],
+        "restartPolicy": "Never",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    }
+  },
+  "status": {}
+}
+
    
+
    create a Job
    
+
    HTTP Request
    
+POST /apis/batch/v1/namespaces/{namespace}/jobs
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Job
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Job    		OK
    201
    Job    		Created
    202
    Job    		Accepted
    
+
    Patch
    
+
    partially update the specified Job
    
+
    HTTP Request
    
+PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Job
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Job    		OK
    201
    Job    		Created
    
+
    Replace
    
+
    replace the specified Job
    
+
    HTTP Request
    
+PUT /apis/batch/v1/namespaces/{namespace}/jobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Job
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Job
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Job    		OK
    201
    Job    		Created
    
+
    Delete
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl delete job example-job
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X DELETE -H 'Content-Type: application/yaml' --data '
+gracePeriodSeconds: 0
+orphanDependents: false
+' 'http://127.0.0.1:8001/apis/batch/v1/namespaces/default/jobs/example-job'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+job "example-job" deleted
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Status",
+  "apiVersion": "v1",
+  "metadata": {},
+  "status": "Success",
+  "code": 200
+}
+
+
    
+
    delete a Job
    
+
    HTTP Request
    
+DELETE /apis/batch/v1/namespaces/{namespace}/jobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Job
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Job
    
+
    HTTP Request
    
+DELETE /apis/batch/v1/namespaces/{namespace}/jobs
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get job example-job -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET http://127.0.0.1:8001/apis/batch/v1/namespaces/default/jobs/example-job
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+{
+  "kind": "Job",
+  "apiVersion": "batch/v1",
+  "metadata": {
+    "name": "example-job",
+    "namespace": "default",
+    "selfLink": "/apis/batch/v1/namespaces/default/jobs/example-job",
+    "uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+    "resourceVersion": "7482",
+    "creationTimestamp": "2016-11-04T18:45:25Z"
+  },
+  "spec": {
+    "parallelism": 1,
+    "completions": 1,
+    "selector": {
+      "matchLabels": {
+        "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7"
+      }
+    },
+    "template": {
+      "metadata": {
+        "name": "example-job",
+        "creationTimestamp": null,
+        "labels": {
+          "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+          "job-name": "example-job"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "pi",
+            "image": "perl",
+            "command": [
+              "perl",
+              "-Mbignum=bpi",
+              "-wle",
+              "print bpi(2000)"
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "Always"
+          }
+        ],
+        "restartPolicy": "Never",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    }
+  },
+  "status": {
+    "startTime": "2016-11-04T18:45:25Z",
+    "active": 1
+  }
+}
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Job",
+  "apiVersion": "batch/v1",
+  "metadata": {
+    "name": "example-job",
+    "namespace": "default",
+    "selfLink": "/apis/batch/v1/namespaces/default/jobs/example-job",
+    "uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+    "resourceVersion": "7482",
+    "creationTimestamp": "2016-11-04T18:45:25Z"
+  },
+  "spec": {
+    "parallelism": 1,
+    "completions": 1,
+    "selector": {
+      "matchLabels": {
+        "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7"
+      }
+    },
+    "template": {
+      "metadata": {
+        "name": "example-job",
+        "creationTimestamp": null,
+        "labels": {
+          "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+          "job-name": "example-job"
+        }
+      },
+      "spec": {
+        "containers": [
+          {
+            "name": "pi",
+            "image": "perl",
+            "command": [
+              "perl",
+              "-Mbignum=bpi",
+              "-wle",
+              "print bpi(2000)"
+            ],
+            "resources": {},
+            "terminationMessagePath": "/dev/termination-log",
+            "imagePullPolicy": "Always"
+          }
+        ],
+        "restartPolicy": "Never",
+        "terminationGracePeriodSeconds": 30,
+        "dnsPolicy": "ClusterFirst",
+        "securityContext": {}
+      }
+    }
+  },
+  "status": {
+    "startTime": "2016-11-04T18:45:25Z",
+    "active": 1
+  }
+}
+
    
+
    read the specified Job
    
+
    HTTP Request
    
+GET /apis/batch/v1/namespaces/{namespace}/jobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Job
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Job    		OK
    
+
    List
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get job -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET 'http://127.0.0.1:8001/apis/batch/v1/namespaces/default/jobs'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+{
+  "kind": "JobList",
+  "apiVersion": "batch/v1",
+  "metadata": {
+    "selfLink": "/apis/batch/v1/namespaces/default/jobs",
+    "resourceVersion": "7589"
+  },
+  "items": [
+    {
+      "metadata": {
+        "name": "",
+        "namespace": "default",
+        "selfLink": "/apis/batch/v1/namespaces/default/jobs/",
+        "uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+        "resourceVersion": "7482",
+        "creationTimestamp": "2016-11-04T18:45:25Z"
+      },
+      "spec": {
+        "parallelism": 1,
+        "completions": 1,
+        "selector": {
+          "matchLabels": {
+            "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7"
+          }
+        },
+        "template": {
+          "metadata": {
+            "name": "",
+            "creationTimestamp": null,
+            "labels": {
+              "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+              "job-name": ""
+            }
+          },
+          "spec": {
+            "containers": [
+              {
+                "name": "pi",
+                "image": "perl",
+                "command": [
+                  "perl",
+                  "-Mbignum=bpi",
+                  "-wle",
+                  "print bpi(2000)"
+                ],
+                "resources": {},
+                "terminationMessagePath": "/dev/termination-log",
+                "imagePullPolicy": "Always"
+              }
+            ],
+            "restartPolicy": "Never",
+            "terminationGracePeriodSeconds": 30,
+            "dnsPolicy": "ClusterFirst",
+            "securityContext": {}
+          }
+        }
+      },
+      "status": {
+        "startTime": "2016-11-04T18:45:25Z",
+        "active": 1
+      }
+    }
+  ]
+}
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "JobList",
+  "apiVersion": "batch/v1",
+  "metadata": {
+    "selfLink": "/apis/batch/v1/namespaces/default/jobs",
+    "resourceVersion": "7589"
+  },
+  "items": [
+    {
+      "metadata": {
+        "name": "",
+        "namespace": "default",
+        "selfLink": "/apis/batch/v1/namespaces/default/jobs/",
+        "uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+        "resourceVersion": "7482",
+        "creationTimestamp": "2016-11-04T18:45:25Z"
+      },
+      "spec": {
+        "parallelism": 1,
+        "completions": 1,
+        "selector": {
+          "matchLabels": {
+            "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7"
+          }
+        },
+        "template": {
+          "metadata": {
+            "name": "",
+            "creationTimestamp": null,
+            "labels": {
+              "controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+              "job-name": ""
+            }
+          },
+          "spec": {
+            "containers": [
+              {
+                "name": "pi",
+                "image": "perl",
+                "command": [
+                  "perl",
+                  "-Mbignum=bpi",
+                  "-wle",
+                  "print bpi(2000)"
+                ],
+                "resources": {},
+                "terminationMessagePath": "/dev/termination-log",
+                "imagePullPolicy": "Always"
+              }
+            ],
+            "restartPolicy": "Never",
+            "terminationGracePeriodSeconds": 30,
+            "dnsPolicy": "ClusterFirst",
+            "securityContext": {}
+          }
+        }
+      },
+      "status": {
+        "startTime": "2016-11-04T18:45:25Z",
+        "active": 1
+      }
+    }
+  ]
+}
+
    
+
    list or watch objects of kind Job
    
+
    HTTP Request
    
+GET /apis/batch/v1/namespaces/{namespace}/jobs
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    JobList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Job
    
+
    HTTP Request
    
+GET /apis/batch/v1/jobs
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    JobList    		OK
    
+
    Watch
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get job example-job --watch -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET 'http://127.0.0.1:8001/apis/batch/v1/watch/namespaces/default/jobs/example-job'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+{
+	"type": "ADDED",
+	"object": {
+		"kind": "Job",
+		"apiVersion": "batch/v1",
+		"metadata": {
+			"name": "example-job",
+			"namespace": "default",
+			"selfLink": "/apis/batch/v1/namespaces/default/jobs/example-job",
+			"uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+			"resourceVersion": "7482",
+			"creationTimestamp": "2016-11-04T18:45:25Z"
+		},
+		"spec": {
+			"parallelism": 1,
+			"completions": 1,
+			"selector": {
+				"matchLabels": {
+					"controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7"
+				}
+			},
+			"template": {
+				"metadata": {
+					"name": "example-job",
+					"creationTimestamp": null,
+					"labels": {
+						"controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+						"job-name": "example-job"
+					}
+				},
+				"spec": {
+					"containers": [
+						{
+							"name": "pi",
+							"image": "perl",
+							"command": [
+								"perl",
+								"-Mbignum=bpi",
+								"-wle",
+								"print bpi(2000)"
+							],
+							"resources": {
+							},
+							"terminationMessagePath": "/dev/termination-log",
+							"imagePullPolicy": "Always"
+						}
+					],
+					"restartPolicy": "Never",
+					"terminationGracePeriodSeconds": 30,
+					"dnsPolicy": "ClusterFirst",
+					"securityContext": {
+					}
+				}
+			}
+		},
+		"status": {
+			"startTime": "2016-11-04T18:45:25Z",
+			"active": 1
+		}
+	}
+}
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+	"type": "ADDED",
+	"object": {
+		"kind": "Job",
+		"apiVersion": "batch/v1",
+		"metadata": {
+			"name": "example-job",
+			"namespace": "default",
+			"selfLink": "/apis/batch/v1/namespaces/default/jobs/example-job",
+			"uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+			"resourceVersion": "7482",
+			"creationTimestamp": "2016-11-04T18:45:25Z"
+		},
+		"spec": {
+			"parallelism": 1,
+			"completions": 1,
+			"selector": {
+				"matchLabels": {
+					"controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7"
+				}
+			},
+			"template": {
+				"metadata": {
+					"name": "example-job",
+					"creationTimestamp": null,
+					"labels": {
+						"controller-uid": "d93a3569-a2be-11e6-a008-fa043d458cc7",
+						"job-name": "example-job"
+					}
+				},
+				"spec": {
+					"containers": [
+						{
+							"name": "pi",
+							"image": "perl",
+							"command": [
+								"perl",
+								"-Mbignum=bpi",
+								"-wle",
+								"print bpi(2000)"
+							],
+							"resources": {
+							},
+							"terminationMessagePath": "/dev/termination-log",
+							"imagePullPolicy": "Always"
+						}
+					],
+					"restartPolicy": "Never",
+					"terminationGracePeriodSeconds": 30,
+					"dnsPolicy": "ClusterFirst",
+					"securityContext": {
+					}
+				}
+			}
+		},
+		"status": {
+			"startTime": "2016-11-04T18:45:25Z",
+			"active": 1
+		}
+	}
+}
+
    
+
    watch changes to an object of kind Job. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/batch/v1/watch/namespaces/{namespace}/jobs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Job
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Job. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/batch/v1/watch/namespaces/{namespace}/jobs
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Job. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/batch/v1/watch/jobs
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified Job
    
+
    HTTP Request
    
+PATCH /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Job
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Job    		OK
    201
    Job    		Created
    
+
    Read Status
    
+
    read status of the specified Job
    
+
    HTTP Request
    
+GET /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Job
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Job    		OK
    
+
    Replace Status
    
+
    replace status of the specified Job
    
+
    HTTP Request
    
+PUT /apis/batch/v1/namespaces/{namespace}/jobs/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Job
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Job
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Job    		OK
    201
    Job    		Created
    
+
    Pod v1 core
    
+
+
    
+  
    
+
    Pod Config to print "Hello World".
    
+  
    
+
    
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod-example
+spec:
+  containers:
+  - name: ubuntu
+    image: ubuntu:trusty
+    command: ["echo"]
+    args: ["Hello World"]
+
+
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Pod
    
+
     Warning:
    It is recommended that users create Pods only through a Controller, and not directly.  See Controllers: Deployment, Job, or StatefulSet.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    PodSpec    		Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    PodStatus    		Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    PodSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    activeDeadlineSeconds
    integer    		Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer.
    affinity
    Affinity    		If specified, the pod's scheduling constraints
    automountServiceAccountToken
    boolean    		AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.
    containers
    Container array
    patch strategy: merge
    patch merge key: name    		List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.
    dnsConfig
    PodDNSConfig    		Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.
    dnsPolicy
    string    		Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.
    enableServiceLinks
    boolean    		EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true.
    ephemeralContainers
    EphemeralContainer array
    patch strategy: merge
    patch merge key: name    		List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource.
    hostAliases
    HostAlias array
    patch strategy: merge
    patch merge key: ip    		HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.
    hostIPC
    boolean    		Use the host's ipc namespace. Optional: Default to false.
    hostNetwork
    boolean    		Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.
    hostPID
    boolean    		Use the host's pid namespace. Optional: Default to false.
    hostUsers
    boolean    		Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.
    hostname
    string    		Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.
    imagePullSecrets
    LocalObjectReference array
    patch strategy: merge
    patch merge key: name    		ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
    initContainers
    Container array
    patch strategy: merge
    patch merge key: name    		List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
    nodeName
    string    		NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.
    nodeSelector
    object    		NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
    os
    PodOS    		Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.  If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions  If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup
    overhead
    object    		Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md
    preemptionPolicy
    string    		PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.
    priority
    integer    		The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority.
    priorityClassName
    string    		If specified, indicates the pod's priority. "system-node-critical" and "system-cluster-critical" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.
    readinessGates
    PodReadinessGate array    		If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates
    resourceClaims
    PodResourceClaim array
    patch strategy: merge,retainKeys
    patch merge key: name    		ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.  This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.  This field is immutable.
    restartPolicy
    string    		Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
    runtimeClassName
    string    		RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod.  If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class
    schedulerName
    string    		If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
    schedulingGates
    PodSchedulingGate array
    patch strategy: merge
    patch merge key: name    		SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.  SchedulingGates can only be set at pod creation time, and be removed only afterwards.  This is a beta feature enabled by the PodSchedulingReadiness feature gate.
    securityContext
    PodSecurityContext    		SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty.  See type description for default values of each field.
    serviceAccount
    string    		DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.
    serviceAccountName
    string    		ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
    setHostnameAsFQDN
    boolean    		If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.
    shareProcessNamespace
    boolean    		Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false.
    subdomain
    string    		If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>". If not specified, the pod will not have a domainname at all.
    terminationGracePeriodSeconds
    integer    		Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds.
    tolerations
    Toleration array    		If specified, the pod's tolerations.
    topologySpreadConstraints
    TopologySpreadConstraint array
    patch strategy: merge
    patch merge key: topologyKey    		TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed.
    volumes
    Volume array
    patch strategy: merge,retainKeys
    patch merge key: name    		List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes
    
+
    PodStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    conditions
    PodCondition array
    patch strategy: merge
    patch merge key: type    		Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
    containerStatuses
    ContainerStatus array    		The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status
    ephemeralContainerStatuses
    ContainerStatus array    		Status for any ephemeral containers that have run in this pod.
    hostIP
    string    		IP address of the host to which the pod is assigned. Empty if not yet scheduled.
    initContainerStatuses
    ContainerStatus array    		The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status
    message
    string    		A human readable message indicating details about why the pod is in this condition.
    nominatedNodeName
    string    		nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be scheduled right away as preemption victims receive their graceful termination periods. This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to give the resources on this node to a higher priority pod that is created after preemption. As a result, this field may be different than PodSpec.nodeName when the pod is scheduled.
    phase
    string    		The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:  Pending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.  More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase
    podIP
    string    		IP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.
    podIPs
    PodIP array
    patch strategy: merge
    patch merge key: ip    		podIPs holds the IP addresses allocated to the pod. If this field is specified, the 0th entry must match the podIP field. Pods may be allocated at most 1 value for each of IPv4 and IPv6. This list is empty if no IPs have been allocated yet.
    qosClass
    string    		The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes
    reason
    string    		A brief CamelCase message indicating details about why the pod is in this state. e.g. 'Evicted'
    resize
    string    		Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to "Proposed"
    startTime
    Time    		RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.
    
+
    PodList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Pod array    		List of pods. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a Pod
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/pods
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Pod
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    201
    Pod    		Created
    202
    Pod    		Accepted
    
+
    Create Eviction
    
+
    create eviction of a Pod
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/pods/{name}/eviction
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Eviction
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Eviction
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Eviction    		OK
    201
    Eviction    		Created
    202
    Eviction    		Accepted
    
+
    Patch
    
+
    partially update the specified Pod
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/pods/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    201
    Pod    		Created
    
+
    Replace
    
+
    replace the specified Pod
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/pods/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Pod
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    201
    Pod    		Created
    
+
    Delete
    
+
    delete a Pod
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/pods/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    202
    Pod    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Pod
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/pods
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Pod
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/pods/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    
+
    List
    
+
    list or watch objects of kind Pod
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/pods
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Pod
    
+
    HTTP Request
    
+GET /api/v1/pods
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Pod. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/pods/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Pod. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/pods
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Pod. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/pods
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified Pod
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/pods/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    201
    Pod    		Created
    
+
    Read Status
    
+
    read status of the specified Pod
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/pods/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    
+
    Replace Status
    
+
    replace status of the specified Pod
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/pods/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Pod
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    201
    Pod    		Created
    
+
    EphemeralContainers Operations
    
+
    Patch EphemeralContainers
    
+
    partially update ephemeralcontainers of the specified Pod
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/pods/{name}/ephemeralcontainers
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    201
    Pod    		Created
    
+
    Read EphemeralContainers
    
+
    read ephemeralcontainers of the specified Pod
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/pods/{name}/ephemeralcontainers
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    
+
    Replace EphemeralContainers
    
+
    replace ephemeralcontainers of the specified Pod
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/pods/{name}/ephemeralcontainers
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Pod
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Pod    		OK
    201
    Pod    		Created
    
+
    Proxy Operations
    
+
    Create Connect Portforward
    
+
    connect POST requests to portforward of Pod
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/pods/{name}/portforward
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodPortForwardOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    portsList of ports to forward Required when using WebSockets
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Create Connect Proxy
    
+
    connect POST requests to proxy of Pod
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/pods/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Create Connect Proxy Path
    
+
    connect POST requests to proxy of Pod
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/pods/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Delete Connect Proxy
    
+
    connect DELETE requests to proxy of Pod
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/pods/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Delete Connect Proxy Path
    
+
    connect DELETE requests to proxy of Pod
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/pods/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Get Connect Portforward
    
+
    connect GET requests to portforward of Pod
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/pods/{name}/portforward
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodPortForwardOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    portsList of ports to forward Required when using WebSockets
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Get Connect Proxy
    
+
    connect GET requests to proxy of Pod
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/pods/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Get Connect Proxy Path
    
+
    connect GET requests to proxy of Pod
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/pods/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Head Connect Proxy
    
+
    connect HEAD requests to proxy of Pod
    
+
    HTTP Request
    
+HEAD /api/v1/namespaces/{namespace}/pods/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Head Connect Proxy Path
    
+
    connect HEAD requests to proxy of Pod
    
+
    HTTP Request
    
+HEAD /api/v1/namespaces/{namespace}/pods/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Replace Connect Proxy
    
+
    connect PUT requests to proxy of Pod
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/pods/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Replace Connect Proxy Path
    
+
    connect PUT requests to proxy of Pod
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/pods/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to pod.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Misc Operations
    
+
    Read Log
    
+
    read log of the specified Pod
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/pods/{name}/log
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Pod
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    containerThe container for which to stream logs. Defaults to only container if there is one container in the pod.
    followFollow the log stream of the pod. Defaults to false.
    insecureSkipTLSVerifyBackendinsecureSkipTLSVerifyBackend indicates that the apiserver should not confirm the validity of the serving certificate of the backend it is connecting to.  This will make the HTTPS connection between the apiserver and the backend insecure. This means the apiserver cannot verify the log data it is receiving came from the real kubelet.  If the kubelet is configured to verify the apiserver's TLS credentials, it does not mean the connection to the real kubelet is vulnerable to a man in the middle attack (e.g. an attacker could not intercept the actual log data coming from the real kubelet).
    limitBytesIf set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit.
    prettyIf 'true', then the output is pretty printed.
    previousReturn previous terminated container logs. Defaults to false.
    sinceSecondsA relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned. Only one of sinceSeconds or sinceTime may be specified.
    tailLinesIf set, the number of lines from the end of the logs to show. If not specified, logs are shown from the creation of the container or sinceSeconds or sinceTime
    timestampsIf true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line of log output. Defaults to false.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    ReplicaSet v1 apps
    
+
+
    
+  
    
+
    ReplicaSet Config to run 3 nginx instances.
    
+  
    
+
    
+apiVersion: apps/v1
+kind: ReplicaSet
+metadata:
+  # Unique key of the ReplicaSet instance
+  name: replicaset-example
+spec:
+  # 3 Pods should exist at all times.
+  replicas: 3
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      # Run the nginx image
+      - name: nginx
+        image: nginx:1.14
+
+
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1ReplicaSet
    
+
     Warning:
    In many cases it is recommended to create a Deployment instead of ReplicaSet.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    ReplicaSetSpec    		Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    ReplicaSetStatus    		Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    ReplicaSetSpec v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    minReadySeconds
    integer    		Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
    replicas
    integer    		Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
    selector
    LabelSelector    		Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
    template
    PodTemplateSpec    		Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
    
+
    ReplicaSetStatus v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    availableReplicas
    integer    		The number of available replicas (ready for at least minReadySeconds) for this replica set.
    conditions
    ReplicaSetCondition array
    patch strategy: merge
    patch merge key: type    		Represents the latest available observations of a replica set's current state.
    fullyLabeledReplicas
    integer    		The number of pods that have labels matching the labels of the pod template of the replicaset.
    observedGeneration
    integer    		ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
    readyReplicas
    integer    		readyReplicas is the number of pods targeted by this ReplicaSet with a Ready Condition.
    replicas
    integer    		Replicas is the most recently observed number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
    
+
    ReplicaSetList v1 apps
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ReplicaSet array    		List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a ReplicaSet
    
+
    HTTP Request
    
+POST /apis/apps/v1/namespaces/{namespace}/replicasets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ReplicaSet
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSet    		OK
    201
    ReplicaSet    		Created
    202
    ReplicaSet    		Accepted
    
+
    Patch
    
+
    partially update the specified ReplicaSet
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/replicasets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicaSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSet    		OK
    201
    ReplicaSet    		Created
    
+
    Replace
    
+
    replace the specified ReplicaSet
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/replicasets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicaSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ReplicaSet
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSet    		OK
    201
    ReplicaSet    		Created
    
+
    Delete
    
+
    delete a ReplicaSet
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/replicasets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicaSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ReplicaSet
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/replicasets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ReplicaSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/replicasets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicaSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSet    		OK
    
+
    List
    
+
    list or watch objects of kind ReplicaSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/replicasets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSetList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ReplicaSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/replicasets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSetList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/replicasets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicaSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/replicasets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ReplicaSet. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/replicasets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified ReplicaSet
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/replicasets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicaSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSet    		OK
    201
    ReplicaSet    		Created
    
+
    Read Status
    
+
    read status of the specified ReplicaSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/replicasets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicaSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSet    		OK
    
+
    Replace Status
    
+
    replace status of the specified ReplicaSet
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/replicasets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicaSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ReplicaSet
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicaSet    		OK
    201
    ReplicaSet    		Created
    
+
    Misc Operations
    
+
    Read Scale
    
+
    read scale of the specified ReplicaSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/replicasets/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    
+
    Replace Scale
    
+
    replace scale of the specified ReplicaSet
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/replicasets/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Scale
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    201
    Scale    		Created
    
+
    Patch Scale
    
+
    partially update scale of the specified ReplicaSet
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/replicasets/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    201
    Scale    		Created
    
+
    ReplicationController v1 core
    
+
+
    
+  
    
+
    ReplicationController Config to run 3 nginx instances.
    
+  
    
+
    
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  # Unique key of the ReplicationController instance
+  name: replicationcontroller-example
+spec:
+  # 3 Pods should exist at all times.
+  replicas: 3
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      # Run the nginx image
+      - name: nginx
+        image: nginx:1.14
+
+
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ReplicationController
    
+
     Warning:
    In many cases it is recommended to create a Deployment instead of a ReplicationController.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		If the Labels of a ReplicationController are empty, they are defaulted to be the same as the Pod(s) that the replication controller manages. Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    ReplicationControllerSpec    		Spec defines the specification of the desired behavior of the replication controller. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    ReplicationControllerStatus    		Status is the most recently observed status of the replication controller. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    ReplicationControllerSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    minReadySeconds
    integer    		Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
    replicas
    integer    		Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
    selector
    object    		Selector is a label query over pods that should match the Replicas count. If Selector is empty, it is defaulted to the labels present on the Pod template. Label keys and values that must match in order to be controlled by this replication controller, if empty defaulted to labels on Pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
    template
    PodTemplateSpec    		Template is the object that describes the pod that will be created if insufficient replicas are detected. This takes precedence over a TemplateRef. The only allowed template.spec.restartPolicy value is "Always". More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
    
+
    ReplicationControllerStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    availableReplicas
    integer    		The number of available replicas (ready for at least minReadySeconds) for this replication controller.
    conditions
    ReplicationControllerCondition array
    patch strategy: merge
    patch merge key: type    		Represents the latest available observations of a replication controller's current state.
    fullyLabeledReplicas
    integer    		The number of pods that have labels matching the labels of the pod template of the replication controller.
    observedGeneration
    integer    		ObservedGeneration reflects the generation of the most recently observed replication controller.
    readyReplicas
    integer    		The number of ready replicas for this replication controller.
    replicas
    integer    		Replicas is the most recently observed number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
    
+
    ReplicationControllerList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ReplicationController array    		List of replication controllers. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a ReplicationController
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/replicationcontrollers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ReplicationController
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationController    		OK
    201
    ReplicationController    		Created
    202
    ReplicationController    		Accepted
    
+
    Patch
    
+
    partially update the specified ReplicationController
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/replicationcontrollers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicationController
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationController    		OK
    201
    ReplicationController    		Created
    
+
    Replace
    
+
    replace the specified ReplicationController
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/replicationcontrollers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicationController
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ReplicationController
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationController    		OK
    201
    ReplicationController    		Created
    
+
    Delete
    
+
    delete a ReplicationController
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/replicationcontrollers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicationController
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ReplicationController
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/replicationcontrollers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ReplicationController
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/replicationcontrollers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicationController
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationController    		OK
    
+
    List
    
+
    list or watch objects of kind ReplicationController
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/replicationcontrollers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationControllerList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ReplicationController
    
+
    HTTP Request
    
+GET /api/v1/replicationcontrollers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationControllerList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ReplicationController. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/replicationcontrollers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicationController
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ReplicationController. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/replicationcontrollers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ReplicationController. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/replicationcontrollers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified ReplicationController
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/replicationcontrollers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicationController
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationController    		OK
    201
    ReplicationController    		Created
    
+
    Read Status
    
+
    read status of the specified ReplicationController
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/replicationcontrollers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicationController
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationController    		OK
    
+
    Replace Status
    
+
    replace status of the specified ReplicationController
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/replicationcontrollers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ReplicationController
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ReplicationController
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ReplicationController    		OK
    201
    ReplicationController    		Created
    
+
    Misc Operations
    
+
    Read Scale
    
+
    read scale of the specified ReplicationController
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/replicationcontrollers/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    
+
    Replace Scale
    
+
    replace scale of the specified ReplicationController
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/replicationcontrollers/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Scale
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    201
    Scale    		Created
    
+
    Patch Scale
    
+
    partially update scale of the specified ReplicationController
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/replicationcontrollers/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    201
    Scale    		Created
    
+
    StatefulSet v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1StatefulSet
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    StatefulSetSpec    		Spec defines the desired identities of pods in this set.
    status
    StatefulSetStatus    		Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time.
    
+
    StatefulSetSpec v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    minReadySeconds
    integer    		Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)
    ordinals
    StatefulSetOrdinals    		ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is beta.
    persistentVolumeClaimRetentionPolicy
    StatefulSetPersistentVolumeClaimRetentionPolicy    		persistentVolumeClaimRetentionPolicy describes the lifecycle of persistent volume claims created from volumeClaimTemplates. By default, all persistent volume claims are created as needed and retained until manually deleted. This policy allows the lifecycle to be altered, for example by deleting persistent volume claims when their stateful set is deleted, or when their pod is scaled down. This requires the StatefulSetAutoDeletePVC feature gate to be enabled, which is alpha.  +optional
    podManagementPolicy
    string    		podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is `OrderedReady`, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is `Parallel` which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.
    replicas
    integer    		replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.
    revisionHistoryLimit
    integer    		revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet's revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.
    selector
    LabelSelector    		selector is a label query over pods that should match the replica count. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
    serviceName
    string    		serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where "pod-specific-string" is managed by the StatefulSet controller.
    template
    PodTemplateSpec    		template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format <statefulsetname>-<podindex>. For example, a pod in a StatefulSet named "web" with index number "3" would be named "web-3". The only allowed template.spec.restartPolicy value is "Always".
    updateStrategy
    StatefulSetUpdateStrategy    		updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.
    volumeClaimTemplates
    PersistentVolumeClaim array    		volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.
    
+
    StatefulSetStatus v1 apps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    availableReplicas
    integer    		Total number of available pods (ready for at least minReadySeconds) targeted by this statefulset.
    collisionCount
    integer    		collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.
    conditions
    StatefulSetCondition array
    patch strategy: merge
    patch merge key: type    		Represents the latest available observations of a statefulset's current state.
    currentReplicas
    integer    		currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.
    currentRevision
    string    		currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).
    observedGeneration
    integer    		observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet's generation, which is updated on mutation by the API Server.
    readyReplicas
    integer    		readyReplicas is the number of pods created for this StatefulSet with a Ready Condition.
    replicas
    integer    		replicas is the number of Pods created by the StatefulSet controller.
    updateRevision
    string    		updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)
    updatedReplicas
    integer    		updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.
    
+
    StatefulSetList v1 apps
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    StatefulSet array    		Items is the list of stateful sets.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a StatefulSet
    
+
    HTTP Request
    
+POST /apis/apps/v1/namespaces/{namespace}/statefulsets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    StatefulSet
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSet    		OK
    201
    StatefulSet    		Created
    202
    StatefulSet    		Accepted
    
+
    Patch
    
+
    partially update the specified StatefulSet
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the StatefulSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSet    		OK
    201
    StatefulSet    		Created
    
+
    Replace
    
+
    replace the specified StatefulSet
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the StatefulSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    StatefulSet
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSet    		OK
    201
    StatefulSet    		Created
    
+
    Delete
    
+
    delete a StatefulSet
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the StatefulSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of StatefulSet
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/statefulsets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified StatefulSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the StatefulSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSet    		OK
    
+
    List
    
+
    list or watch objects of kind StatefulSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/statefulsets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSetList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind StatefulSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/statefulsets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSetList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind StatefulSet. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/statefulsets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the StatefulSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/statefulsets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of StatefulSet. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/statefulsets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified StatefulSet
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the StatefulSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSet    		OK
    201
    StatefulSet    		Created
    
+
    Read Status
    
+
    read status of the specified StatefulSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the StatefulSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSet    		OK
    
+
    Replace Status
    
+
    replace status of the specified StatefulSet
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the StatefulSet
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    StatefulSet
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StatefulSet    		OK
    201
    StatefulSet    		Created
    
+
    Misc Operations
    
+
    Read Scale
    
+
    read scale of the specified StatefulSet
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    
+
    Replace Scale
    
+
    replace scale of the specified StatefulSet
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Scale
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    201
    Scale    		Created
    
+
    Patch Scale
    
+
    partially update scale of the specified StatefulSet
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/statefulsets/{name}/scale
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Scale
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Scale    		OK
    201
    Scale    		Created
    
+
    SERVICE APIs
    
+
+
    Service API resources are responsible for stitching your workloads together into an accessible Loadbalanced Service.  By default,
+Workloads are only accessible within the cluster, and they must be exposed externally using a either
+a *LoadBalancer* or *NodePort* Service.  For development, internally accessible
+Workloads can be accessed via proxy through the api master using the kubectl proxy command.
    
+
+
    Common resource types:
    
+
+
      
+	
    • Services for providing a single ip endpoint loadbalanced across multiple Workload replicas.
      • 
+	
    • Ingress for providing a https(s) endpoint http(s) routed to one or more *Services*.
      • 
+
    
+
    
+
    Endpoints v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Endpoints
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    subsets
    EndpointSubset array    		The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.
    
+
    EndpointsList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Endpoints array    		List of endpoints.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create Endpoints
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/endpoints
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Endpoints
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Endpoints    		OK
    201
    Endpoints    		Created
    202
    Endpoints    		Accepted
    
+
    Patch
    
+
    partially update the specified Endpoints
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/endpoints/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Endpoints
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Endpoints    		OK
    201
    Endpoints    		Created
    
+
    Replace
    
+
    replace the specified Endpoints
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/endpoints/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Endpoints
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Endpoints
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Endpoints    		OK
    201
    Endpoints    		Created
    
+
    Delete
    
+
    delete Endpoints
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/endpoints/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Endpoints
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Endpoints
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/endpoints
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Endpoints
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/endpoints/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Endpoints
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Endpoints    		OK
    
+
    List
    
+
    list or watch objects of kind Endpoints
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/endpoints
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EndpointsList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Endpoints
    
+
    HTTP Request
    
+GET /api/v1/endpoints
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EndpointsList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Endpoints. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/endpoints/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Endpoints
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/endpoints
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/endpoints
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    EndpointSlice v1 discovery.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    discovery.k8s.iov1EndpointSlice
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    addressType
    string    		addressType specifies the type of address carried by this EndpointSlice. All addresses in this slice must be the same type. This field is immutable after creation. The following address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    endpoints
    Endpoint array    		endpoints is a list of unique endpoints in this slice. Each slice may include a maximum of 1000 endpoints.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata.
    ports
    EndpointPort array    		ports specifies the list of network ports exposed by each endpoint in this slice. Each port must have a unique name. When ports is empty, it indicates that there are no defined ports. When a port is defined with a nil port value, it indicates "all ports". Each slice may include a maximum of 100 ports.
    
+
    EndpointSliceList v1 discovery
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    EndpointSlice array    		items is the list of endpoint slices
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create an EndpointSlice
    
+
    HTTP Request
    
+POST /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    EndpointSlice
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    EndpointSlice    		OK
    201
    EndpointSlice    		Created
    202
    EndpointSlice    		Accepted
    
+
    Patch
    
+
    partially update the specified EndpointSlice
    
+
    HTTP Request
    
+PATCH /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the EndpointSlice
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    EndpointSlice    		OK
    201
    EndpointSlice    		Created
    
+
    Replace
    
+
    replace the specified EndpointSlice
    
+
    HTTP Request
    
+PUT /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the EndpointSlice
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    EndpointSlice
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    EndpointSlice    		OK
    201
    EndpointSlice    		Created
    
+
    Delete
    
+
    delete an EndpointSlice
    
+
    HTTP Request
    
+DELETE /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the EndpointSlice
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of EndpointSlice
    
+
    HTTP Request
    
+DELETE /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified EndpointSlice
    
+
    HTTP Request
    
+GET /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the EndpointSlice
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EndpointSlice    		OK
    
+
    List
    
+
    list or watch objects of kind EndpointSlice
    
+
    HTTP Request
    
+GET /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EndpointSliceList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind EndpointSlice
    
+
    HTTP Request
    
+GET /apis/discovery.k8s.io/v1/endpointslices
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EndpointSliceList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/discovery.k8s.io/v1/watch/namespaces/{namespace}/endpointslices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the EndpointSlice
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/discovery.k8s.io/v1/watch/namespaces/{namespace}/endpointslices
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/discovery.k8s.io/v1/watch/endpointslices
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    ClusterCIDR v1alpha1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1alpha1ClusterCIDR
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    ClusterCIDRSpec    		spec is the desired state of the ClusterCIDR. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    ClusterCIDRSpec v1alpha1 networking
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    ipv4
    string    		ipv4 defines an IPv4 IP block in CIDR notation(e.g. "10.0.0.0/8"). At least one of ipv4 and ipv6 must be specified. This field is immutable.
    ipv6
    string    		ipv6 defines an IPv6 IP block in CIDR notation(e.g. "2001:db8::/64"). At least one of ipv4 and ipv6 must be specified. This field is immutable.
    nodeSelector
    NodeSelector    		nodeSelector defines which nodes the config is applicable to. An empty or nil nodeSelector selects all nodes. This field is immutable.
    perNodeHostBits
    integer    		perNodeHostBits defines the number of host bits to be configured per node. A subnet mask determines how much of the address is used for network bits and host bits. For example an IPv4 address of 192.168.0.0/24, splits the address into 24 bits for the network portion and 8 bits for the host portion. To allocate 256 IPs, set this field to 8 (a /24 mask for IPv4 or a /120 for IPv6). Minimum value is 4 (16 IPs). This field is immutable.
    
+
    ClusterCIDRList v1alpha1 networking
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ClusterCIDR array    		items is the list of ClusterCIDRs.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a ClusterCIDR
    
+
    HTTP Request
    
+POST /apis/networking.k8s.io/v1alpha1/clustercidrs
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ClusterCIDR
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterCIDR    		OK
    201
    ClusterCIDR    		Created
    202
    ClusterCIDR    		Accepted
    
+
    Patch
    
+
    partially update the specified ClusterCIDR
    
+
    HTTP Request
    
+PATCH /apis/networking.k8s.io/v1alpha1/clustercidrs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterCIDR
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterCIDR    		OK
    201
    ClusterCIDR    		Created
    
+
    Replace
    
+
    replace the specified ClusterCIDR
    
+
    HTTP Request
    
+PUT /apis/networking.k8s.io/v1alpha1/clustercidrs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterCIDR
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ClusterCIDR
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterCIDR    		OK
    201
    ClusterCIDR    		Created
    
+
    Delete
    
+
    delete a ClusterCIDR
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1alpha1/clustercidrs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterCIDR
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ClusterCIDR
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1alpha1/clustercidrs
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ClusterCIDR
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1alpha1/clustercidrs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterCIDR
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ClusterCIDR    		OK
    
+
    List
    
+
    list or watch objects of kind ClusterCIDR
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1alpha1/clustercidrs
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ClusterCIDRList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ClusterCIDR. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1alpha1/watch/clustercidrs/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterCIDR
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ClusterCIDR. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1alpha1/watch/clustercidrs
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Ingress v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1Ingress
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    IngressSpec    		spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    IngressStatus    		status is the current state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    IngressSpec v1 networking
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    defaultBackend
    IngressBackend    		defaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller.
    ingressClassName
    string    		ingressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present.
    rules
    IngressRule array    		rules is a list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.
    tls
    IngressTLS array    		tls represents the TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.
    
+
    IngressStatus v1 networking
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    loadBalancer
    IngressLoadBalancerStatus    		loadBalancer contains the current status of the load-balancer.
    
+
    IngressList v1 networking
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Ingress array    		items is the list of Ingress.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create an Ingress
    
+
    HTTP Request
    
+POST /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Ingress
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Ingress    		OK
    201
    Ingress    		Created
    202
    Ingress    		Accepted
    
+
    Patch
    
+
    partially update the specified Ingress
    
+
    HTTP Request
    
+PATCH /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Ingress
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Ingress    		OK
    201
    Ingress    		Created
    
+
    Replace
    
+
    replace the specified Ingress
    
+
    HTTP Request
    
+PUT /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Ingress
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Ingress
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Ingress    		OK
    201
    Ingress    		Created
    
+
    Delete
    
+
    delete an Ingress
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Ingress
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Ingress
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Ingress
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Ingress
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Ingress    		OK
    
+
    List
    
+
    list or watch objects of kind Ingress
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    IngressList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Ingress
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/ingresses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    IngressList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Ingress. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/watch/namespaces/{namespace}/ingresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Ingress
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/watch/namespaces/{namespace}/ingresses
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/watch/ingresses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified Ingress
    
+
    HTTP Request
    
+PATCH /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Ingress
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Ingress    		OK
    201
    Ingress    		Created
    
+
    Read Status
    
+
    read status of the specified Ingress
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Ingress
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Ingress    		OK
    
+
    Replace Status
    
+
    replace status of the specified Ingress
    
+
    HTTP Request
    
+PUT /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Ingress
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Ingress
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Ingress    		OK
    201
    Ingress    		Created
    
+
    IngressClass v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressClass
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    IngressClassSpec    		spec is the desired state of the IngressClass. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    IngressClassSpec v1 networking
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    controller
    string    		controller refers to the name of the controller that should handle this class. This allows for different "flavors" that are controlled by the same controller. For example, you may have different parameters for the same implementing controller. This should be specified as a domain-prefixed path no more than 250 characters in length, e.g. "acme.io/ingress-controller". This field is immutable.
    parameters
    IngressClassParametersReference    		parameters is a link to a custom resource containing additional configuration for the controller. This is optional if the controller does not require extra parameters.
    
+
    IngressClassList v1 networking
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    IngressClass array    		items is the list of IngressClasses.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create an IngressClass
    
+
    HTTP Request
    
+POST /apis/networking.k8s.io/v1/ingressclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    IngressClass
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    IngressClass    		OK
    201
    IngressClass    		Created
    202
    IngressClass    		Accepted
    
+
    Patch
    
+
    partially update the specified IngressClass
    
+
    HTTP Request
    
+PATCH /apis/networking.k8s.io/v1/ingressclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IngressClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    IngressClass    		OK
    201
    IngressClass    		Created
    
+
    Replace
    
+
    replace the specified IngressClass
    
+
    HTTP Request
    
+PUT /apis/networking.k8s.io/v1/ingressclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IngressClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    IngressClass
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    IngressClass    		OK
    201
    IngressClass    		Created
    
+
    Delete
    
+
    delete an IngressClass
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1/ingressclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IngressClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of IngressClass
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1/ingressclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified IngressClass
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/ingressclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IngressClass
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    IngressClass    		OK
    
+
    List
    
+
    list or watch objects of kind IngressClass
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/ingressclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    IngressClassList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind IngressClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/watch/ingressclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IngressClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of IngressClass. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/watch/ingressclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Service v1 core
    
+
+
    
+  
    
+
    Service Config to load balance traffic across all Pods with the app=nginx label.  Receives on and sends to port 80.  Exposes an externally accessible endpoint.
    
+  
    
+
    
+kind: Service
+apiVersion: v1
+metadata:
+  # Unique key of the Service instance
+  name: service-example
+spec:
+  ports:
+    # Accept traffic sent to port 80
+    - name: http
+      port: 80
+      targetPort: 80
+  selector:
+    # Loadbalance traffic across Pods matching
+    # this label selector
+    app: nginx
+  # Create an HA proxy in the cloud provider
+  # with an External IP address - *Only supported
+  # by some cloud providers*
+  type: LoadBalancer
+
+
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Service
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    ServiceSpec    		Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    ServiceStatus    		Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    ServiceSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    allocateLoadBalancerNodePorts
    boolean    		allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer.  Default is "true". It may be set to "false" if the cluster load-balancer does not rely on NodePorts.  If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type.
    clusterIP
    string    		clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above).  Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required.  Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
    clusterIPs
    string array    		ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly.  If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above).  Valid values are "None", empty string (""), or a valid IP address.  Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required.  Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName.  If this field is not specified, it will be initialized from the clusterIP field.  If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value.  This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
    externalIPs
    string array    		externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service.  These IPs are not managed by Kubernetes.  The user is responsible for ensuring that traffic arrives at a node with this IP.  A common example is external load-balancers that are not part of the Kubernetes system.
    externalName
    string    		externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved.  Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName".
    externalTrafficPolicy
    string    		externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.
    healthCheckNodePort
    integer    		healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used.  If not specified, a value will be automatically allocated.  External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not.  If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set.
    internalTrafficPolicy
    string    		InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).
    ipFamilies
    string array    		IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are "IPv4" and "IPv6".  This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName.  This field may hold a maximum of two entries (dual-stack families, in either order).  These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field.
    ipFamilyPolicy
    string    		IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be "SingleStack" (a single IP family), "PreferDualStack" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or "RequireDualStack" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName.
    loadBalancerClass
    string    		loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.
    loadBalancerIP
    string    		Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version.
    loadBalancerSourceRanges
    string array    		If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/
    ports
    ServicePort array
    patch strategy: merge
    patch merge key: port    		The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
    publishNotReadyAddresses
    boolean    		publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered "ready" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior.
    selector
    object    		Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/
    sessionAffinity
    string    		Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
    sessionAffinityConfig
    SessionAffinityConfig    		sessionAffinityConfig contains the configurations of session affinity.
    type
    string    		type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. "ExternalName" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
    
+
    ServiceStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    conditions
    Condition array
    patch strategy: merge
    patch merge key: type    		Current service state
    loadBalancer
    LoadBalancerStatus    		LoadBalancer contains the current status of the load-balancer, if one is present.
    
+
    ServiceList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Service array    		List of services
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ echo 'kind: Service
+apiVersion: v1
+metadata:
+  name: service-example
+spec:
+  ports:
+    - name: http
+      port: 80
+      targetPort: 80
+  selector:
+      app: nginx
+  type: LoadBalancer
+' | kubectl create -f -
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X POST -H 'Content-Type: application/yaml' --data '
+kind: Service
+apiVersion: v1
+metadata:
+  name: service-example
+spec:
+  ports:
+    - name: http
+      port: 80
+      targetPort: 80
+  selector:
+      app: nginx
+  type: LoadBalancer
+' http://127.0.0.1:8001/api/v1/namespaces/default/services
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+service "service-example" created
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Service",
+  "apiVersion": "v1",
+  "metadata": {
+    "name": "service-example",
+    "namespace": "default",
+    "selfLink": "/api/v1/namespaces/default/services/service-example",
+    "uid": "93e5c731-9d30-11e6-9c54-42010a800148",
+    "resourceVersion": "2205767",
+    "creationTimestamp": "2016-10-28T17:04:24Z"
+  },
+  "spec": {
+    "ports": [
+      {
+        "name": "http",
+        "protocol": "TCP",
+        "port": 80,
+        "targetPort": 80,
+        "nodePort": 32417
+      }
+    ],
+    "selector": {
+      "app": "nginx"
+    },
+    "clusterIP": "10.183.250.161",
+    "type": "LoadBalancer",
+    "sessionAffinity": "None"
+  },
+  "status": {
+    "loadBalancer": {}
+  }
+}
+
    
+
    create a Service
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/services
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Service
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Service    		OK
    201
    Service    		Created
    202
    Service    		Accepted
    
+
    Patch
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl patch service  -p \
+	'{"spec":{"ports":[{"name":"http","port":80,"targetPort":8080}]}}'
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X PATCH -H 'Content-Type: application/strategic-merge-patch+json' --data '
+{"spec":{"ports":[{"name":"http","port":80,"targetPort":8080}]}}' \
+	'http://127.0.0.1:8001/api/v1/namespaces/default/services/'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+"" patched
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Service",
+  "apiVersion": "v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/api/v1/namespaces/default/services/deployment-example",
+    "uid": "93e5c731-9d30-11e6-9c54-42010a800148",
+    "resourceVersion": "2205995",
+    "creationTimestamp": "2016-10-28T17:04:24Z"
+  },
+  "spec": {
+    "ports": [
+      {
+        "name": "http",
+        "protocol": "TCP",
+        "port": 80,
+        "targetPort": 8080,
+        "nodePort": 32417
+      }
+    ],
+    "selector": {
+      "app": "nginx"
+    },
+    "clusterIP": "10.183.250.161",
+    "type": "LoadBalancer",
+    "sessionAffinity": "None"
+  },
+  "status": {
+    "loadBalancer": {
+      "ingress": [
+        {
+          "ip": "104.198.186.106"
+        }
+      ]
+    }
+  }
+}
+
    
+
    partially update the specified Service
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/services/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Service
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Service    		OK
    201
    Service    		Created
    
+
    Replace
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ echo 'apiVersion: v1
+kind: Service
+metadata:
+  name: deployment-example
+  resourceVersion: "2205995"
+spec:
+  clusterIP: 10.183.250.161
+  ports:
+  - name: http
+    nodePort: 32417
+    port: 80
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    app: nginx
+  sessionAffinity: None
+  type: LoadBalancer
+' | kubectl replace -f -
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X PUT -H 'Content-Type: application/yaml' --data '
+apiVersion: v1
+kind: Service
+metadata:
+  name: deployment-example
+  resourceVersion: "2205995"
+spec:
+  clusterIP: 10.183.250.161
+  ports:
+  - name: http
+    nodePort: 32417
+    port: 80
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    app: nginx
+  sessionAffinity: None
+  type: LoadBalancer
+' http://127.0.0.1:8001/api/v1/namespaces/default/services/deployment-example
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+service "deployment-example" replaced
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Service",
+  "apiVersion": "v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/api/v1/namespaces/default/services/deployment-example",
+    "uid": "93e5c731-9d30-11e6-9c54-42010a800148",
+    "resourceVersion": "2208672",
+    "creationTimestamp": "2016-10-28T17:04:24Z"
+  },
+  "spec": {
+    "ports": [
+      {
+        "name": "http",
+        "protocol": "TCP",
+        "port": 80,
+        "targetPort": 8080,
+        "nodePort": 32417
+      }
+    ],
+    "selector": {
+      "app": "nginx"
+    },
+    "clusterIP": "10.183.250.161",
+    "type": "LoadBalancer",
+    "sessionAffinity": "None"
+  },
+  "status": {
+    "loadBalancer": {
+      "ingress": [
+        {
+          "ip": "104.198.186.106"
+        }
+      ]
+    }
+  }
+}
+
    
+
    replace the specified Service
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/services/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Service
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Service
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Service    		OK
    201
    Service    		Created
    
+
    Delete
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl delete service deployment-example
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X DELETE -H 'Content-Type: application/yaml' --data '
+gracePeriodSeconds: 0
+orphanDependents: false
+' 'http://127.0.0.1:8001/api/v1/namespaces/default/services/deployment-example'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+service "deployment-example" deleted
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Status",
+  "apiVersion": "v1",
+  "metadata": {},
+  "status": "Success",
+  "code": 200
+}
+
+
    
+
    delete a Service
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/services/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Service
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Service    		OK
    202
    Service    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Service
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/services
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get service deployment-example -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET http://127.0.0.1:8001/api/v1/namespaces/default/services/deployment-example
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+{
+  "kind": "Service",
+  "apiVersion": "v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/api/v1/namespaces/default/services/deployment-example",
+    "uid": "93e5c731-9d30-11e6-9c54-42010a800148",
+    "resourceVersion": "2205995",
+    "creationTimestamp": "2016-10-28T17:04:24Z"
+  },
+  "spec": {
+    "ports": [
+      {
+        "name": "http",
+        "protocol": "TCP",
+        "port": 80,
+        "targetPort": 8080,
+        "nodePort": 32417
+      }
+    ],
+    "selector": {
+      "app": "nginx"
+    },
+    "clusterIP": "10.183.250.161",
+    "type": "LoadBalancer",
+    "sessionAffinity": "None"
+  },
+  "status": {
+    "loadBalancer": {
+      "ingress": [
+        {
+          "ip": "104.198.186.106"
+        }
+      ]
+    }
+  }
+}
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+  "kind": "Service",
+  "apiVersion": "v1",
+  "metadata": {
+    "name": "deployment-example",
+    "namespace": "default",
+    "selfLink": "/api/v1/namespaces/default/services/deployment-example",
+    "uid": "93e5c731-9d30-11e6-9c54-42010a800148",
+    "resourceVersion": "2205995",
+    "creationTimestamp": "2016-10-28T17:04:24Z"
+  },
+  "spec": {
+    "ports": [
+      {
+        "name": "http",
+        "protocol": "TCP",
+        "port": 80,
+        "targetPort": 8080,
+        "nodePort": 32417
+      }
+    ],
+    "selector": {
+      "app": "nginx"
+    },
+    "clusterIP": "10.183.250.161",
+    "type": "LoadBalancer",
+    "sessionAffinity": "None"
+  },
+  "status": {
+    "loadBalancer": {
+      "ingress": [
+        {
+          "ip": "104.198.186.106"
+        }
+      ]
+    }
+  }
+}
+
    
+
    read the specified Service
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/services/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Service
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Service    		OK
    
+
    List
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get service -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET 'http://127.0.0.1:8001/api/v1/namespaces/default/services'
+
    
+
    list or watch objects of kind Service
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/services
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ServiceList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Service
    
+
    HTTP Request
    
+GET /api/v1/services
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ServiceList    		OK
    
+
    Watch
    
+
+
+
    
+  
    
+
    kubectl command
    
+  
    
+
    
+$ kubectl get service deployment-example --watch -o json
+
    
+
    
+  
    
+
    curl command (requires kubectl proxy to be running)
    
+  
    
+
    
+$ kubectl proxy
+$ curl -X GET 'http://127.0.0.1:8001/api/v1/watch/namespaces/default/services/deployment-example'
+
    
+
+
+
    
+  
    
+
    Output
    
+  
    
+
    
+{
+	"type": "ADDED",
+	"object": {
+		"kind": "Service",
+		"apiVersion": "v1",
+		"metadata": {
+			"name": "deployment-example",
+			"namespace": "default",
+			"selfLink": "/api/v1/namespaces/default/services/deployment-example",
+			"uid": "93e5c731-9d30-11e6-9c54-42010a800148",
+			"resourceVersion": "2205995",
+			"creationTimestamp": "2016-10-28T17:04:24Z"
+		},
+		"spec": {
+			"ports": [
+				{
+					"name": "http",
+					"protocol": "TCP",
+					"port": 80,
+					"targetPort": 8080,
+					"nodePort": 32417
+				}
+			],
+			"selector": {
+				"app": "nginx"
+			},
+			"clusterIP": "10.183.250.161",
+			"type": "LoadBalancer",
+			"sessionAffinity": "None"
+		},
+		"status": {
+			"loadBalancer": {
+				"ingress": [
+					{
+						"ip": "104.198.186.106"
+					}
+				]
+			}
+		}
+	}
+}
+
    
+
    
+  
    
+
    Response Body
    
+  
    
+
    
+{
+	"type": "ADDED",
+	"object": {
+		"kind": "Service",
+		"apiVersion": "v1",
+		"metadata": {
+			"name": "deployment-example",
+			"namespace": "default",
+			"selfLink": "/api/v1/namespaces/default/services/deployment-example",
+			"uid": "93e5c731-9d30-11e6-9c54-42010a800148",
+			"resourceVersion": "2205995",
+			"creationTimestamp": "2016-10-28T17:04:24Z"
+		},
+		"spec": {
+			"ports": [
+				{
+					"name": "http",
+					"protocol": "TCP",
+					"port": 80,
+					"targetPort": 8080,
+					"nodePort": 32417
+				}
+			],
+			"selector": {
+				"app": "nginx"
+			},
+			"clusterIP": "10.183.250.161",
+			"type": "LoadBalancer",
+			"sessionAffinity": "None"
+		},
+		"status": {
+			"loadBalancer": {
+				"ingress": [
+					{
+						"ip": "104.198.186.106"
+					}
+				]
+			}
+		}
+	}
+}
+
    
+
    watch changes to an object of kind Service. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/services/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Service
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/services
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/services
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified Service
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/services/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Service
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Service    		OK
    201
    Service    		Created
    
+
    Read Status
    
+
    read status of the specified Service
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/services/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Service
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Service    		OK
    
+
    Replace Status
    
+
    replace status of the specified Service
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/services/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Service
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Service
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Service    		OK
    201
    Service    		Created
    
+
    Proxy Operations
    
+
    Create Connect Proxy
    
+
    connect POST requests to proxy of Service
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/services/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Create Connect Proxy Path
    
+
    connect POST requests to proxy of Service
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/services/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Delete Connect Proxy
    
+
    connect DELETE requests to proxy of Service
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/services/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Delete Connect Proxy Path
    
+
    connect DELETE requests to proxy of Service
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/services/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Get Connect Proxy
    
+
    connect GET requests to proxy of Service
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/services/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Get Connect Proxy Path
    
+
    connect GET requests to proxy of Service
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/services/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Head Connect Proxy
    
+
    connect HEAD requests to proxy of Service
    
+
    HTTP Request
    
+HEAD /api/v1/namespaces/{namespace}/services/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Head Connect Proxy Path
    
+
    connect HEAD requests to proxy of Service
    
+
    HTTP Request
    
+HEAD /api/v1/namespaces/{namespace}/services/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Replace Connect Proxy
    
+
    connect PUT requests to proxy of Service
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/services/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Replace Connect Proxy Path
    
+
    connect PUT requests to proxy of Service
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/services/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceProxyOptions
    namespaceobject name and auth scope, such as for teams and projects
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the part of URLs that include service endpoints, suffixes, and parameters to use for the current proxy request to service. For example, the whole request URL is http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy. Path is _search?q=user:kimchy.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    CONFIG & STORAGE
    
+
+
    Config and Storage resources are responsible for injecting data into your applications and persisting data externally to your container.
    
+
+
    Common resource types:
    
+
      
+
    • ConfigMaps for providing text key value pairs injected into the application through environment variables, command line arguments, or files
      • 
+
    • Secrets for providing binary data injected into the application through files
      • 
+
    • Volumes for providing a filesystem external to the Container.  Maybe shared across Containers within the same Pod and have a lifetime persisting beyond a Container or Pod.
      • 
+
    
+
    
+
    ConfigMap v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ConfigMap
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    binaryData
    object    		BinaryData contains the binary data. Each key must consist of alphanumeric characters, '-', '_' or '.'. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.
    data
    object    		Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.
    immutable
    boolean    		Immutable, if set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    ConfigMapList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ConfigMap array    		Items is the list of ConfigMaps.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a ConfigMap
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/configmaps
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ConfigMap
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ConfigMap    		OK
    201
    ConfigMap    		Created
    202
    ConfigMap    		Accepted
    
+
    Patch
    
+
    partially update the specified ConfigMap
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/configmaps/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ConfigMap
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ConfigMap    		OK
    201
    ConfigMap    		Created
    
+
    Replace
    
+
    replace the specified ConfigMap
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/configmaps/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ConfigMap
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ConfigMap
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ConfigMap    		OK
    201
    ConfigMap    		Created
    
+
    Delete
    
+
    delete a ConfigMap
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/configmaps/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ConfigMap
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ConfigMap
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/configmaps
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ConfigMap
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/configmaps/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ConfigMap
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ConfigMap    		OK
    
+
    List
    
+
    list or watch objects of kind ConfigMap
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/configmaps
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ConfigMapList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ConfigMap
    
+
    HTTP Request
    
+GET /api/v1/configmaps
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ConfigMapList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ConfigMap. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/configmaps/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ConfigMap
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ConfigMap. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/configmaps
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ConfigMap. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/configmaps
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    CSIDriver v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1CSIDriver
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata. metadata.Name indicates the name of the CSI driver that this object refers to; it MUST be the same name returned by the CSI GetPluginName() call for that driver. The driver name must be 63 characters or less, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), dots (.), and alphanumerics between. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    CSIDriverSpec    		spec represents the specification of the CSI Driver.
    
+
    CSIDriverSpec v1 storage
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    attachRequired
    boolean    		attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.  This field is immutable.
    fsGroupPolicy
    string    		fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.  This field is immutable.  Defaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.
    podInfoOnMount
    boolean    		podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.  The CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.  The following VolumeConext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. "csi.storage.k8s.io/pod.name": pod.Name "csi.storage.k8s.io/pod.namespace": pod.Namespace "csi.storage.k8s.io/pod.uid": string(pod.UID) "csi.storage.k8s.io/ephemeral": "true" if the volume is an ephemeral inline volume                                 defined by a CSIVolumeSource, otherwise "false"  "csi.storage.k8s.io/ephemeral" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the "Persistent" and "Ephemeral" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.  This field is immutable.
    requiresRepublish
    boolean    		requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.  Note: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.
    seLinuxMount
    boolean    		seLinuxMount specifies if the CSI driver supports "-o context" mount option.  When "true", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with "-o context=xyz" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.  When "false", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.  Default is "false".
    storageCapacity
    boolean    		storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.  The check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.  Alternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.  This field was immutable in Kubernetes <= 1.22 and now is mutable.
    tokenRequests
    TokenRequest array    		tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: "csi.storage.k8s.io/serviceAccount.tokens": {   "<audience>": {     "token": <token>,     "expirationTimestamp": <expiration timestamp in RFC3339>,   },   ... }  Note: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.
    volumeLifecycleModes
    string array    		volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is "Persistent", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.  The other mode is "Ephemeral". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.  For more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.  This field is beta. This field is immutable.
    
+
    CSIDriverList v1 storage
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    CSIDriver array    		items is the list of CSIDriver
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a CSIDriver
    
+
    HTTP Request
    
+POST /apis/storage.k8s.io/v1/csidrivers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CSIDriver
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    CSIDriver    		OK
    201
    CSIDriver    		Created
    202
    CSIDriver    		Accepted
    
+
    Patch
    
+
    partially update the specified CSIDriver
    
+
    HTTP Request
    
+PATCH /apis/storage.k8s.io/v1/csidrivers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIDriver
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CSIDriver    		OK
    201
    CSIDriver    		Created
    
+
    Replace
    
+
    replace the specified CSIDriver
    
+
    HTTP Request
    
+PUT /apis/storage.k8s.io/v1/csidrivers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIDriver
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CSIDriver
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CSIDriver    		OK
    201
    CSIDriver    		Created
    
+
    Delete
    
+
    delete a CSIDriver
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/csidrivers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIDriver
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CSIDriver    		OK
    202
    CSIDriver    		Accepted
    
+
    Delete Collection
    
+
    delete collection of CSIDriver
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/csidrivers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified CSIDriver
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/csidrivers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIDriver
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CSIDriver    		OK
    
+
    List
    
+
    list or watch objects of kind CSIDriver
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/csidrivers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CSIDriverList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind CSIDriver. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/csidrivers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIDriver
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of CSIDriver. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/csidrivers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    CSINode v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1CSINode
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. metadata.name must be the Kubernetes node name.
    spec
    CSINodeSpec    		spec is the specification of CSINode
    
+
    CSINodeSpec v1 storage
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    drivers
    CSINodeDriver array
    patch strategy: merge
    patch merge key: name    		drivers is a list of information of all CSI Drivers existing on a node. If all drivers in the list are uninstalled, this can become empty.
    
+
    CSINodeList v1 storage
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    CSINode array    		items is the list of CSINode
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a CSINode
    
+
    HTTP Request
    
+POST /apis/storage.k8s.io/v1/csinodes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CSINode
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    CSINode    		OK
    201
    CSINode    		Created
    202
    CSINode    		Accepted
    
+
    Patch
    
+
    partially update the specified CSINode
    
+
    HTTP Request
    
+PATCH /apis/storage.k8s.io/v1/csinodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSINode
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CSINode    		OK
    201
    CSINode    		Created
    
+
    Replace
    
+
    replace the specified CSINode
    
+
    HTTP Request
    
+PUT /apis/storage.k8s.io/v1/csinodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSINode
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CSINode
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CSINode    		OK
    201
    CSINode    		Created
    
+
    Delete
    
+
    delete a CSINode
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/csinodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSINode
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CSINode    		OK
    202
    CSINode    		Accepted
    
+
    Delete Collection
    
+
    delete collection of CSINode
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/csinodes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified CSINode
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/csinodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSINode
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CSINode    		OK
    
+
    List
    
+
    list or watch objects of kind CSINode
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/csinodes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CSINodeList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind CSINode. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/csinodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CSINode
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of CSINode. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/csinodes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Secret v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Secret
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    data
    object    		Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4
    immutable
    boolean    		Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    stringData
    object    		stringData allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API.
    type
    string    		Used to facilitate programmatic handling of secret data. More info: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types
    
+
    SecretList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Secret array    		Items is a list of secret objects. More info: https://kubernetes.io/docs/concepts/configuration/secret
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a Secret
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/secrets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Secret
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Secret    		OK
    201
    Secret    		Created
    202
    Secret    		Accepted
    
+
    Patch
    
+
    partially update the specified Secret
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/secrets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Secret
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Secret    		OK
    201
    Secret    		Created
    
+
    Replace
    
+
    replace the specified Secret
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/secrets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Secret
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Secret
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Secret    		OK
    201
    Secret    		Created
    
+
    Delete
    
+
    delete a Secret
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/secrets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Secret
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Secret
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/secrets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Secret
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/secrets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Secret
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Secret    		OK
    
+
    List
    
+
    list or watch objects of kind Secret
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/secrets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    SecretList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Secret
    
+
    HTTP Request
    
+GET /api/v1/secrets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    SecretList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Secret. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/secrets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Secret
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Secret. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/secrets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Secret. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/secrets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    PersistentVolumeClaim v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PersistentVolumeClaim
    
+
     A PersistentVolume must be allocated in the cluster to use this.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    PersistentVolumeClaimSpec    		spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
    status
    PersistentVolumeClaimStatus    		status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
    
+
    PersistentVolumeClaimSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    accessModes
    string array    		accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
    dataSource
    TypedLocalObjectReference    		dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.
    dataSourceRef
    TypedObjectReference    		dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef   allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef   preserves all values, and generates an error if a disallowed value is   specified. * While dataSource only allows local objects, dataSourceRef allows objects   in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
    resources
    ResourceRequirements    		resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
    selector
    LabelSelector    		selector is a label query over volumes to consider for binding.
    storageClassName
    string    		storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
    volumeMode
    string    		volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
    volumeName
    string    		volumeName is the binding reference to the PersistentVolume backing this claim.
    
+
    PersistentVolumeClaimStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    accessModes
    string array    		accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
    allocatedResources
    object    		allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
    capacity
    object    		capacity represents the actual resources of the underlying volume.
    conditions
    PersistentVolumeClaimCondition array
    patch strategy: merge
    patch merge key: type    		conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
    phase
    string    		phase represents the current phase of PersistentVolumeClaim.
    resizeStatus
    string    		resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
    
+
    PersistentVolumeClaimList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    PersistentVolumeClaim array    		items is a list of persistent volume claims. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a PersistentVolumeClaim
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/persistentvolumeclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PersistentVolumeClaim
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaim    		OK
    201
    PersistentVolumeClaim    		Created
    202
    PersistentVolumeClaim    		Accepted
    
+
    Patch
    
+
    partially update the specified PersistentVolumeClaim
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolumeClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaim    		OK
    201
    PersistentVolumeClaim    		Created
    
+
    Replace
    
+
    replace the specified PersistentVolumeClaim
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolumeClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PersistentVolumeClaim
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaim    		OK
    201
    PersistentVolumeClaim    		Created
    
+
    Delete
    
+
    delete a PersistentVolumeClaim
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolumeClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaim    		OK
    202
    PersistentVolumeClaim    		Accepted
    
+
    Delete Collection
    
+
    delete collection of PersistentVolumeClaim
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/persistentvolumeclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified PersistentVolumeClaim
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolumeClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaim    		OK
    
+
    List
    
+
    list or watch objects of kind PersistentVolumeClaim
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/persistentvolumeclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaimList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind PersistentVolumeClaim
    
+
    HTTP Request
    
+GET /api/v1/persistentvolumeclaims
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaimList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/persistentvolumeclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolumeClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/persistentvolumeclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of PersistentVolumeClaim. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/persistentvolumeclaims
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified PersistentVolumeClaim
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolumeClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaim    		OK
    201
    PersistentVolumeClaim    		Created
    
+
    Read Status
    
+
    read status of the specified PersistentVolumeClaim
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolumeClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaim    		OK
    
+
    Replace Status
    
+
    replace status of the specified PersistentVolumeClaim
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolumeClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PersistentVolumeClaim
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeClaim    		OK
    201
    PersistentVolumeClaim    		Created
    
+
    StorageClass v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1StorageClass
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    allowVolumeExpansion
    boolean    		allowVolumeExpansion shows whether the storage class allow volume expand.
    allowedTopologies
    TopologySelectorTerm array    		allowedTopologies restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    mountOptions
    string array    		mountOptions controls the mountOptions for dynamically provisioned PersistentVolumes of this storage class. e.g. ["ro", "soft"]. Not validated - mount of the PVs will simply fail if one is invalid.
    parameters
    object    		parameters holds the parameters for the provisioner that should create volumes of this storage class.
    provisioner
    string    		provisioner indicates the type of the provisioner.
    reclaimPolicy
    string    		reclaimPolicy controls the reclaimPolicy for dynamically provisioned PersistentVolumes of this storage class. Defaults to Delete.
    volumeBindingMode
    string    		volumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound.  When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.
    
+
    StorageClassList v1 storage
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    StorageClass array    		items is the list of StorageClasses
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a StorageClass
    
+
    HTTP Request
    
+POST /apis/storage.k8s.io/v1/storageclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    StorageClass
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageClass    		OK
    201
    StorageClass    		Created
    202
    StorageClass    		Accepted
    
+
    Patch
    
+
    partially update the specified StorageClass
    
+
    HTTP Request
    
+PATCH /apis/storage.k8s.io/v1/storageclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageClass    		OK
    201
    StorageClass    		Created
    
+
    Replace
    
+
    replace the specified StorageClass
    
+
    HTTP Request
    
+PUT /apis/storage.k8s.io/v1/storageclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    StorageClass
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageClass    		OK
    201
    StorageClass    		Created
    
+
    Delete
    
+
    delete a StorageClass
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/storageclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageClass    		OK
    202
    StorageClass    		Accepted
    
+
    Delete Collection
    
+
    delete collection of StorageClass
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/storageclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified StorageClass
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/storageclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageClass
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StorageClass    		OK
    
+
    List
    
+
    list or watch objects of kind StorageClass
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/storageclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StorageClassList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind StorageClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/storageclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of StorageClass. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/storageclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    CSIStorageCapacity v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1CSIStorageCapacity
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    capacity
    Quantity    		capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.  The semantic is currently (CSI spec 1.2) defined as: The available capacity, in bytes, of the storage that can be used to provision volumes. If not set, that information is currently unavailable.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    maximumVolumeSize
    Quantity    		maximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.  This is defined since CSI spec 1.4.0 as the largest size that may be used in a CreateVolumeRequest.capacity_range.required_bytes field to create a volume with the same parameters as those in GetCapacityRequest. The corresponding value in the Kubernetes API is ResourceRequirements.Requests in a volume claim.
    metadata
    ObjectMeta    		Standard object's metadata. The name has no particular meaning. It must be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-<uuid>, a generated name, or a reverse-domain name which ends with the unique CSI driver name.  Objects are namespaced.  More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    nodeTopology
    LabelSelector    		nodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable.
    storageClassName
    string    		storageClassName represents the name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable.
    
+
    CSIStorageCapacityList v1 storage
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    CSIStorageCapacity array    		items is the list of CSIStorageCapacity objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a CSIStorageCapacity
    
+
    HTTP Request
    
+POST /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CSIStorageCapacity
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    CSIStorageCapacity    		OK
    201
    CSIStorageCapacity    		Created
    202
    CSIStorageCapacity    		Accepted
    
+
    Patch
    
+
    partially update the specified CSIStorageCapacity
    
+
    HTTP Request
    
+PATCH /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIStorageCapacity
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CSIStorageCapacity    		OK
    201
    CSIStorageCapacity    		Created
    
+
    Replace
    
+
    replace the specified CSIStorageCapacity
    
+
    HTTP Request
    
+PUT /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIStorageCapacity
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CSIStorageCapacity
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CSIStorageCapacity    		OK
    201
    CSIStorageCapacity    		Created
    
+
    Delete
    
+
    delete a CSIStorageCapacity
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIStorageCapacity
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of CSIStorageCapacity
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified CSIStorageCapacity
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIStorageCapacity
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CSIStorageCapacity    		OK
    
+
    List
    
+
    list or watch objects of kind CSIStorageCapacity
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CSIStorageCapacityList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind CSIStorageCapacity
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/csistoragecapacities
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CSIStorageCapacityList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind CSIStorageCapacity. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/namespaces/{namespace}/csistoragecapacities/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the CSIStorageCapacity
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of CSIStorageCapacity. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/namespaces/{namespace}/csistoragecapacities
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of CSIStorageCapacity. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/csistoragecapacities
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Volume v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Volume
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    awsElasticBlockStore
    AWSElasticBlockStoreVolumeSource    		awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
    azureDisk
    AzureDiskVolumeSource    		azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
    azureFile
    AzureFileVolumeSource    		azureFile represents an Azure File Service mount on the host and bind mount to the pod.
    cephfs
    CephFSVolumeSource    		cephFS represents a Ceph FS mount on the host that shares a pod's lifetime
    cinder
    CinderVolumeSource    		cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
    configMap
    ConfigMapVolumeSource    		configMap represents a configMap that should populate this volume
    csi
    CSIVolumeSource    		csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
    downwardAPI
    DownwardAPIVolumeSource    		downwardAPI represents downward API about the pod that should populate this volume
    emptyDir
    EmptyDirVolumeSource    		emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
    ephemeral
    EphemeralVolumeSource    		ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.  Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity    tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through    a PersistentVolumeClaim (see EphemeralVolumeSource for more    information on the connection between this volume type    and PersistentVolumeClaim).  Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.  Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.  A pod can use both types of ephemeral volumes and persistent volumes at the same time.
    fc
    FCVolumeSource    		fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
    flexVolume
    FlexVolumeSource    		flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.
    flocker
    FlockerVolumeSource    		flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running
    gcePersistentDisk
    GCEPersistentDiskVolumeSource    		gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
    gitRepo
    GitRepoVolumeSource    		gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.
    glusterfs
    GlusterfsVolumeSource    		glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md
    hostPath
    HostPathVolumeSource    		hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
    iscsi
    ISCSIVolumeSource    		iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md
    name
    string    		name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    nfs
    NFSVolumeSource    		nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
    persistentVolumeClaim
    PersistentVolumeClaimVolumeSource    		persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
    photonPersistentDisk
    PhotonPersistentDiskVolumeSource    		photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
    portworxVolume
    PortworxVolumeSource    		portworxVolume represents a portworx volume attached and mounted on kubelets host machine
    projected
    ProjectedVolumeSource    		projected items for all in one resources secrets, configmaps, and downward API
    quobyte
    QuobyteVolumeSource    		quobyte represents a Quobyte mount on the host that shares a pod's lifetime
    rbd
    RBDVolumeSource    		rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md
    scaleIO
    ScaleIOVolumeSource    		scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
    secret
    SecretVolumeSource    		secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
    storageos
    StorageOSVolumeSource    		storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.
    vsphereVolume
    VsphereVirtualDiskVolumeSource    		vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
    
+
    VolumeAttachment v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1VolumeAttachment
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    VolumeAttachmentSpec    		spec represents specification of the desired attach/detach volume behavior. Populated by the Kubernetes system.
    status
    VolumeAttachmentStatus    		status represents status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher.
    
+
    VolumeAttachmentSpec v1 storage
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    attacher
    string    		attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().
    nodeName
    string    		nodeName represents the node that the volume should be attached to.
    source
    VolumeAttachmentSource    		source represents the volume that should be attached.
    
+
    VolumeAttachmentStatus v1 storage
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    attachError
    VolumeError    		attachError represents the last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.
    attached
    boolean    		attached indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.
    attachmentMetadata
    object    		attachmentMetadata is populated with any information returned by the attach operation, upon successful attach, that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.
    detachError
    VolumeError    		detachError represents the last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.
    
+
    VolumeAttachmentList v1 storage
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    VolumeAttachment array    		items is the list of VolumeAttachments
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a VolumeAttachment
    
+
    HTTP Request
    
+POST /apis/storage.k8s.io/v1/volumeattachments
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    VolumeAttachment
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachment    		OK
    201
    VolumeAttachment    		Created
    202
    VolumeAttachment    		Accepted
    
+
    Patch
    
+
    partially update the specified VolumeAttachment
    
+
    HTTP Request
    
+PATCH /apis/storage.k8s.io/v1/volumeattachments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the VolumeAttachment
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachment    		OK
    201
    VolumeAttachment    		Created
    
+
    Replace
    
+
    replace the specified VolumeAttachment
    
+
    HTTP Request
    
+PUT /apis/storage.k8s.io/v1/volumeattachments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the VolumeAttachment
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    VolumeAttachment
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachment    		OK
    201
    VolumeAttachment    		Created
    
+
    Delete
    
+
    delete a VolumeAttachment
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/volumeattachments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the VolumeAttachment
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachment    		OK
    202
    VolumeAttachment    		Accepted
    
+
    Delete Collection
    
+
    delete collection of VolumeAttachment
    
+
    HTTP Request
    
+DELETE /apis/storage.k8s.io/v1/volumeattachments
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified VolumeAttachment
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/volumeattachments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the VolumeAttachment
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachment    		OK
    
+
    List
    
+
    list or watch objects of kind VolumeAttachment
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/volumeattachments
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachmentList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/volumeattachments/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the VolumeAttachment
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of VolumeAttachment. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/watch/volumeattachments
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified VolumeAttachment
    
+
    HTTP Request
    
+PATCH /apis/storage.k8s.io/v1/volumeattachments/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the VolumeAttachment
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachment    		OK
    201
    VolumeAttachment    		Created
    
+
    Read Status
    
+
    read status of the specified VolumeAttachment
    
+
    HTTP Request
    
+GET /apis/storage.k8s.io/v1/volumeattachments/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the VolumeAttachment
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachment    		OK
    
+
    Replace Status
    
+
    replace status of the specified VolumeAttachment
    
+
    HTTP Request
    
+PUT /apis/storage.k8s.io/v1/volumeattachments/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the VolumeAttachment
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    VolumeAttachment
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    VolumeAttachment    		OK
    201
    VolumeAttachment    		Created
    
+
    METADATA
    
+
+
    Metadata resources are responsible for configuring behavior of your other Resources within the Cluster.
    
+
+
    Common resource types:
    
+
      
+
    • HorizontalPodAutoscaler (HPA) for automatically scaling the replicacount of your workloads in response to load.
      • 
+
    • PodDisruptionBudget for configuring how many replicas in a given workload maybe made concurrently unavailable when performing maintenance.
      • 
+
    • Event for notification of resource lifecycle events in the cluster.
      • 
+
    
+
    
+
    ClusterTrustBundle v1alpha1 certificates.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    certificates.k8s.iov1alpha1ClusterTrustBundle
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		metadata contains the object metadata.
    spec
    ClusterTrustBundleSpec    		spec contains the signer (if any) and trust anchors.
    
+
    ClusterTrustBundleSpec v1alpha1 certificates
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    signerName
    string    		signerName indicates the associated signer, if any.  In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.  If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.  If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.  List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.
    trustBundle
    string    		trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.  The data must consist only of PEM certificate blocks that parse as valid X.509 certificates.  Each certificate must include a basic constraints extension with the CA bit set.  The API server will reject objects that contain duplicate certificates, or that use PEM block headers.  Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.
    
+
    ClusterTrustBundleList v1alpha1 certificates
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ClusterTrustBundle array    		items is a collection of ClusterTrustBundle objects
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		metadata contains the list metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create a ClusterTrustBundle
    
+
    HTTP Request
    
+POST /apis/certificates.k8s.io/v1alpha1/clustertrustbundles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ClusterTrustBundle
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterTrustBundle    		OK
    201
    ClusterTrustBundle    		Created
    202
    ClusterTrustBundle    		Accepted
    
+
    Patch
    
+
    partially update the specified ClusterTrustBundle
    
+
    HTTP Request
    
+PATCH /apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterTrustBundle
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterTrustBundle    		OK
    201
    ClusterTrustBundle    		Created
    
+
    Replace
    
+
    replace the specified ClusterTrustBundle
    
+
    HTTP Request
    
+PUT /apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterTrustBundle
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ClusterTrustBundle
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterTrustBundle    		OK
    201
    ClusterTrustBundle    		Created
    
+
    Delete
    
+
    delete a ClusterTrustBundle
    
+
    HTTP Request
    
+DELETE /apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterTrustBundle
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ClusterTrustBundle
    
+
    HTTP Request
    
+DELETE /apis/certificates.k8s.io/v1alpha1/clustertrustbundles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ClusterTrustBundle
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1alpha1/clustertrustbundles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterTrustBundle
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ClusterTrustBundle    		OK
    
+
    List
    
+
    list or watch objects of kind ClusterTrustBundle
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1alpha1/clustertrustbundles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ClusterTrustBundleList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ClusterTrustBundle. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1alpha1/watch/clustertrustbundles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterTrustBundle
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ClusterTrustBundle. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1alpha1/watch/clustertrustbundles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    ControllerRevision v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1ControllerRevision
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    dataData is the serialized representation of the state.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    revision
    integer    		Revision indicates the revision of the state represented by Data.
    
+
    ControllerRevisionList v1 apps
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ControllerRevision array    		Items is the list of ControllerRevisions
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a ControllerRevision
    
+
    HTTP Request
    
+POST /apis/apps/v1/namespaces/{namespace}/controllerrevisions
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ControllerRevision
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ControllerRevision    		OK
    201
    ControllerRevision    		Created
    202
    ControllerRevision    		Accepted
    
+
    Patch
    
+
    partially update the specified ControllerRevision
    
+
    HTTP Request
    
+PATCH /apis/apps/v1/namespaces/{namespace}/controllerrevisions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ControllerRevision
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ControllerRevision    		OK
    201
    ControllerRevision    		Created
    
+
    Replace
    
+
    replace the specified ControllerRevision
    
+
    HTTP Request
    
+PUT /apis/apps/v1/namespaces/{namespace}/controllerrevisions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ControllerRevision
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ControllerRevision
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ControllerRevision    		OK
    201
    ControllerRevision    		Created
    
+
    Delete
    
+
    delete a ControllerRevision
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/controllerrevisions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ControllerRevision
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ControllerRevision
    
+
    HTTP Request
    
+DELETE /apis/apps/v1/namespaces/{namespace}/controllerrevisions
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ControllerRevision
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/controllerrevisions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ControllerRevision
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ControllerRevision    		OK
    
+
    List
    
+
    list or watch objects of kind ControllerRevision
    
+
    HTTP Request
    
+GET /apis/apps/v1/namespaces/{namespace}/controllerrevisions
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ControllerRevisionList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ControllerRevision
    
+
    HTTP Request
    
+GET /apis/apps/v1/controllerrevisions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ControllerRevisionList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/controllerrevisions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ControllerRevision
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/namespaces/{namespace}/controllerrevisions
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ControllerRevision. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apps/v1/watch/controllerrevisions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    CustomResourceDefinition v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceDefinition
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    CustomResourceDefinitionSpec    		spec describes how the user wants the resources to appear
    status
    CustomResourceDefinitionStatus    		status indicates the actual state of the CustomResourceDefinition
    
+
    CustomResourceDefinitionSpec v1 apiextensions
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    conversion
    CustomResourceConversion    		conversion defines conversion settings for the CRD.
    group
    string    		group is the API group of the defined custom resource. The custom resources are served under `/apis/<group>/...`. Must match the name of the CustomResourceDefinition (in the form `<names.plural>.<group>`).
    names
    CustomResourceDefinitionNames    		names specify the resource and kind names for the custom resource.
    preserveUnknownFields
    boolean    		preserveUnknownFields indicates that object fields which are not specified in the OpenAPI schema should be preserved when persisting to storage. apiVersion, kind, metadata and known fields inside metadata are always preserved. This field is deprecated in favor of setting `x-preserve-unknown-fields` to true in `spec.versions[*].schema.openAPIV3Schema`. See https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#field-pruning for details.
    scope
    string    		scope indicates whether the defined custom resource is cluster- or namespace-scoped. Allowed values are `Cluster` and `Namespaced`.
    versions
    CustomResourceDefinitionVersion array    		versions is the list of all API versions of the defined custom resource. Version names are used to compute the order in which served versions are listed in API discovery. If the version string is "kube-like", it will sort above non "kube-like" version strings, which are ordered lexicographically. "Kube-like" versions start with a "v", then are followed by a number (the major version), then optionally the string "alpha" or "beta" and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.
    
+
    CustomResourceDefinitionStatus v1 apiextensions
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    acceptedNames
    CustomResourceDefinitionNames    		acceptedNames are the names that are actually being used to serve discovery. They may be different than the names in spec.
    conditions
    CustomResourceDefinitionCondition array    		conditions indicate state for particular aspects of a CustomResourceDefinition
    storedVersions
    string array    		storedVersions lists all versions of CustomResources that were ever persisted. Tracking these versions allows a migration path for stored versions in etcd. The field is mutable so a migration controller can finish a migration to another version (ensuring no old objects are left in storage), and then remove the rest of the versions from this list. Versions may not be removed from `spec.versions` while they exist in this list.
    
+
    CustomResourceDefinitionList v1 apiextensions
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    CustomResourceDefinition array    		items list individual CustomResourceDefinition objects
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a CustomResourceDefinition
    
+
    HTTP Request
    
+POST /apis/apiextensions.k8s.io/v1/customresourcedefinitions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CustomResourceDefinition
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    CustomResourceDefinition    		OK
    201
    CustomResourceDefinition    		Created
    202
    CustomResourceDefinition    		Accepted
    
+
    Patch
    
+
    partially update the specified CustomResourceDefinition
    
+
    HTTP Request
    
+PATCH /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CustomResourceDefinition
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CustomResourceDefinition    		OK
    201
    CustomResourceDefinition    		Created
    
+
    Replace
    
+
    replace the specified CustomResourceDefinition
    
+
    HTTP Request
    
+PUT /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CustomResourceDefinition
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CustomResourceDefinition
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CustomResourceDefinition    		OK
    201
    CustomResourceDefinition    		Created
    
+
    Delete
    
+
    delete a CustomResourceDefinition
    
+
    HTTP Request
    
+DELETE /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CustomResourceDefinition
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of CustomResourceDefinition
    
+
    HTTP Request
    
+DELETE /apis/apiextensions.k8s.io/v1/customresourcedefinitions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified CustomResourceDefinition
    
+
    HTTP Request
    
+GET /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CustomResourceDefinition
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CustomResourceDefinition    		OK
    
+
    List
    
+
    list or watch objects of kind CustomResourceDefinition
    
+
    HTTP Request
    
+GET /apis/apiextensions.k8s.io/v1/customresourcedefinitions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CustomResourceDefinitionList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/apiextensions.k8s.io/v1/watch/customresourcedefinitions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CustomResourceDefinition
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apiextensions.k8s.io/v1/watch/customresourcedefinitions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified CustomResourceDefinition
    
+
    HTTP Request
    
+PATCH /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CustomResourceDefinition
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CustomResourceDefinition    		OK
    201
    CustomResourceDefinition    		Created
    
+
    Read Status
    
+
    read status of the specified CustomResourceDefinition
    
+
    HTTP Request
    
+GET /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CustomResourceDefinition
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CustomResourceDefinition    		OK
    
+
    Replace Status
    
+
    replace status of the specified CustomResourceDefinition
    
+
    HTTP Request
    
+PUT /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CustomResourceDefinition
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CustomResourceDefinition
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CustomResourceDefinition    		OK
    201
    CustomResourceDefinition    		Created
    
+
    Event v1 events.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    events.k8s.iov1Event
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    action
    string    		action is what action was taken/failed regarding to the regarding object. It is machine-readable. This field cannot be empty for new Events and it can have at most 128 characters.
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    deprecatedCount
    integer    		deprecatedCount is the deprecated field assuring backward compatibility with core.v1 Event type.
    deprecatedFirstTimestamp
    Time    		deprecatedFirstTimestamp is the deprecated field assuring backward compatibility with core.v1 Event type.
    deprecatedLastTimestamp
    Time    		deprecatedLastTimestamp is the deprecated field assuring backward compatibility with core.v1 Event type.
    deprecatedSource
    EventSource    		deprecatedSource is the deprecated field assuring backward compatibility with core.v1 Event type.
    eventTime
    MicroTime    		eventTime is the time when this Event was first observed. It is required.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    note
    string    		note is a human-readable description of the status of this operation. Maximal length of the note is 1kB, but libraries should be prepared to handle values up to 64kB.
    reason
    string    		reason is why the action was taken. It is human-readable. This field cannot be empty for new Events and it can have at most 128 characters.
    regarding
    ObjectReference    		regarding contains the object this Event is about. In most cases it's an Object reporting controller implements, e.g. ReplicaSetController implements ReplicaSets and this event is emitted because it acts on some changes in a ReplicaSet object.
    related
    ObjectReference    		related is the optional secondary object for more complex actions. E.g. when regarding object triggers a creation or deletion of related object.
    reportingController
    string    		reportingController is the name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`. This field cannot be empty for new Events.
    reportingInstance
    string    		reportingInstance is the ID of the controller instance, e.g. `kubelet-xyzf`. This field cannot be empty for new Events and it can have at most 128 characters.
    series
    EventSeries    		series is data about the Event series this event represents or nil if it's a singleton Event.
    type
    string    		type is the type of this event (Normal, Warning), new types could be added in the future. It is machine-readable. This field cannot be empty for new Events.
    
+
    EventList v1 events
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Event array    		items is a list of schema objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create an Event
    
+
    HTTP Request
    
+POST /apis/events.k8s.io/v1/namespaces/{namespace}/events
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Event
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Event    		OK
    201
    Event    		Created
    202
    Event    		Accepted
    
+
    Patch
    
+
    partially update the specified Event
    
+
    HTTP Request
    
+PATCH /apis/events.k8s.io/v1/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Event    		OK
    201
    Event    		Created
    
+
    Replace
    
+
    replace the specified Event
    
+
    HTTP Request
    
+PUT /apis/events.k8s.io/v1/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Event
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Event    		OK
    201
    Event    		Created
    
+
    Delete
    
+
    delete an Event
    
+
    HTTP Request
    
+DELETE /apis/events.k8s.io/v1/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Event
    
+
    HTTP Request
    
+DELETE /apis/events.k8s.io/v1/namespaces/{namespace}/events
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Event
    
+
    HTTP Request
    
+GET /apis/events.k8s.io/v1/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Event    		OK
    
+
    List
    
+
    list or watch objects of kind Event
    
+
    HTTP Request
    
+GET /apis/events.k8s.io/v1/namespaces/{namespace}/events
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EventList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Event
    
+
    HTTP Request
    
+GET /apis/events.k8s.io/v1/events
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EventList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Event. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/events.k8s.io/v1/watch/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/events.k8s.io/v1/watch/namespaces/{namespace}/events
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/events.k8s.io/v1/watch/events
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    LimitRange v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1LimitRange
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    LimitRangeSpec    		Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    LimitRangeSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    limits
    LimitRangeItem array    		Limits is the list of LimitRangeItem objects that are enforced.
    
+
    LimitRangeList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    LimitRange array    		Items is a list of LimitRange objects. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a LimitRange
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/limitranges
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    LimitRange
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    LimitRange    		OK
    201
    LimitRange    		Created
    202
    LimitRange    		Accepted
    
+
    Patch
    
+
    partially update the specified LimitRange
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/limitranges/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the LimitRange
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    LimitRange    		OK
    201
    LimitRange    		Created
    
+
    Replace
    
+
    replace the specified LimitRange
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/limitranges/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the LimitRange
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    LimitRange
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    LimitRange    		OK
    201
    LimitRange    		Created
    
+
    Delete
    
+
    delete a LimitRange
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/limitranges/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the LimitRange
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of LimitRange
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/limitranges
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified LimitRange
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/limitranges/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the LimitRange
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    LimitRange    		OK
    
+
    List
    
+
    list or watch objects of kind LimitRange
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/limitranges
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    LimitRangeList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind LimitRange
    
+
    HTTP Request
    
+GET /api/v1/limitranges
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    LimitRangeList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind LimitRange. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/limitranges/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the LimitRange
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/limitranges
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/limitranges
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    HorizontalPodAutoscaler v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2HorizontalPodAutoscaler
    
+
     Other API versions of this object exist:
+v1
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    HorizontalPodAutoscalerSpec    		spec is the specification for the behaviour of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
    status
    HorizontalPodAutoscalerStatus    		status is the current information about the autoscaler.
    
+
    HorizontalPodAutoscalerSpec v2 autoscaling
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    behavior
    HorizontalPodAutoscalerBehavior    		behavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). If not set, the default HPAScalingRules for scale up and scale down are used.
    maxReplicas
    integer    		maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.
    metrics
    MetricSpec array    		metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used).  The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods.  Ergo, metrics used must decrease as the pod count is increased, and vice-versa.  See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization.
    minReplicas
    integer    		minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down.  It defaults to 1 pod.  minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured.  Scaling is active as long as at least one metric value is available.
    scaleTargetRef
    CrossVersionObjectReference    		scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count.
    
+
    HorizontalPodAutoscalerStatus v2 autoscaling
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    conditions
    HorizontalPodAutoscalerCondition array
    patch strategy: merge
    patch merge key: type    		conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met.
    currentMetrics
    MetricStatus array    		currentMetrics is the last read state of the metrics used by this autoscaler.
    currentReplicas
    integer    		currentReplicas is current number of replicas of pods managed by this autoscaler, as last seen by the autoscaler.
    desiredReplicas
    integer    		desiredReplicas is the desired number of replicas of pods managed by this autoscaler, as last calculated by the autoscaler.
    lastScaleTime
    Time    		lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, used by the autoscaler to control how often the number of pods is changed.
    observedGeneration
    integer    		observedGeneration is the most recent generation observed by this autoscaler.
    
+
    HorizontalPodAutoscalerList v2 autoscaling
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    HorizontalPodAutoscaler array    		items is the list of horizontal pod autoscaler objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		metadata is the standard list metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create a HorizontalPodAutoscaler
    
+
    HTTP Request
    
+POST /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    HorizontalPodAutoscaler
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    202
    HorizontalPodAutoscaler    		Accepted
    
+
    Patch
    
+
    partially update the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+PATCH /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    
+
    Replace
    
+
    replace the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+PUT /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    HorizontalPodAutoscaler
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    
+
    Delete
    
+
    delete a HorizontalPodAutoscaler
    
+
    HTTP Request
    
+DELETE /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of HorizontalPodAutoscaler
    
+
    HTTP Request
    
+DELETE /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+GET /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    
+
    List
    
+
    list or watch objects of kind HorizontalPodAutoscaler
    
+
    HTTP Request
    
+GET /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscalerList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind HorizontalPodAutoscaler
    
+
    HTTP Request
    
+GET /apis/autoscaling/v2/horizontalpodautoscalers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscalerList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/autoscaling/v2/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/autoscaling/v2/watch/namespaces/{namespace}/horizontalpodautoscalers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/autoscaling/v2/watch/horizontalpodautoscalers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+PATCH /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    
+
    Read Status
    
+
    read status of the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+GET /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    
+
    Replace Status
    
+
    replace status of the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+PUT /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    HorizontalPodAutoscaler
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    
+
    MutatingWebhookConfiguration v1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1MutatingWebhookConfiguration
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
    webhooks
    MutatingWebhook array
    patch strategy: merge
    patch merge key: name    		Webhooks is a list of webhooks and the affected resources and operations.
    
+
    MutatingWebhookConfigurationList v1 admissionregistration
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    MutatingWebhookConfiguration array    		List of MutatingWebhookConfiguration.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a MutatingWebhookConfiguration
    
+
    HTTP Request
    
+POST /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    MutatingWebhookConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    MutatingWebhookConfiguration    		OK
    201
    MutatingWebhookConfiguration    		Created
    202
    MutatingWebhookConfiguration    		Accepted
    
+
    Patch
    
+
    partially update the specified MutatingWebhookConfiguration
    
+
    HTTP Request
    
+PATCH /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the MutatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    MutatingWebhookConfiguration    		OK
    201
    MutatingWebhookConfiguration    		Created
    
+
    Replace
    
+
    replace the specified MutatingWebhookConfiguration
    
+
    HTTP Request
    
+PUT /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the MutatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    MutatingWebhookConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    MutatingWebhookConfiguration    		OK
    201
    MutatingWebhookConfiguration    		Created
    
+
    Delete
    
+
    delete a MutatingWebhookConfiguration
    
+
    HTTP Request
    
+DELETE /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the MutatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of MutatingWebhookConfiguration
    
+
    HTTP Request
    
+DELETE /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified MutatingWebhookConfiguration
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the MutatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    MutatingWebhookConfiguration    		OK
    
+
    List
    
+
    list or watch objects of kind MutatingWebhookConfiguration
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    MutatingWebhookConfigurationList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind MutatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1/watch/mutatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the MutatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of MutatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1/watch/mutatingwebhookconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    ValidatingWebhookConfiguration v1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1ValidatingWebhookConfiguration
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
    webhooks
    ValidatingWebhook array
    patch strategy: merge
    patch merge key: name    		Webhooks is a list of webhooks and the affected resources and operations.
    
+
    ValidatingWebhookConfigurationList v1 admissionregistration
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ValidatingWebhookConfiguration array    		List of ValidatingWebhookConfiguration.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a ValidatingWebhookConfiguration
    
+
    HTTP Request
    
+POST /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ValidatingWebhookConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingWebhookConfiguration    		OK
    201
    ValidatingWebhookConfiguration    		Created
    202
    ValidatingWebhookConfiguration    		Accepted
    
+
    Patch
    
+
    partially update the specified ValidatingWebhookConfiguration
    
+
    HTTP Request
    
+PATCH /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingWebhookConfiguration    		OK
    201
    ValidatingWebhookConfiguration    		Created
    
+
    Replace
    
+
    replace the specified ValidatingWebhookConfiguration
    
+
    HTTP Request
    
+PUT /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ValidatingWebhookConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingWebhookConfiguration    		OK
    201
    ValidatingWebhookConfiguration    		Created
    
+
    Delete
    
+
    delete a ValidatingWebhookConfiguration
    
+
    HTTP Request
    
+DELETE /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ValidatingWebhookConfiguration
    
+
    HTTP Request
    
+DELETE /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ValidatingWebhookConfiguration
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingWebhookConfiguration    		OK
    
+
    List
    
+
    list or watch objects of kind ValidatingWebhookConfiguration
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingWebhookConfigurationList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ValidatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1/watch/validatingwebhookconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingWebhookConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ValidatingWebhookConfiguration. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1/watch/validatingwebhookconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    PodSchedulingContext v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2PodSchedulingContext
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata
    spec
    PodSchedulingContextSpec    		Spec describes where resources for the Pod are needed.
    status
    PodSchedulingContextStatus    		Status describes where resources for the Pod can be allocated.
    
+
    PodSchedulingContextSpec v1alpha2 resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    potentialNodes
    string array    		PotentialNodes lists nodes where the Pod might be able to run.  The size of this field is limited to 128. This is large enough for many clusters. Larger clusters may need more attempts to find a node that suits all pending resources. This may get increased in the future, but not reduced.
    selectedNode
    string    		SelectedNode is the node for which allocation of ResourceClaims that are referenced by the Pod and that use "WaitForFirstConsumer" allocation is to be attempted.
    
+
    PodSchedulingContextStatus v1alpha2 resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    resourceClaims
    ResourceClaimSchedulingStatus array    		ResourceClaims describes resource availability for each pod.spec.resourceClaim entry where the corresponding ResourceClaim uses "WaitForFirstConsumer" allocation mode.
    
+
    PodSchedulingContextList v1alpha2 resource
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    PodSchedulingContext array    		Items is the list of PodSchedulingContext objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a PodSchedulingContext
    
+
    HTTP Request
    
+POST /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PodSchedulingContext
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContext    		OK
    201
    PodSchedulingContext    		Created
    202
    PodSchedulingContext    		Accepted
    
+
    Patch
    
+
    partially update the specified PodSchedulingContext
    
+
    HTTP Request
    
+PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodSchedulingContext
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContext    		OK
    201
    PodSchedulingContext    		Created
    
+
    Replace
    
+
    replace the specified PodSchedulingContext
    
+
    HTTP Request
    
+PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodSchedulingContext
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PodSchedulingContext
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContext    		OK
    201
    PodSchedulingContext    		Created
    
+
    Delete
    
+
    delete a PodSchedulingContext
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodSchedulingContext
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContext    		OK
    202
    PodSchedulingContext    		Accepted
    
+
    Delete Collection
    
+
    delete collection of PodSchedulingContext
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified PodSchedulingContext
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodSchedulingContext
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContext    		OK
    
+
    List
    
+
    list or watch objects of kind PodSchedulingContext
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContextList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind PodSchedulingContext
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/podschedulingcontexts
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContextList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind PodSchedulingContext. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/podschedulingcontexts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodSchedulingContext
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of PodSchedulingContext. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/podschedulingcontexts
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of PodSchedulingContext. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/podschedulingcontexts
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified PodSchedulingContext
    
+
    HTTP Request
    
+PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodSchedulingContext
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContext    		OK
    201
    PodSchedulingContext    		Created
    
+
    Read Status
    
+
    read status of the specified PodSchedulingContext
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodSchedulingContext
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContext    		OK
    
+
    Replace Status
    
+
    replace status of the specified PodSchedulingContext
    
+
    HTTP Request
    
+PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/podschedulingcontexts/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodSchedulingContext
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PodSchedulingContext
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodSchedulingContext    		OK
    201
    PodSchedulingContext    		Created
    
+
    PodTemplate v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodTemplate
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    template
    PodTemplateSpec    		Template defines the pods that will be created from this pod template. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    PodTemplateSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    PodSpec    		Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    PodTemplateList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    PodTemplate array    		List of pod templates
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a PodTemplate
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/podtemplates
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PodTemplate
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    PodTemplate    		OK
    201
    PodTemplate    		Created
    202
    PodTemplate    		Accepted
    
+
    Patch
    
+
    partially update the specified PodTemplate
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/podtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodTemplate    		OK
    201
    PodTemplate    		Created
    
+
    Replace
    
+
    replace the specified PodTemplate
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/podtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PodTemplate
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodTemplate    		OK
    201
    PodTemplate    		Created
    
+
    Delete
    
+
    delete a PodTemplate
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/podtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodTemplate    		OK
    202
    PodTemplate    		Accepted
    
+
    Delete Collection
    
+
    delete collection of PodTemplate
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/podtemplates
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified PodTemplate
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/podtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodTemplate    		OK
    
+
    List
    
+
    list or watch objects of kind PodTemplate
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/podtemplates
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodTemplateList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind PodTemplate
    
+
    HTTP Request
    
+GET /api/v1/podtemplates
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodTemplateList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind PodTemplate. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/podtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of PodTemplate. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/podtemplates
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of PodTemplate. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/podtemplates
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    PodDisruptionBudget v1 policy
    
+
+
+
+
+
+
    GroupVersionKind
    policyv1PodDisruptionBudget
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    PodDisruptionBudgetSpec    		Specification of the desired behavior of the PodDisruptionBudget.
    status
    PodDisruptionBudgetStatus    		Most recently observed status of the PodDisruptionBudget.
    
+
    PodDisruptionBudgetSpec v1 policy
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    maxUnavailableAn eviction is allowed if at most "maxUnavailable" pods selected by "selector" are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with "minAvailable".
    minAvailableAn eviction is allowed if at least "minAvailable" pods selected by "selector" will still be available after the eviction, i.e. even in the absence of the evicted pod.  So for example you can prevent all voluntary evictions by specifying "100%".
    selector
    LabelSelector
    patch strategy: replace    		Label query over pods whose evictions are managed by the disruption budget. A null selector will match no pods, while an empty ({}) selector will select all pods within the namespace.
    unhealthyPodEvictionPolicy
    string    		UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type="Ready",status="True".  Valid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy.  IfHealthyBudget policy means that running pods (status.phase="Running"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction.  AlwaysAllow policy means that all running pods (status.phase="Running"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction.  Additional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field.  This field is beta-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).
    
+
    PodDisruptionBudgetStatus v1 policy
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    conditions
    Condition array
    patch strategy: merge
    patch merge key: type    		Conditions contain conditions for PDB. The disruption controller sets the DisruptionAllowed condition. The following are known values for the reason field (additional reasons could be added in the future): - SyncFailed: The controller encountered an error and wasn't able to compute               the number of allowed disruptions. Therefore no disruptions are               allowed and the status of the condition will be False. - InsufficientPods: The number of pods are either at or below the number                     required by the PodDisruptionBudget. No disruptions are                     allowed and the status of the condition will be False. - SufficientPods: There are more pods than required by the PodDisruptionBudget.                   The condition will be True, and the number of allowed                   disruptions are provided by the disruptionsAllowed property.
    currentHealthy
    integer    		current number of healthy pods
    desiredHealthy
    integer    		minimum desired number of healthy pods
    disruptedPods
    object    		DisruptedPods contains information about pods whose eviction was processed by the API server eviction subresource handler but has not yet been observed by the PodDisruptionBudget controller. A pod will be in this map from the time when the API server processed the eviction request to the time when the pod is seen by PDB controller as having been marked for deletion (or after a timeout). The key in the map is the name of the pod and the value is the time when the API server processed the eviction request. If the deletion didn't occur and a pod is still there it will be removed from the list automatically by PodDisruptionBudget controller after some time. If everything goes smooth this map should be empty for the most of the time. Large number of entries in the map may indicate problems with pod deletions.
    disruptionsAllowed
    integer    		Number of pod disruptions that are currently allowed.
    expectedPods
    integer    		total number of pods counted by this disruption budget
    observedGeneration
    integer    		Most recent generation observed when updating this PDB status. DisruptionsAllowed and other status information is valid only if observedGeneration equals to PDB's object generation.
    
+
    PodDisruptionBudgetList v1 policy
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    PodDisruptionBudget array    		Items is a list of PodDisruptionBudgets
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a PodDisruptionBudget
    
+
    HTTP Request
    
+POST /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PodDisruptionBudget
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudget    		OK
    201
    PodDisruptionBudget    		Created
    202
    PodDisruptionBudget    		Accepted
    
+
    Patch
    
+
    partially update the specified PodDisruptionBudget
    
+
    HTTP Request
    
+PATCH /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodDisruptionBudget
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudget    		OK
    201
    PodDisruptionBudget    		Created
    
+
    Replace
    
+
    replace the specified PodDisruptionBudget
    
+
    HTTP Request
    
+PUT /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodDisruptionBudget
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PodDisruptionBudget
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudget    		OK
    201
    PodDisruptionBudget    		Created
    
+
    Delete
    
+
    delete a PodDisruptionBudget
    
+
    HTTP Request
    
+DELETE /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodDisruptionBudget
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of PodDisruptionBudget
    
+
    HTTP Request
    
+DELETE /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified PodDisruptionBudget
    
+
    HTTP Request
    
+GET /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodDisruptionBudget
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudget    		OK
    
+
    List
    
+
    list or watch objects of kind PodDisruptionBudget
    
+
    HTTP Request
    
+GET /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudgetList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind PodDisruptionBudget
    
+
    HTTP Request
    
+GET /apis/policy/v1/poddisruptionbudgets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudgetList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/policy/v1/watch/namespaces/{namespace}/poddisruptionbudgets/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodDisruptionBudget
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/policy/v1/watch/namespaces/{namespace}/poddisruptionbudgets
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of PodDisruptionBudget. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/policy/v1/watch/poddisruptionbudgets
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified PodDisruptionBudget
    
+
    HTTP Request
    
+PATCH /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodDisruptionBudget
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudget    		OK
    201
    PodDisruptionBudget    		Created
    
+
    Read Status
    
+
    read status of the specified PodDisruptionBudget
    
+
    HTTP Request
    
+GET /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodDisruptionBudget
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudget    		OK
    
+
    Replace Status
    
+
    replace status of the specified PodDisruptionBudget
    
+
    HTTP Request
    
+PUT /apis/policy/v1/namespaces/{namespace}/poddisruptionbudgets/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the PodDisruptionBudget
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PodDisruptionBudget
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PodDisruptionBudget    		OK
    201
    PodDisruptionBudget    		Created
    
+
    PriorityClass v1 scheduling.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    scheduling.k8s.iov1PriorityClass
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    description
    string    		description is an arbitrary string that usually provides guidelines on when this priority class should be used.
    globalDefault
    boolean    		globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    preemptionPolicy
    string    		preemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.
    value
    integer    		value represents the integer value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.
    
+
    PriorityClassList v1 scheduling
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    PriorityClass array    		items is the list of PriorityClasses
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a PriorityClass
    
+
    HTTP Request
    
+POST /apis/scheduling.k8s.io/v1/priorityclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PriorityClass
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityClass    		OK
    201
    PriorityClass    		Created
    202
    PriorityClass    		Accepted
    
+
    Patch
    
+
    partially update the specified PriorityClass
    
+
    HTTP Request
    
+PATCH /apis/scheduling.k8s.io/v1/priorityclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityClass    		OK
    201
    PriorityClass    		Created
    
+
    Replace
    
+
    replace the specified PriorityClass
    
+
    HTTP Request
    
+PUT /apis/scheduling.k8s.io/v1/priorityclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PriorityClass
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityClass    		OK
    201
    PriorityClass    		Created
    
+
    Delete
    
+
    delete a PriorityClass
    
+
    HTTP Request
    
+DELETE /apis/scheduling.k8s.io/v1/priorityclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of PriorityClass
    
+
    HTTP Request
    
+DELETE /apis/scheduling.k8s.io/v1/priorityclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified PriorityClass
    
+
    HTTP Request
    
+GET /apis/scheduling.k8s.io/v1/priorityclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityClass
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PriorityClass    		OK
    
+
    List
    
+
    list or watch objects of kind PriorityClass
    
+
    HTTP Request
    
+GET /apis/scheduling.k8s.io/v1/priorityclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PriorityClassList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind PriorityClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/scheduling.k8s.io/v1/watch/priorityclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of PriorityClass. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/scheduling.k8s.io/v1/watch/priorityclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    ResourceClaim v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceClaim
    
+
     Other API versions of this object exist:
+v1
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata
    spec
    ResourceClaimSpec    		Spec describes the desired attributes of a resource that then needs to be allocated. It can only be set once when creating the ResourceClaim.
    status
    ResourceClaimStatus    		Status describes whether the resource is available and with which attributes.
    
+
    ResourceClaimSpec v1alpha2 resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    allocationMode
    string    		Allocation can start immediately or when a Pod wants to use the resource. "WaitForFirstConsumer" is the default.
    parametersRef
    ResourceClaimParametersReference    		ParametersRef references a separate object with arbitrary parameters that will be used by the driver when allocating a resource for the claim.  The object must be in the same namespace as the ResourceClaim.
    resourceClassName
    string    		ResourceClassName references the driver and additional parameters via the name of a ResourceClass that was created as part of the driver deployment.
    
+
    ResourceClaimStatus v1alpha2 resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    allocation
    AllocationResult    		Allocation is set by the resource driver once a resource or set of resources has been allocated successfully. If this is not specified, the resources have not been allocated yet.
    deallocationRequested
    boolean    		DeallocationRequested indicates that a ResourceClaim is to be deallocated.  The driver then must deallocate this claim and reset the field together with clearing the Allocation field.  While DeallocationRequested is set, no new consumers may be added to ReservedFor.
    driverName
    string    		DriverName is a copy of the driver name from the ResourceClass at the time when allocation started.
    reservedFor
    ResourceClaimConsumerReference array    		ReservedFor indicates which entities are currently allowed to use the claim. A Pod which references a ResourceClaim which is not reserved for that Pod will not be started.  There can be at most 32 such reservations. This may get increased in the future, but not reduced.
    
+
    ResourceClaimList v1alpha2 resource
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ResourceClaim array    		Items is the list of resource claims.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a ResourceClaim
    
+
    HTTP Request
    
+POST /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClaim
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    202
    ResourceClaim    		Accepted
    
+
    Patch
    
+
    partially update the specified ResourceClaim
    
+
    HTTP Request
    
+PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    
+
    Replace
    
+
    replace the specified ResourceClaim
    
+
    HTTP Request
    
+PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClaim
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    
+
    Delete
    
+
    delete a ResourceClaim
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    202
    ResourceClaim    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ResourceClaim
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ResourceClaim
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    
+
    List
    
+
    list or watch objects of kind ResourceClaim
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ResourceClaim
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/resourceclaims
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/resourceclaims
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified ResourceClaim
    
+
    HTTP Request
    
+PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    
+
    Read Status
    
+
    read status of the specified ResourceClaim
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    
+
    Replace Status
    
+
    replace status of the specified ResourceClaim
    
+
    HTTP Request
    
+PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClaim
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    
+
    ResourceClaimTemplate v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceClaimTemplate
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata
    spec
    ResourceClaimTemplateSpec    		Describes the ResourceClaim that is to be generated.  This field is immutable. A ResourceClaim will get created by the control plane for a Pod when needed and then not get updated anymore.
    
+
    ResourceClaimTemplateSpec v1alpha2 resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    metadata
    ObjectMeta    		ObjectMeta may contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.
    spec
    ResourceClaimSpec    		Spec for the ResourceClaim. The entire content is copied unchanged into the ResourceClaim that gets created from this template. The same fields as in a ResourceClaim are also valid here.
    
+
    ResourceClaimTemplateList v1alpha2 resource
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ResourceClaimTemplate array    		Items is the list of resource claim templates.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a ResourceClaimTemplate
    
+
    HTTP Request
    
+POST /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClaimTemplate
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimTemplate    		OK
    201
    ResourceClaimTemplate    		Created
    202
    ResourceClaimTemplate    		Accepted
    
+
    Patch
    
+
    partially update the specified ResourceClaimTemplate
    
+
    HTTP Request
    
+PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaimTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimTemplate    		OK
    201
    ResourceClaimTemplate    		Created
    
+
    Replace
    
+
    replace the specified ResourceClaimTemplate
    
+
    HTTP Request
    
+PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaimTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClaimTemplate
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimTemplate    		OK
    201
    ResourceClaimTemplate    		Created
    
+
    Delete
    
+
    delete a ResourceClaimTemplate
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaimTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimTemplate    		OK
    202
    ResourceClaimTemplate    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ResourceClaimTemplate
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ResourceClaimTemplate
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaimTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimTemplate    		OK
    
+
    List
    
+
    list or watch objects of kind ResourceClaimTemplate
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaimtemplates
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimTemplateList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ResourceClaimTemplate
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/resourceclaimtemplates
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimTemplateList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaimtemplates/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaimTemplate
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaimtemplates
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/resourceclaimtemplates
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    ResourceClass v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceClass
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    driverName
    string    		DriverName defines the name of the dynamic resource driver that is used for allocation of a ResourceClaim that uses this class.  Resource drivers have a unique name in forward domain order (acme.example.com).
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata
    parametersRef
    ResourceClassParametersReference    		ParametersRef references an arbitrary separate object that may hold parameters that will be used by the driver when allocating a resource that uses this class. A dynamic resource driver can distinguish between parameters stored here and and those stored in ResourceClaimSpec.
    suitableNodes
    NodeSelector    		Only nodes matching the selector will be considered by the scheduler when trying to find a Node that fits a Pod when that Pod uses a ResourceClaim that has not been allocated yet.  Setting this field is optional. If null, all nodes are candidates.
    
+
    ResourceClassList v1alpha2 resource
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ResourceClass array    		Items is the list of resource classes.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a ResourceClass
    
+
    HTTP Request
    
+POST /apis/resource.k8s.io/v1alpha2/resourceclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClass
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClass    		OK
    201
    ResourceClass    		Created
    202
    ResourceClass    		Accepted
    
+
    Patch
    
+
    partially update the specified ResourceClass
    
+
    HTTP Request
    
+PATCH /apis/resource.k8s.io/v1alpha2/resourceclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClass    		OK
    201
    ResourceClass    		Created
    
+
    Replace
    
+
    replace the specified ResourceClass
    
+
    HTTP Request
    
+PUT /apis/resource.k8s.io/v1alpha2/resourceclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClass
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClass    		OK
    201
    ResourceClass    		Created
    
+
    Delete
    
+
    delete a ResourceClass
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/resourceclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClass    		OK
    202
    ResourceClass    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ResourceClass
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/resourceclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ResourceClass
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/resourceclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClass
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClass    		OK
    
+
    List
    
+
    list or watch objects of kind ResourceClass
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/resourceclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClassList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ResourceClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/resourceclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ResourceClass. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/resourceclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    ValidatingAdmissionPolicy v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1ValidatingAdmissionPolicy
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
    spec
    ValidatingAdmissionPolicySpec    		Specification of the desired behavior of the ValidatingAdmissionPolicy.
    status
    ValidatingAdmissionPolicyStatus    		The status of the ValidatingAdmissionPolicy, including warnings that are useful to determine if the policy behaves in the expected way. Populated by the system. Read-only.
    
+
    ValidatingAdmissionPolicySpec v1alpha1 admissionregistration
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    auditAnnotations
    AuditAnnotation array    		auditAnnotations contains CEL expressions which are used to produce audit annotations for the audit event of the API request. validations and auditAnnotations may not both be empty; a least one of validations or auditAnnotations is required.
    failurePolicy
    string    		failurePolicy defines how to handle failures for the admission policy. Failures can occur from CEL expression parse errors, type check errors, runtime errors and invalid or mis-configured policy definitions or bindings.  A policy is invalid if spec.paramKind refers to a non-existent Kind. A binding is invalid if spec.paramRef.name refers to a non-existent resource.  failurePolicy does not define how validations that evaluate to false are handled.  When failurePolicy is set to Fail, ValidatingAdmissionPolicyBinding validationActions define how failures are enforced.  Allowed values are Ignore or Fail. Defaults to Fail.
    matchConditions
    MatchCondition array
    patch strategy: merge
    patch merge key: name    		MatchConditions is a list of conditions that must be met for a request to be validated. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed.  If a parameter object is provided, it can be accessed via the `params` handle in the same manner as validation expressions.  The exact matching logic is (in order):   1. If ANY matchCondition evaluates to FALSE, the policy is skipped.   2. If ALL matchConditions evaluate to TRUE, the policy is evaluated.   3. If any matchCondition evaluates to an error (but none are FALSE):      - If failurePolicy=Fail, reject the request      - If failurePolicy=Ignore, the policy is skipped
    matchConstraints
    MatchResources    		MatchConstraints specifies what resources this policy is designed to validate. The AdmissionPolicy cares about a request if it matches _all_ Constraints. However, in order to prevent clusters from being put into an unstable state that cannot be recovered from via the API ValidatingAdmissionPolicy cannot match ValidatingAdmissionPolicy and ValidatingAdmissionPolicyBinding. Required.
    paramKind
    ParamKind    		ParamKind specifies the kind of resources used to parameterize this policy. If absent, there are no parameters for this policy and the param CEL variable will not be provided to validation expressions. If ParamKind refers to a non-existent kind, this policy definition is mis-configured and the FailurePolicy is applied. If paramKind is specified but paramRef is unset in ValidatingAdmissionPolicyBinding, the params variable will be null.
    validations
    Validation array    		Validations contain CEL expressions which is used to apply the validation. Validations and AuditAnnotations may not both be empty; a minimum of one Validations or AuditAnnotations is required.
    
+
    ValidatingAdmissionPolicyStatus v1alpha1 admissionregistration
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    conditions
    Condition array    		The conditions represent the latest available observations of a policy's current state.
    observedGeneration
    integer    		The generation observed by the controller.
    typeChecking
    TypeChecking    		The results of type checking for each expression. Presence of this field indicates the completion of the type checking.
    
+
    ValidatingAdmissionPolicyList v1alpha1 admissionregistration
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ValidatingAdmissionPolicy array    		List of ValidatingAdmissionPolicy.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+POST /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ValidatingAdmissionPolicy
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicy    		OK
    201
    ValidatingAdmissionPolicy    		Created
    202
    ValidatingAdmissionPolicy    		Accepted
    
+
    Patch
    
+
    partially update the specified ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+PATCH /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicy
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicy    		OK
    201
    ValidatingAdmissionPolicy    		Created
    
+
    Replace
    
+
    replace the specified ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+PUT /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicy
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ValidatingAdmissionPolicy
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicy    		OK
    201
    ValidatingAdmissionPolicy    		Created
    
+
    Delete
    
+
    delete a ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+DELETE /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicy
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+DELETE /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicy
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicy    		OK
    
+
    List
    
+
    list or watch objects of kind ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicyList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ValidatingAdmissionPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/watch/validatingadmissionpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicy
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ValidatingAdmissionPolicy. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/watch/validatingadmissionpolicies
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+PATCH /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicy
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicy    		OK
    201
    ValidatingAdmissionPolicy    		Created
    
+
    Read Status
    
+
    read status of the specified ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicy
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicy    		OK
    
+
    Replace Status
    
+
    replace status of the specified ValidatingAdmissionPolicy
    
+
    HTTP Request
    
+PUT /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicies/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicy
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ValidatingAdmissionPolicy
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicy    		OK
    201
    ValidatingAdmissionPolicy    		Created
    
+
    ValidatingAdmissionPolicyBinding v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1ValidatingAdmissionPolicyBinding
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
    spec
    ValidatingAdmissionPolicyBindingSpec    		Specification of the desired behavior of the ValidatingAdmissionPolicyBinding.
    
+
    ValidatingAdmissionPolicyBindingSpec v1alpha1 admissionregistration
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    matchResources
    MatchResources    		MatchResources declares what resources match this binding and will be validated by it. Note that this is intersected with the policy's matchConstraints, so only requests that are matched by the policy can be selected by this. If this is unset, all resources matched by the policy are validated by this binding When resourceRules is unset, it does not constrain resource matching. If a resource is matched by the other fields of this object, it will be validated. Note that this is differs from ValidatingAdmissionPolicy matchConstraints, where resourceRules are required.
    paramRef
    ParamRef    		ParamRef specifies the parameter resource used to configure the admission control policy. It should point to a resource of the type specified in ParamKind of the bound ValidatingAdmissionPolicy. If the policy specifies a ParamKind and the resource referred to by ParamRef does not exist, this binding is considered mis-configured and the FailurePolicy of the ValidatingAdmissionPolicy applied.
    policyName
    string    		PolicyName references a ValidatingAdmissionPolicy name which the ValidatingAdmissionPolicyBinding binds to. If the referenced resource does not exist, this binding is considered invalid and will be ignored Required.
    validationActions
    string array    		validationActions declares how Validations of the referenced ValidatingAdmissionPolicy are enforced. If a validation evaluates to false it is always enforced according to these actions.  Failures defined by the ValidatingAdmissionPolicy's FailurePolicy are enforced according to these actions only if the FailurePolicy is set to Fail, otherwise the failures are ignored. This includes compilation errors, runtime errors and misconfigurations of the policy.  validationActions is declared as a set of action values. Order does not matter. validationActions may not contain duplicates of the same action.  The supported actions values are:  "Deny" specifies that a validation failure results in a denied request.  "Warn" specifies that a validation failure is reported to the request client in HTTP Warning headers, with a warning code of 299. Warnings can be sent both for allowed or denied admission responses.  "Audit" specifies that a validation failure is included in the published audit event for the request. The audit event will contain a `validation.policy.admission.k8s.io/validation_failure` audit annotation with a value containing the details of the validation failures, formatted as a JSON list of objects, each with the following fields: - message: The validation failure message string - policy: The resource name of the ValidatingAdmissionPolicy - binding: The resource name of the ValidatingAdmissionPolicyBinding - expressionIndex: The index of the failed validations in the ValidatingAdmissionPolicy - validationActions: The enforcement actions enacted for the validation failure Example audit annotation: `"validation.policy.admission.k8s.io/validation_failure": "[{"message": "Invalid value", {"policy": "policy.example.com", {"binding": "policybinding.example.com", {"expressionIndex": "1", {"validationActions": ["Audit"]}]"`  Clients should expect to handle additional values by ignoring any values not recognized.  "Deny" and "Warn" may not be used together since this combination needlessly duplicates the validation failure both in the API response body and the HTTP warning headers.  Required.
    
+
    ValidatingAdmissionPolicyBindingList v1alpha1 admissionregistration
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ValidatingAdmissionPolicyBinding array    		List of PolicyBinding.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a ValidatingAdmissionPolicyBinding
    
+
    HTTP Request
    
+POST /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicybindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ValidatingAdmissionPolicyBinding
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicyBinding    		OK
    201
    ValidatingAdmissionPolicyBinding    		Created
    202
    ValidatingAdmissionPolicyBinding    		Accepted
    
+
    Patch
    
+
    partially update the specified ValidatingAdmissionPolicyBinding
    
+
    HTTP Request
    
+PATCH /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicybindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicyBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicyBinding    		OK
    201
    ValidatingAdmissionPolicyBinding    		Created
    
+
    Replace
    
+
    replace the specified ValidatingAdmissionPolicyBinding
    
+
    HTTP Request
    
+PUT /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicybindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicyBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ValidatingAdmissionPolicyBinding
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicyBinding    		OK
    201
    ValidatingAdmissionPolicyBinding    		Created
    
+
    Delete
    
+
    delete a ValidatingAdmissionPolicyBinding
    
+
    HTTP Request
    
+DELETE /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicybindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicyBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ValidatingAdmissionPolicyBinding
    
+
    HTTP Request
    
+DELETE /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicybindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ValidatingAdmissionPolicyBinding
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicybindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicyBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicyBinding    		OK
    
+
    List
    
+
    list or watch objects of kind ValidatingAdmissionPolicyBinding
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/validatingadmissionpolicybindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ValidatingAdmissionPolicyBindingList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ValidatingAdmissionPolicyBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/watch/validatingadmissionpolicybindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ValidatingAdmissionPolicyBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ValidatingAdmissionPolicyBinding. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/admissionregistration.k8s.io/v1alpha1/watch/validatingadmissionpolicybindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    CLUSTER
    
+
+
    Cluster resources are responsible for defining configuration of the cluster itself, and are generally only used by cluster operators.
    
+
+
    
+
    APIService v1 apiregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiregistration.k8s.iov1APIService
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    APIServiceSpec    		Spec contains information for locating and communicating with a server
    status
    APIServiceStatus    		Status contains derived information about an API server
    
+
    APIServiceSpec v1 apiregistration
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    caBundle
    string    		CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate. If unspecified, system trust roots on the apiserver are used.
    group
    string    		Group is the API group name this server hosts
    groupPriorityMinimum
    integer    		GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object.  (v1.bar before v1.foo) We'd recommend something like: *.k8s.io (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be in the 2000s
    insecureSkipTLSVerify
    boolean    		InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server. This is strongly discouraged.  You should use the CABundle instead.
    service
    ServiceReference    		Service is a reference to the service for this API server.  It must communicate on port 443. If the Service is nil, that means the handling for the API groupversion is handled locally on this server. The call will simply delegate to the normal handler chain to be fulfilled.
    version
    string    		Version is the API version this server hosts.  For example, "v1"
    versionPriority
    integer    		VersionPriority controls the ordering of this API version inside of its group.  Must be greater than zero. The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10). Since it's inside of a group, the number can be small, probably in the 10s. In case of equal version priorities, the version string will be used to compute the order inside a group. If the version string is "kube-like", it will sort above non "kube-like" version strings, which are ordered lexicographically. "Kube-like" versions start with a "v", then are followed by a number (the major version), then optionally the string "alpha" or "beta" and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.
    
+
    APIServiceStatus v1 apiregistration
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    conditions
    APIServiceCondition array
    patch strategy: merge
    patch merge key: type    		Current service state of apiService.
    
+
    APIServiceList v1 apiregistration
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    APIService array    		Items is the list of APIService
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create an APIService
    
+
    HTTP Request
    
+POST /apis/apiregistration.k8s.io/v1/apiservices
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    APIService
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    APIService    		OK
    201
    APIService    		Created
    202
    APIService    		Accepted
    
+
    Patch
    
+
    partially update the specified APIService
    
+
    HTTP Request
    
+PATCH /apis/apiregistration.k8s.io/v1/apiservices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the APIService
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    APIService    		OK
    201
    APIService    		Created
    
+
    Replace
    
+
    replace the specified APIService
    
+
    HTTP Request
    
+PUT /apis/apiregistration.k8s.io/v1/apiservices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the APIService
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    APIService
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    APIService    		OK
    201
    APIService    		Created
    
+
    Delete
    
+
    delete an APIService
    
+
    HTTP Request
    
+DELETE /apis/apiregistration.k8s.io/v1/apiservices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the APIService
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of APIService
    
+
    HTTP Request
    
+DELETE /apis/apiregistration.k8s.io/v1/apiservices
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified APIService
    
+
    HTTP Request
    
+GET /apis/apiregistration.k8s.io/v1/apiservices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the APIService
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    APIService    		OK
    
+
    List
    
+
    list or watch objects of kind APIService
    
+
    HTTP Request
    
+GET /apis/apiregistration.k8s.io/v1/apiservices
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    APIServiceList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind APIService. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/apiregistration.k8s.io/v1/watch/apiservices/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the APIService
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of APIService. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/apiregistration.k8s.io/v1/watch/apiservices
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified APIService
    
+
    HTTP Request
    
+PATCH /apis/apiregistration.k8s.io/v1/apiservices/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the APIService
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    APIService    		OK
    201
    APIService    		Created
    
+
    Read Status
    
+
    read status of the specified APIService
    
+
    HTTP Request
    
+GET /apis/apiregistration.k8s.io/v1/apiservices/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the APIService
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    APIService    		OK
    
+
    Replace Status
    
+
    replace status of the specified APIService
    
+
    HTTP Request
    
+PUT /apis/apiregistration.k8s.io/v1/apiservices/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the APIService
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    APIService
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    APIService    		OK
    201
    APIService    		Created
    
+
    Binding v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Binding
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    target
    ObjectReference    		The target object that you want to bind to the standard object.
    
+
    Write Operations
    
+
    Create
    
+
    create a Binding
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/bindings
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Binding
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Binding    		OK
    201
    Binding    		Created
    202
    Binding    		Accepted
    
+
    CertificateSigningRequest v1 certificates.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    certificates.k8s.iov1CertificateSigningRequest
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta
    spec
    CertificateSigningRequestSpec    		spec contains the certificate request, and is immutable after creation. Only the request, signerName, expirationSeconds, and usages fields can be set on creation. Other fields are derived by Kubernetes and cannot be modified by users.
    status
    CertificateSigningRequestStatus    		status contains information about whether the request is approved or denied, and the certificate issued by the signer, or the failure condition indicating signer failure.
    
+
    CertificateSigningRequestSpec v1 certificates
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    expirationSeconds
    integer    		expirationSeconds is the requested duration of validity of the issued certificate. The certificate signer may issue a certificate with a different validity duration so a client must check the delta between the notBefore and and notAfter fields in the issued certificate to determine the actual duration.  The v1.22+ in-tree implementations of the well-known Kubernetes signers will honor this field as long as the requested duration is not greater than the maximum duration they will honor per the --cluster-signing-duration CLI flag to the Kubernetes controller manager.  Certificate signers may not honor this field for various reasons:    1. Old signer that is unaware of the field (such as the in-tree      implementations prior to v1.22)   2. Signer whose configured maximum is shorter than the requested duration   3. Signer whose configured minimum is longer than the requested duration  The minimum valid value for expirationSeconds is 600, i.e. 10 minutes.
    extra
    object    		extra contains extra attributes of the user that created the CertificateSigningRequest. Populated by the API server on creation and immutable.
    groups
    string array    		groups contains group membership of the user that created the CertificateSigningRequest. Populated by the API server on creation and immutable.
    request
    string    		request contains an x509 certificate signing request encoded in a "CERTIFICATE REQUEST" PEM block. When serialized as JSON or YAML, the data is additionally base64-encoded.
    signerName
    string    		signerName indicates the requested signer, and is a qualified name.  List/watch requests for CertificateSigningRequests can filter on this field using a "spec.signerName=NAME" fieldSelector.  Well-known Kubernetes signers are:  1. "kubernetes.io/kube-apiserver-client": issues client certificates that can be used to authenticate to kube-apiserver.   Requests for this signer are never auto-approved by kube-controller-manager, can be issued by the "csrsigning" controller in kube-controller-manager.  2. "kubernetes.io/kube-apiserver-client-kubelet": issues client certificates that kubelets use to authenticate to kube-apiserver.   Requests for this signer can be auto-approved by the "csrapproving" controller in kube-controller-manager, and can be issued by the "csrsigning" controller in kube-controller-manager.  3. "kubernetes.io/kubelet-serving" issues serving certificates that kubelets use to serve TLS endpoints, which kube-apiserver can connect to securely.   Requests for this signer are never auto-approved by kube-controller-manager, and can be issued by the "csrsigning" controller in kube-controller-manager.  More details are available at https://k8s.io/docs/reference/access-authn-authz/certificate-signing-requests/#kubernetes-signers  Custom signerNames can also be specified. The signer defines:  1. Trust distribution: how trust (CA bundles) are distributed.  2. Permitted subjects: and behavior when a disallowed subject is requested.  3. Required, permitted, or forbidden x509 extensions in the request (including whether subjectAltNames are allowed, which types, restrictions on allowed values) and behavior when a disallowed extension is requested.  4. Required, permitted, or forbidden key usages / extended key usages.  5. Expiration/certificate lifetime: whether it is fixed by the signer, configurable by the admin.  6. Whether or not requests for CA certificates are allowed.
    uid
    string    		uid contains the uid of the user that created the CertificateSigningRequest. Populated by the API server on creation and immutable.
    usages
    string array    		usages specifies a set of key usages requested in the issued certificate.  Requests for TLS client certificates typically request: "digital signature", "key encipherment", "client auth".  Requests for TLS serving certificates typically request: "key encipherment", "digital signature", "server auth".  Valid values are:  "signing", "digital signature", "content commitment",  "key encipherment", "key agreement", "data encipherment",  "cert sign", "crl sign", "encipher only", "decipher only", "any",  "server auth", "client auth",  "code signing", "email protection", "s/mime",  "ipsec end system", "ipsec tunnel", "ipsec user",  "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"
    username
    string    		username contains the name of the user that created the CertificateSigningRequest. Populated by the API server on creation and immutable.
    
+
    CertificateSigningRequestStatus v1 certificates
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    certificate
    string    		certificate is populated with an issued certificate by the signer after an Approved condition is present. This field is set via the /status subresource. Once populated, this field is immutable.  If the certificate signing request is denied, a condition of type "Denied" is added and this field remains empty. If the signer cannot issue the certificate, a condition of type "Failed" is added and this field remains empty.  Validation requirements:  1. certificate must contain one or more PEM blocks.  2. All PEM blocks must have the "CERTIFICATE" label, contain no headers, and the encoded data   must be a BER-encoded ASN.1 Certificate structure as described in section 4 of RFC5280.  3. Non-PEM content may appear before or after the "CERTIFICATE" PEM blocks and is unvalidated,   to allow for explanatory text as described in section 5.2 of RFC7468.  If more than one PEM block is present, and the definition of the requested spec.signerName does not indicate otherwise, the first block is the issued certificate, and subsequent blocks should be treated as intermediate certificates and presented in TLS handshakes.  The certificate is encoded in PEM format.  When serialized as JSON or YAML, the data is additionally base64-encoded, so it consists of:      base64(     -----BEGIN CERTIFICATE-----     ...     -----END CERTIFICATE-----     )
    conditions
    CertificateSigningRequestCondition array    		conditions applied to the request. Known conditions are "Approved", "Denied", and "Failed".
    
+
    CertificateSigningRequestList v1 certificates
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    CertificateSigningRequest array    		items is a collection of CertificateSigningRequest objects
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta
    
+
    Write Operations
    
+
    Create
    
+
    create a CertificateSigningRequest
    
+
    HTTP Request
    
+POST /apis/certificates.k8s.io/v1/certificatesigningrequests
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CertificateSigningRequest
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    CertificateSigningRequest    		OK
    201
    CertificateSigningRequest    		Created
    202
    CertificateSigningRequest    		Accepted
    
+
    Patch
    
+
    partially update the specified CertificateSigningRequest
    
+
    HTTP Request
    
+PATCH /apis/certificates.k8s.io/v1/certificatesigningrequests/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CertificateSigningRequest
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CertificateSigningRequest    		OK
    201
    CertificateSigningRequest    		Created
    
+
    Replace
    
+
    replace the specified CertificateSigningRequest
    
+
    HTTP Request
    
+PUT /apis/certificates.k8s.io/v1/certificatesigningrequests/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CertificateSigningRequest
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CertificateSigningRequest
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CertificateSigningRequest    		OK
    201
    CertificateSigningRequest    		Created
    
+
    Delete
    
+
    delete a CertificateSigningRequest
    
+
    HTTP Request
    
+DELETE /apis/certificates.k8s.io/v1/certificatesigningrequests/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CertificateSigningRequest
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of CertificateSigningRequest
    
+
    HTTP Request
    
+DELETE /apis/certificates.k8s.io/v1/certificatesigningrequests
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified CertificateSigningRequest
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1/certificatesigningrequests/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CertificateSigningRequest
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CertificateSigningRequest    		OK
    
+
    List
    
+
    list or watch objects of kind CertificateSigningRequest
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1/certificatesigningrequests
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CertificateSigningRequestList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind CertificateSigningRequest. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1/watch/certificatesigningrequests/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CertificateSigningRequest
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of CertificateSigningRequest. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1/watch/certificatesigningrequests
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified CertificateSigningRequest
    
+
    HTTP Request
    
+PATCH /apis/certificates.k8s.io/v1/certificatesigningrequests/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CertificateSigningRequest
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CertificateSigningRequest    		OK
    201
    CertificateSigningRequest    		Created
    
+
    Read Status
    
+
    read status of the specified CertificateSigningRequest
    
+
    HTTP Request
    
+GET /apis/certificates.k8s.io/v1/certificatesigningrequests/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CertificateSigningRequest
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    CertificateSigningRequest    		OK
    
+
    Replace Status
    
+
    replace status of the specified CertificateSigningRequest
    
+
    HTTP Request
    
+PUT /apis/certificates.k8s.io/v1/certificatesigningrequests/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the CertificateSigningRequest
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    CertificateSigningRequest
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    CertificateSigningRequest    		OK
    201
    CertificateSigningRequest    		Created
    
+
    ClusterRole v1 rbac.authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    rbac.authorization.k8s.iov1ClusterRole
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    aggregationRule
    AggregationRule    		AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata.
    rules
    PolicyRule array    		Rules holds all the PolicyRules for this ClusterRole
    
+
    ClusterRoleList v1 rbac
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ClusterRole array    		Items is a list of ClusterRoles
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create a ClusterRole
    
+
    HTTP Request
    
+POST /apis/rbac.authorization.k8s.io/v1/clusterroles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ClusterRole
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRole    		OK
    201
    ClusterRole    		Created
    202
    ClusterRole    		Accepted
    
+
    Patch
    
+
    partially update the specified ClusterRole
    
+
    HTTP Request
    
+PATCH /apis/rbac.authorization.k8s.io/v1/clusterroles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRole
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRole    		OK
    201
    ClusterRole    		Created
    
+
    Replace
    
+
    replace the specified ClusterRole
    
+
    HTTP Request
    
+PUT /apis/rbac.authorization.k8s.io/v1/clusterroles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRole
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ClusterRole
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRole    		OK
    201
    ClusterRole    		Created
    
+
    Delete
    
+
    delete a ClusterRole
    
+
    HTTP Request
    
+DELETE /apis/rbac.authorization.k8s.io/v1/clusterroles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRole
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ClusterRole
    
+
    HTTP Request
    
+DELETE /apis/rbac.authorization.k8s.io/v1/clusterroles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ClusterRole
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/clusterroles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRole
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRole    		OK
    
+
    List
    
+
    list or watch objects of kind ClusterRole
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/clusterroles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRoleList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ClusterRole. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/clusterroles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRole
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ClusterRole. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/clusterroles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    ClusterRoleBinding v1 rbac.authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    rbac.authorization.k8s.iov1ClusterRoleBinding
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata.
    roleRef
    RoleRef    		RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.
    subjects
    Subject array    		Subjects holds references to the objects the role applies to.
    
+
    ClusterRoleBindingList v1 rbac
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ClusterRoleBinding array    		Items is a list of ClusterRoleBindings
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create a ClusterRoleBinding
    
+
    HTTP Request
    
+POST /apis/rbac.authorization.k8s.io/v1/clusterrolebindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ClusterRoleBinding
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRoleBinding    		OK
    201
    ClusterRoleBinding    		Created
    202
    ClusterRoleBinding    		Accepted
    
+
    Patch
    
+
    partially update the specified ClusterRoleBinding
    
+
    HTTP Request
    
+PATCH /apis/rbac.authorization.k8s.io/v1/clusterrolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRoleBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRoleBinding    		OK
    201
    ClusterRoleBinding    		Created
    
+
    Replace
    
+
    replace the specified ClusterRoleBinding
    
+
    HTTP Request
    
+PUT /apis/rbac.authorization.k8s.io/v1/clusterrolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRoleBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ClusterRoleBinding
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRoleBinding    		OK
    201
    ClusterRoleBinding    		Created
    
+
    Delete
    
+
    delete a ClusterRoleBinding
    
+
    HTTP Request
    
+DELETE /apis/rbac.authorization.k8s.io/v1/clusterrolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRoleBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ClusterRoleBinding
    
+
    HTTP Request
    
+DELETE /apis/rbac.authorization.k8s.io/v1/clusterrolebindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ClusterRoleBinding
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/clusterrolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRoleBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRoleBinding    		OK
    
+
    List
    
+
    list or watch objects of kind ClusterRoleBinding
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/clusterrolebindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ClusterRoleBindingList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/clusterrolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ClusterRoleBinding
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ClusterRoleBinding. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/clusterrolebindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    ComponentStatus v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ComponentStatus
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    conditions
    ComponentCondition array
    patch strategy: merge
    patch merge key: type    		List of component conditions observed
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    ComponentStatusList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ComponentStatus array    		List of ComponentStatus objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ComponentStatus
    
+
    HTTP Request
    
+GET /api/v1/componentstatuses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the ComponentStatus
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ComponentStatus    		OK
    
+
    List
    
+
    list objects of kind ComponentStatus
    
+
    HTTP Request
    
+GET /api/v1/componentstatuses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ComponentStatusList    		OK
    
+
    FlowSchema v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3FlowSchema
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    FlowSchemaSpec    		`spec` is the specification of the desired behavior of a FlowSchema. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    FlowSchemaStatus    		`status` is the current status of a FlowSchema. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    FlowSchemaSpec v1beta3 flowcontrol
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    distinguisherMethod
    FlowDistinguisherMethod    		`distinguisherMethod` defines how to compute the flow distinguisher for requests that match this schema. `nil` specifies that the distinguisher is disabled and thus will always be the empty string.
    matchingPrecedence
    integer    		`matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen FlowSchema is among those with the numerically lowest (which we take to be logically highest) MatchingPrecedence.  Each MatchingPrecedence value must be ranged in [1,10000]. Note that if the precedence is not specified, it will be set to 1000 as default.
    priorityLevelConfiguration
    PriorityLevelConfigurationReference    		`priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster. If the reference cannot be resolved, the FlowSchema will be ignored and marked as invalid in its status. Required.
    rules
    PolicyRulesWithSubjects array    		`rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if at least one member of rules matches the request. if it is an empty slice, there will be no requests matching the FlowSchema.
    
+
    FlowSchemaStatus v1beta3 flowcontrol
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    conditions
    FlowSchemaCondition array
    patch strategy: merge
    patch merge key: type    		`conditions` is a list of the current states of FlowSchema.
    
+
    FlowSchemaList v1beta3 flowcontrol
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    FlowSchema array    		`items` is a list of FlowSchemas.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		`metadata` is the standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a FlowSchema
    
+
    HTTP Request
    
+POST /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    FlowSchema
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    202
    FlowSchema    		Accepted
    
+
    Patch
    
+
    partially update the specified FlowSchema
    
+
    HTTP Request
    
+PATCH /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    
+
    Replace
    
+
    replace the specified FlowSchema
    
+
    HTTP Request
    
+PUT /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    FlowSchema
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    
+
    Delete
    
+
    delete a FlowSchema
    
+
    HTTP Request
    
+DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of FlowSchema
    
+
    HTTP Request
    
+DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified FlowSchema
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    
+
    List
    
+
    list or watch objects of kind FlowSchema
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchemaList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind FlowSchema. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/watch/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of FlowSchema. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/watch/flowschemas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified FlowSchema
    
+
    HTTP Request
    
+PATCH /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    
+
    Read Status
    
+
    read status of the specified FlowSchema
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    
+
    Replace Status
    
+
    replace status of the specified FlowSchema
    
+
    HTTP Request
    
+PUT /apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    FlowSchema
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    
+
    IPAddress v1alpha1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1alpha1IPAddress
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    IPAddressSpec    		spec is the desired state of the IPAddress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    IPAddressSpec v1alpha1 networking
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    parentRef
    ParentReference    		ParentRef references the resource that an IPAddress is attached to. An IPAddress must reference a parent object.
    
+
    IPAddressList v1alpha1 networking
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    IPAddress array    		items is the list of IPAddresses.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create an IPAddress
    
+
    HTTP Request
    
+POST /apis/networking.k8s.io/v1alpha1/ipaddresses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    IPAddress
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    IPAddress    		OK
    201
    IPAddress    		Created
    202
    IPAddress    		Accepted
    
+
    Patch
    
+
    partially update the specified IPAddress
    
+
    HTTP Request
    
+PATCH /apis/networking.k8s.io/v1alpha1/ipaddresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IPAddress
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    IPAddress    		OK
    201
    IPAddress    		Created
    
+
    Replace
    
+
    replace the specified IPAddress
    
+
    HTTP Request
    
+PUT /apis/networking.k8s.io/v1alpha1/ipaddresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IPAddress
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    IPAddress
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    IPAddress    		OK
    201
    IPAddress    		Created
    
+
    Delete
    
+
    delete an IPAddress
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1alpha1/ipaddresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IPAddress
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of IPAddress
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1alpha1/ipaddresses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified IPAddress
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1alpha1/ipaddresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IPAddress
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    IPAddress    		OK
    
+
    List
    
+
    list or watch objects of kind IPAddress
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1alpha1/ipaddresses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    IPAddressList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind IPAddress. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1alpha1/watch/ipaddresses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the IPAddress
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of IPAddress. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1alpha1/watch/ipaddresses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Lease v1 coordination.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    coordination.k8s.iov1Lease
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    LeaseSpec    		spec contains the specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    LeaseSpec v1 coordination
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    acquireTime
    MicroTime    		acquireTime is a time when the current lease was acquired.
    holderIdentity
    string    		holderIdentity contains the identity of the holder of a current lease.
    leaseDurationSeconds
    integer    		leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed renewTime.
    leaseTransitions
    integer    		leaseTransitions is the number of transitions of a lease between holders.
    renewTime
    MicroTime    		renewTime is a time when the current holder of a lease has last updated the lease.
    
+
    LeaseList v1 coordination
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Lease array    		items is a list of schema objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a Lease
    
+
    HTTP Request
    
+POST /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Lease
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Lease    		OK
    201
    Lease    		Created
    202
    Lease    		Accepted
    
+
    Patch
    
+
    partially update the specified Lease
    
+
    HTTP Request
    
+PATCH /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Lease
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Lease    		OK
    201
    Lease    		Created
    
+
    Replace
    
+
    replace the specified Lease
    
+
    HTTP Request
    
+PUT /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Lease
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Lease
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Lease    		OK
    201
    Lease    		Created
    
+
    Delete
    
+
    delete a Lease
    
+
    HTTP Request
    
+DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Lease
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Lease
    
+
    HTTP Request
    
+DELETE /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Lease
    
+
    HTTP Request
    
+GET /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Lease
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Lease    		OK
    
+
    List
    
+
    list or watch objects of kind Lease
    
+
    HTTP Request
    
+GET /apis/coordination.k8s.io/v1/namespaces/{namespace}/leases
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    LeaseList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Lease
    
+
    HTTP Request
    
+GET /apis/coordination.k8s.io/v1/leases
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    LeaseList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Lease. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/coordination.k8s.io/v1/watch/namespaces/{namespace}/leases/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Lease
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/coordination.k8s.io/v1/watch/namespaces/{namespace}/leases
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Lease. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/coordination.k8s.io/v1/watch/leases
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    LocalSubjectAccessReview v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1LocalSubjectAccessReview
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    SubjectAccessReviewSpec    		Spec holds information about the request being evaluated.  spec.namespace must be equal to the namespace you made the request against.  If empty, it is defaulted.
    status
    SubjectAccessReviewStatus    		Status is filled in by the server and indicates whether the request is allowed or not
    
+
    Write Operations
    
+
    Create
    
+
    create a LocalSubjectAccessReview
    
+
    HTTP Request
    
+POST /apis/authorization.k8s.io/v1/namespaces/{namespace}/localsubjectaccessreviews
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    LocalSubjectAccessReview
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    LocalSubjectAccessReview    		OK
    201
    LocalSubjectAccessReview    		Created
    202
    LocalSubjectAccessReview    		Accepted
    
+
    Namespace v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Namespace
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    NamespaceSpec    		Spec defines the behavior of the Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    NamespaceStatus    		Status describes the current status of a Namespace. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    NamespaceSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    finalizers
    string array    		Finalizers is an opaque list of values that must be empty to permanently remove object from storage. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
    
+
    NamespaceStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    conditions
    NamespaceCondition array
    patch strategy: merge
    patch merge key: type    		Represents the latest available observations of a namespace's current state.
    phase
    string    		Phase is the current lifecycle phase of the namespace. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
    
+
    NamespaceList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Namespace array    		Items is the list of Namespace objects in the list. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a Namespace
    
+
    HTTP Request
    
+POST /api/v1/namespaces
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Namespace
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Namespace    		OK
    201
    Namespace    		Created
    202
    Namespace    		Accepted
    
+
    Patch
    
+
    partially update the specified Namespace
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Namespace
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Namespace    		OK
    201
    Namespace    		Created
    
+
    Replace
    
+
    replace the specified Namespace
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Namespace
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Namespace
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Namespace    		OK
    201
    Namespace    		Created
    
+
    Delete
    
+
    delete a Namespace
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Namespace
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Namespace
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Namespace
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Namespace    		OK
    
+
    List
    
+
    list or watch objects of kind Namespace
    
+
    HTTP Request
    
+GET /api/v1/namespaces
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    NamespaceList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Namespace. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Namespace
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Namespace. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified Namespace
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Namespace
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Namespace    		OK
    201
    Namespace    		Created
    
+
    Read Status
    
+
    read status of the specified Namespace
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Namespace
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Namespace    		OK
    
+
    Replace Status
    
+
    replace status of the specified Namespace
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Namespace
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Namespace
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Namespace    		OK
    201
    Namespace    		Created
    
+
    Node v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Node
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    NodeSpec    		Spec defines the behavior of a node. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    NodeStatus    		Most recently observed status of the node. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    NodeSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    configSource
    NodeConfigSource    		Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.
    externalID
    string    		Deprecated. Not all kubelets will set this field. Remove field after 1.13. see: https://issues.k8s.io/61966
    podCIDR
    string    		PodCIDR represents the pod IP range assigned to the node.
    podCIDRs
    string array
    patch strategy: merge    		podCIDRs represents the IP ranges assigned to the node for usage by Pods on that node. If this field is specified, the 0th entry must match the podCIDR field. It may contain at most 1 value for each of IPv4 and IPv6.
    providerID
    string    		ID of the node assigned by the cloud provider in the format: <ProviderName>://<ProviderSpecificNodeID>
    taints
    Taint array    		If specified, the node's taints.
    unschedulable
    boolean    		Unschedulable controls node schedulability of new pods. By default, node is schedulable. More info: https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration
    
+
    NodeStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    addresses
    NodeAddress array
    patch strategy: merge
    patch merge key: type    		List of addresses reachable to the node. Queried from cloud provider, if available. More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This field is declared as mergeable, but the merge key is not sufficiently unique, which can cause data corruption when it is merged. Callers should instead use a full-replacement patch. See https://pr.k8s.io/79391 for an example. Consumers should assume that addresses can change during the lifetime of a Node. However, there are some exceptions where this may not be possible, such as Pods that inherit a Node's address in its own status or consumers of the downward API (status.hostIP).
    allocatable
    object    		Allocatable represents the resources of a node that are available for scheduling. Defaults to Capacity.
    capacity
    object    		Capacity represents the total resources of a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity
    conditions
    NodeCondition array
    patch strategy: merge
    patch merge key: type    		Conditions is an array of current observed node conditions. More info: https://kubernetes.io/docs/concepts/nodes/node/#condition
    config
    NodeConfigStatus    		Status of the config assigned to the node via the dynamic Kubelet config feature.
    daemonEndpoints
    NodeDaemonEndpoints    		Endpoints of daemons running on the Node.
    images
    ContainerImage array    		List of container images on this node
    nodeInfo
    NodeSystemInfo    		Set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info
    phase
    string    		NodePhase is the recently observed lifecycle phase of the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#phase The field is never populated, and now is deprecated.
    volumesAttached
    AttachedVolume array    		List of volumes that are attached to the node.
    volumesInUse
    string array    		List of attachable volumes in use (mounted) by the node.
    
+
    NodeList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Node array    		List of nodes
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a Node
    
+
    HTTP Request
    
+POST /api/v1/nodes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Node
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Node    		OK
    201
    Node    		Created
    202
    Node    		Accepted
    
+
    Patch
    
+
    partially update the specified Node
    
+
    HTTP Request
    
+PATCH /api/v1/nodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Node
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Node    		OK
    201
    Node    		Created
    
+
    Replace
    
+
    replace the specified Node
    
+
    HTTP Request
    
+PUT /api/v1/nodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Node
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Node
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Node    		OK
    201
    Node    		Created
    
+
    Delete
    
+
    delete a Node
    
+
    HTTP Request
    
+DELETE /api/v1/nodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Node
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Node
    
+
    HTTP Request
    
+DELETE /api/v1/nodes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Node
    
+
    HTTP Request
    
+GET /api/v1/nodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Node
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Node    		OK
    
+
    List
    
+
    list or watch objects of kind Node
    
+
    HTTP Request
    
+GET /api/v1/nodes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    NodeList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Node. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/nodes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Node
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Node. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/nodes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified Node
    
+
    HTTP Request
    
+PATCH /api/v1/nodes/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Node
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Node    		OK
    201
    Node    		Created
    
+
    Read Status
    
+
    read status of the specified Node
    
+
    HTTP Request
    
+GET /api/v1/nodes/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Node
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Node    		OK
    
+
    Replace Status
    
+
    replace status of the specified Node
    
+
    HTTP Request
    
+PUT /api/v1/nodes/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the Node
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Node
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Node    		OK
    201
    Node    		Created
    
+
    Proxy Operations
    
+
    Create Connect Proxy
    
+
    connect POST requests to proxy of Node
    
+
    HTTP Request
    
+POST /api/v1/nodes/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Create Connect Proxy Path
    
+
    connect POST requests to proxy of Node
    
+
    HTTP Request
    
+POST /api/v1/nodes/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Delete Connect Proxy
    
+
    connect DELETE requests to proxy of Node
    
+
    HTTP Request
    
+DELETE /api/v1/nodes/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Delete Connect Proxy Path
    
+
    connect DELETE requests to proxy of Node
    
+
    HTTP Request
    
+DELETE /api/v1/nodes/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Get Connect Proxy
    
+
    connect GET requests to proxy of Node
    
+
    HTTP Request
    
+GET /api/v1/nodes/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Get Connect Proxy Path
    
+
    connect GET requests to proxy of Node
    
+
    HTTP Request
    
+GET /api/v1/nodes/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Head Connect Proxy
    
+
    connect HEAD requests to proxy of Node
    
+
    HTTP Request
    
+HEAD /api/v1/nodes/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Head Connect Proxy Path
    
+
    connect HEAD requests to proxy of Node
    
+
    HTTP Request
    
+HEAD /api/v1/nodes/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Replace Connect Proxy
    
+
    connect PUT requests to proxy of Node
    
+
    HTTP Request
    
+PUT /api/v1/nodes/{name}/proxy
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    Replace Connect Proxy Path
    
+
    connect PUT requests to proxy of Node
    
+
    HTTP Request
    
+PUT /api/v1/nodes/{name}/proxy/{path}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NodeProxyOptions
    pathpath to the resource
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    pathPath is the URL path to use for the current proxy request to node.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    string    		OK
    
+
    PersistentVolume v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PersistentVolume
    
+
     These are assigned to Pods using PersistentVolumeClaims.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    PersistentVolumeSpec    		spec defines a specification of a persistent volume owned by the cluster. Provisioned by an administrator. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes
    status
    PersistentVolumeStatus    		status represents the current information/status for the persistent volume. Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes
    
+
    PersistentVolumeSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    accessModes
    string array    		accessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
    awsElasticBlockStore
    AWSElasticBlockStoreVolumeSource    		awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
    azureDisk
    AzureDiskVolumeSource    		azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
    azureFile
    AzureFilePersistentVolumeSource    		azureFile represents an Azure File Service mount on the host and bind mount to the pod.
    capacity
    object    		capacity is the description of the persistent volume's resources and capacity. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity
    cephfs
    CephFSPersistentVolumeSource    		cephFS represents a Ceph FS mount on the host that shares a pod's lifetime
    cinder
    CinderPersistentVolumeSource    		cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
    claimRef
    ObjectReference    		claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
    csi
    CSIPersistentVolumeSource    		csi represents storage that is handled by an external CSI driver (Beta feature).
    fc
    FCVolumeSource    		fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
    flexVolume
    FlexPersistentVolumeSource    		flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.
    flocker
    FlockerVolumeSource    		flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running
    gcePersistentDisk
    GCEPersistentDiskVolumeSource    		gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
    glusterfs
    GlusterfsPersistentVolumeSource    		glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md
    hostPath
    HostPathVolumeSource    		hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
    iscsi
    ISCSIPersistentVolumeSource    		iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.
    local
    LocalVolumeSource    		local represents directly-attached storage with node affinity
    mountOptions
    string array    		mountOptions is the list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
    nfs
    NFSVolumeSource    		nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
    nodeAffinity
    VolumeNodeAffinity    		nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.
    persistentVolumeReclaimPolicy
    string    		persistentVolumeReclaimPolicy defines what happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
    photonPersistentDisk
    PhotonPersistentDiskVolumeSource    		photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
    portworxVolume
    PortworxVolumeSource    		portworxVolume represents a portworx volume attached and mounted on kubelets host machine
    quobyte
    QuobyteVolumeSource    		quobyte represents a Quobyte mount on the host that shares a pod's lifetime
    rbd
    RBDPersistentVolumeSource    		rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md
    scaleIO
    ScaleIOPersistentVolumeSource    		scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
    storageClassName
    string    		storageClassName is the name of StorageClass to which this persistent volume belongs. Empty value means that this volume does not belong to any StorageClass.
    storageos
    StorageOSPersistentVolumeSource    		storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md
    volumeMode
    string    		volumeMode defines if a volume is intended to be used with a formatted filesystem or to remain in raw block state. Value of Filesystem is implied when not included in spec.
    vsphereVolume
    VsphereVirtualDiskVolumeSource    		vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
    
+
    PersistentVolumeStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    message
    string    		message is a human-readable message indicating details about why the volume is in this state.
    phase
    string    		phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase
    reason
    string    		reason is a brief CamelCase string that describes any failure and is meant for machine parsing and tidy display in the CLI.
    
+
    PersistentVolumeList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    PersistentVolume array    		items is a list of persistent volumes. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a PersistentVolume
    
+
    HTTP Request
    
+POST /api/v1/persistentvolumes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PersistentVolume
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolume    		OK
    201
    PersistentVolume    		Created
    202
    PersistentVolume    		Accepted
    
+
    Patch
    
+
    partially update the specified PersistentVolume
    
+
    HTTP Request
    
+PATCH /api/v1/persistentvolumes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolume
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolume    		OK
    201
    PersistentVolume    		Created
    
+
    Replace
    
+
    replace the specified PersistentVolume
    
+
    HTTP Request
    
+PUT /api/v1/persistentvolumes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolume
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PersistentVolume
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolume    		OK
    201
    PersistentVolume    		Created
    
+
    Delete
    
+
    delete a PersistentVolume
    
+
    HTTP Request
    
+DELETE /api/v1/persistentvolumes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolume
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolume    		OK
    202
    PersistentVolume    		Accepted
    
+
    Delete Collection
    
+
    delete collection of PersistentVolume
    
+
    HTTP Request
    
+DELETE /api/v1/persistentvolumes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified PersistentVolume
    
+
    HTTP Request
    
+GET /api/v1/persistentvolumes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolume
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolume    		OK
    
+
    List
    
+
    list or watch objects of kind PersistentVolume
    
+
    HTTP Request
    
+GET /api/v1/persistentvolumes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolumeList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind PersistentVolume. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/persistentvolumes/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolume
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of PersistentVolume. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/persistentvolumes
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified PersistentVolume
    
+
    HTTP Request
    
+PATCH /api/v1/persistentvolumes/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolume
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolume    		OK
    201
    PersistentVolume    		Created
    
+
    Read Status
    
+
    read status of the specified PersistentVolume
    
+
    HTTP Request
    
+GET /api/v1/persistentvolumes/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolume
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolume    		OK
    
+
    Replace Status
    
+
    replace status of the specified PersistentVolume
    
+
    HTTP Request
    
+PUT /api/v1/persistentvolumes/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PersistentVolume
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PersistentVolume
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PersistentVolume    		OK
    201
    PersistentVolume    		Created
    
+
    PriorityLevelConfiguration v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3PriorityLevelConfiguration
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    PriorityLevelConfigurationSpec    		`spec` is the specification of the desired behavior of a "request-priority". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    PriorityLevelConfigurationStatus    		`status` is the current status of a "request-priority". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    PriorityLevelConfigurationSpec v1beta3 flowcontrol
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    limited
    LimitedPriorityLevelConfiguration    		`limited` specifies how requests are handled for a Limited priority level. This field must be non-empty if and only if `type` is `"Limited"`.
    type
    string    		`type` indicates whether this priority level is subject to limitation on request execution.  A value of `"Exempt"` means that requests of this priority level are not subject to a limit (and thus are never queued) and do not detract from the capacity made available to other priority levels.  A value of `"Limited"` means that (a) requests of this priority level _are_ subject to limits and (b) some of the server's limited capacity is made available exclusively to this priority level. Required.
    
+
    PriorityLevelConfigurationStatus v1beta3 flowcontrol
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    conditions
    PriorityLevelConfigurationCondition array
    patch strategy: merge
    patch merge key: type    		`conditions` is the current state of "request-priority".
    
+
    PriorityLevelConfigurationList v1beta3 flowcontrol
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    PriorityLevelConfiguration array    		`items` is a list of request-priorities.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a PriorityLevelConfiguration
    
+
    HTTP Request
    
+POST /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PriorityLevelConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    202
    PriorityLevelConfiguration    		Accepted
    
+
    Patch
    
+
    partially update the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+PATCH /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    
+
    Replace
    
+
    replace the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+PUT /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PriorityLevelConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    
+
    Delete
    
+
    delete a PriorityLevelConfiguration
    
+
    HTTP Request
    
+DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of PriorityLevelConfiguration
    
+
    HTTP Request
    
+DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    
+
    List
    
+
    list or watch objects of kind PriorityLevelConfiguration
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfigurationList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind PriorityLevelConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/watch/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of PriorityLevelConfiguration. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/watch/prioritylevelconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+PATCH /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    
+
    Read Status
    
+
    read status of the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    
+
    Replace Status
    
+
    replace status of the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+PUT /apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PriorityLevelConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    
+
    ResourceQuota v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ResourceQuota
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    ResourceQuotaSpec    		Spec defines the desired quota. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    ResourceQuotaStatus    		Status defines the actual enforced quota and its current usage. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    ResourceQuotaSpec v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    hard
    object    		hard is the set of desired hard limits for each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/
    scopeSelector
    ScopeSelector    		scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota but expressed using ScopeSelectorOperator in combination with possible values. For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.
    scopes
    string array    		A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all objects.
    
+
    ResourceQuotaStatus v1 core
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    hard
    object    		Hard is the set of enforced hard limits for each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/
    used
    object    		Used is the current observed total usage of the resource in the namespace.
    
+
    ResourceQuotaList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ResourceQuota array    		Items is a list of ResourceQuota objects. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a ResourceQuota
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/resourcequotas
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceQuota
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuota    		OK
    201
    ResourceQuota    		Created
    202
    ResourceQuota    		Accepted
    
+
    Patch
    
+
    partially update the specified ResourceQuota
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/resourcequotas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceQuota
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuota    		OK
    201
    ResourceQuota    		Created
    
+
    Replace
    
+
    replace the specified ResourceQuota
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/resourcequotas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceQuota
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceQuota
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuota    		OK
    201
    ResourceQuota    		Created
    
+
    Delete
    
+
    delete a ResourceQuota
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/resourcequotas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceQuota
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuota    		OK
    202
    ResourceQuota    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ResourceQuota
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/resourcequotas
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ResourceQuota
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/resourcequotas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceQuota
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuota    		OK
    
+
    List
    
+
    list or watch objects of kind ResourceQuota
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/resourcequotas
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuotaList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ResourceQuota
    
+
    HTTP Request
    
+GET /api/v1/resourcequotas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuotaList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/resourcequotas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceQuota
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/resourcequotas
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/resourcequotas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified ResourceQuota
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/resourcequotas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceQuota
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuota    		OK
    201
    ResourceQuota    		Created
    
+
    Read Status
    
+
    read status of the specified ResourceQuota
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/resourcequotas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceQuota
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuota    		OK
    
+
    Replace Status
    
+
    replace status of the specified ResourceQuota
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/resourcequotas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceQuota
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceQuota
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceQuota    		OK
    201
    ResourceQuota    		Created
    
+
    Role v1 rbac.authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    rbac.authorization.k8s.iov1Role
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata.
    rules
    PolicyRule array    		Rules holds all the PolicyRules for this Role
    
+
    RoleList v1 rbac
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Role array    		Items is a list of Roles
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create a Role
    
+
    HTTP Request
    
+POST /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Role
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Role    		OK
    201
    Role    		Created
    202
    Role    		Accepted
    
+
    Patch
    
+
    partially update the specified Role
    
+
    HTTP Request
    
+PATCH /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Role
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Role    		OK
    201
    Role    		Created
    
+
    Replace
    
+
    replace the specified Role
    
+
    HTTP Request
    
+PUT /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Role
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Role
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Role    		OK
    201
    Role    		Created
    
+
    Delete
    
+
    delete a Role
    
+
    HTTP Request
    
+DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Role
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Role
    
+
    HTTP Request
    
+DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Role
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Role
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Role    		OK
    
+
    List
    
+
    list or watch objects of kind Role
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/roles
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    RoleList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Role
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/roles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    RoleList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Role. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/roles/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Role
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/roles
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Role. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/roles
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    RoleBinding v1 rbac.authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    rbac.authorization.k8s.iov1RoleBinding
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata.
    roleRef
    RoleRef    		RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.
    subjects
    Subject array    		Subjects holds references to the objects the role applies to.
    
+
    RoleBindingList v1 rbac
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    RoleBinding array    		Items is a list of RoleBindings
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard object's metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create a RoleBinding
    
+
    HTTP Request
    
+POST /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    RoleBinding
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    RoleBinding    		OK
    201
    RoleBinding    		Created
    202
    RoleBinding    		Accepted
    
+
    Patch
    
+
    partially update the specified RoleBinding
    
+
    HTTP Request
    
+PATCH /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the RoleBinding
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    RoleBinding    		OK
    201
    RoleBinding    		Created
    
+
    Replace
    
+
    replace the specified RoleBinding
    
+
    HTTP Request
    
+PUT /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the RoleBinding
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    RoleBinding
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    RoleBinding    		OK
    201
    RoleBinding    		Created
    
+
    Delete
    
+
    delete a RoleBinding
    
+
    HTTP Request
    
+DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the RoleBinding
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of RoleBinding
    
+
    HTTP Request
    
+DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified RoleBinding
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the RoleBinding
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    RoleBinding    		OK
    
+
    List
    
+
    list or watch objects of kind RoleBinding
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    RoleBindingList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind RoleBinding
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/rolebindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    RoleBindingList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind RoleBinding. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/rolebindings/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the RoleBinding
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/namespaces/{namespace}/rolebindings
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of RoleBinding. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/rbac.authorization.k8s.io/v1/watch/rolebindings
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    RuntimeClass v1 node.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    node.k8s.iov1RuntimeClass
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    handler
    string    		handler specifies the underlying runtime and configuration that the CRI implementation will use to handle pods of this class. The possible values are specific to the node & CRI configuration.  It is assumed that all handlers are available on every node, and handlers of the same name are equivalent on every node. For example, a handler called "runc" might specify that the runc OCI runtime (using native Linux containers) will be used to run the containers in a pod. The Handler must be lowercase, conform to the DNS Label (RFC 1123) requirements, and is immutable.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    overhead
    Overhead    		overhead represents the resource overhead associated with running a pod for a given RuntimeClass. For more details, see  https://kubernetes.io/docs/concepts/scheduling-eviction/pod-overhead/
    scheduling
    Scheduling    		scheduling holds the scheduling constraints to ensure that pods running with this RuntimeClass are scheduled to nodes that support it. If scheduling is nil, this RuntimeClass is assumed to be supported by all nodes.
    
+
    RuntimeClassList v1 node
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    RuntimeClass array    		items is a list of schema objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a RuntimeClass
    
+
    HTTP Request
    
+POST /apis/node.k8s.io/v1/runtimeclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    RuntimeClass
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    RuntimeClass    		OK
    201
    RuntimeClass    		Created
    202
    RuntimeClass    		Accepted
    
+
    Patch
    
+
    partially update the specified RuntimeClass
    
+
    HTTP Request
    
+PATCH /apis/node.k8s.io/v1/runtimeclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the RuntimeClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    RuntimeClass    		OK
    201
    RuntimeClass    		Created
    
+
    Replace
    
+
    replace the specified RuntimeClass
    
+
    HTTP Request
    
+PUT /apis/node.k8s.io/v1/runtimeclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the RuntimeClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    RuntimeClass
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    RuntimeClass    		OK
    201
    RuntimeClass    		Created
    
+
    Delete
    
+
    delete a RuntimeClass
    
+
    HTTP Request
    
+DELETE /apis/node.k8s.io/v1/runtimeclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the RuntimeClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of RuntimeClass
    
+
    HTTP Request
    
+DELETE /apis/node.k8s.io/v1/runtimeclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified RuntimeClass
    
+
    HTTP Request
    
+GET /apis/node.k8s.io/v1/runtimeclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the RuntimeClass
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    RuntimeClass    		OK
    
+
    List
    
+
    list or watch objects of kind RuntimeClass
    
+
    HTTP Request
    
+GET /apis/node.k8s.io/v1/runtimeclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    RuntimeClassList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind RuntimeClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/node.k8s.io/v1/watch/runtimeclasses/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the RuntimeClass
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of RuntimeClass. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/node.k8s.io/v1/watch/runtimeclasses
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    SelfSubjectAccessReview v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1SelfSubjectAccessReview
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    SelfSubjectAccessReviewSpec    		Spec holds information about the request being evaluated.  user and groups must be empty
    status
    SubjectAccessReviewStatus    		Status is filled in by the server and indicates whether the request is allowed or not
    
+
    SelfSubjectAccessReviewSpec v1 authorization
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    nonResourceAttributes
    NonResourceAttributes    		NonResourceAttributes describes information for a non-resource access request
    resourceAttributes
    ResourceAttributes    		ResourceAuthorizationAttributes describes information for a resource access request
    
+
    Write Operations
    
+
    Create
    
+
    create a SelfSubjectAccessReview
    
+
    HTTP Request
    
+POST /apis/authorization.k8s.io/v1/selfsubjectaccessreviews
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    SelfSubjectAccessReview
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    SelfSubjectAccessReview    		OK
    201
    SelfSubjectAccessReview    		Created
    202
    SelfSubjectAccessReview    		Accepted
    
+
    SelfSubjectReview v1beta1 authentication.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authentication.k8s.iov1beta1SelfSubjectReview
    
+
     Other API versions of this object exist:
+v1alpha1
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    status
    SelfSubjectReviewStatus    		Status is filled in by the server with the user attributes.
    
+
    SelfSubjectReviewStatus v1beta1 authentication
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    userInfo
    UserInfo    		User attributes of the user making this request.
    
+
    Write Operations
    
+
    Create
    
+
    create a SelfSubjectReview
    
+
    HTTP Request
    
+POST /apis/authentication.k8s.io/v1beta1/selfsubjectreviews
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    SelfSubjectReview
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    SelfSubjectReview    		OK
    201
    SelfSubjectReview    		Created
    202
    SelfSubjectReview    		Accepted
    
+
    SelfSubjectRulesReview v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1SelfSubjectRulesReview
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    SelfSubjectRulesReviewSpec    		Spec holds information about the request being evaluated.
    status
    SubjectRulesReviewStatus    		Status is filled in by the server and indicates the set of actions a user can perform.
    
+
    SelfSubjectRulesReviewSpec v1 authorization
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    namespace
    string    		Namespace to evaluate rules for. Required.
    
+
    Write Operations
    
+
    Create
    
+
    create a SelfSubjectRulesReview
    
+
    HTTP Request
    
+POST /apis/authorization.k8s.io/v1/selfsubjectrulesreviews
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    SelfSubjectRulesReview
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    SelfSubjectRulesReview    		OK
    201
    SelfSubjectRulesReview    		Created
    202
    SelfSubjectRulesReview    		Accepted
    
+
    ServiceAccount v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ServiceAccount
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    automountServiceAccountToken
    boolean    		AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. Can be overridden at the pod level.
    imagePullSecrets
    LocalObjectReference array    		ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    secrets
    ObjectReference array
    patch strategy: merge
    patch merge key: name    		Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a "kubernetes.io/enforce-mountable-secrets" annotation set to "true". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret
    
+
    ServiceAccountList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ServiceAccount array    		List of ServiceAccounts. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create a ServiceAccount
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/serviceaccounts
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ServiceAccount
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ServiceAccount    		OK
    201
    ServiceAccount    		Created
    202
    ServiceAccount    		Accepted
    
+
    Patch
    
+
    partially update the specified ServiceAccount
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/serviceaccounts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceAccount
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ServiceAccount    		OK
    201
    ServiceAccount    		Created
    
+
    Replace
    
+
    replace the specified ServiceAccount
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/serviceaccounts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceAccount
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ServiceAccount
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ServiceAccount    		OK
    201
    ServiceAccount    		Created
    
+
    Delete
    
+
    delete a ServiceAccount
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/serviceaccounts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceAccount
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ServiceAccount    		OK
    202
    ServiceAccount    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ServiceAccount
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/serviceaccounts
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ServiceAccount
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/serviceaccounts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceAccount
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ServiceAccount    		OK
    
+
    List
    
+
    list or watch objects of kind ServiceAccount
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/serviceaccounts
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ServiceAccountList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ServiceAccount
    
+
    HTTP Request
    
+GET /api/v1/serviceaccounts
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ServiceAccountList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/serviceaccounts/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ServiceAccount
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/serviceaccounts
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ServiceAccount. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/serviceaccounts
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    StorageVersion v1alpha1 internal.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    internal.apiserver.k8s.iov1alpha1StorageVersion
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		The name is <group>.<resource>.
    spec
    StorageVersionSpec    		Spec is an empty spec. It is here to comply with Kubernetes API style.
    status
    StorageVersionStatus    		API server instances report the version they can decode and the version they encode objects to when persisting objects in the backend.
    
+
    StorageVersionSpec v1alpha1 apiserverinternal
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    StorageVersionStatus v1alpha1 apiserverinternal
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    commonEncodingVersion
    string    		If all API server instances agree on the same encoding storage version, then this field is set to that version. Otherwise this field is left empty. API servers should finish updating its storageVersionStatus entry before serving write operations, so that this field will be in sync with the reality.
    conditions
    StorageVersionCondition array    		The latest available observations of the storageVersion's state.
    storageVersions
    ServerStorageVersion array    		The reported versions per API server instance.
    
+
    StorageVersionList v1alpha1 apiserverinternal
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    StorageVersion array    		Items holds a list of StorageVersion
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a StorageVersion
    
+
    HTTP Request
    
+POST /apis/internal.apiserver.k8s.io/v1alpha1/storageversions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    StorageVersion
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageVersion    		OK
    201
    StorageVersion    		Created
    202
    StorageVersion    		Accepted
    
+
    Patch
    
+
    partially update the specified StorageVersion
    
+
    HTTP Request
    
+PATCH /apis/internal.apiserver.k8s.io/v1alpha1/storageversions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageVersion
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageVersion    		OK
    201
    StorageVersion    		Created
    
+
    Replace
    
+
    replace the specified StorageVersion
    
+
    HTTP Request
    
+PUT /apis/internal.apiserver.k8s.io/v1alpha1/storageversions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageVersion
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    StorageVersion
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageVersion    		OK
    201
    StorageVersion    		Created
    
+
    Delete
    
+
    delete a StorageVersion
    
+
    HTTP Request
    
+DELETE /apis/internal.apiserver.k8s.io/v1alpha1/storageversions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageVersion
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of StorageVersion
    
+
    HTTP Request
    
+DELETE /apis/internal.apiserver.k8s.io/v1alpha1/storageversions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified StorageVersion
    
+
    HTTP Request
    
+GET /apis/internal.apiserver.k8s.io/v1alpha1/storageversions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageVersion
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StorageVersion    		OK
    
+
    List
    
+
    list or watch objects of kind StorageVersion
    
+
    HTTP Request
    
+GET /apis/internal.apiserver.k8s.io/v1alpha1/storageversions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StorageVersionList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind StorageVersion. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/internal.apiserver.k8s.io/v1alpha1/watch/storageversions/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageVersion
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of StorageVersion. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/internal.apiserver.k8s.io/v1alpha1/watch/storageversions
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified StorageVersion
    
+
    HTTP Request
    
+PATCH /apis/internal.apiserver.k8s.io/v1alpha1/storageversions/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageVersion
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageVersion    		OK
    201
    StorageVersion    		Created
    
+
    Read Status
    
+
    read status of the specified StorageVersion
    
+
    HTTP Request
    
+GET /apis/internal.apiserver.k8s.io/v1alpha1/storageversions/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageVersion
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    StorageVersion    		OK
    
+
    Replace Status
    
+
    replace status of the specified StorageVersion
    
+
    HTTP Request
    
+PUT /apis/internal.apiserver.k8s.io/v1alpha1/storageversions/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the StorageVersion
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    StorageVersion
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    StorageVersion    		OK
    201
    StorageVersion    		Created
    
+
    SubjectAccessReview v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1SubjectAccessReview
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    SubjectAccessReviewSpec    		Spec holds information about the request being evaluated
    status
    SubjectAccessReviewStatus    		Status is filled in by the server and indicates whether the request is allowed or not
    
+
    SubjectAccessReviewSpec v1 authorization
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    extra
    object    		Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer it needs a reflection here.
    groups
    string array    		Groups is the groups you're testing for.
    nonResourceAttributes
    NonResourceAttributes    		NonResourceAttributes describes information for a non-resource access request
    resourceAttributes
    ResourceAttributes    		ResourceAuthorizationAttributes describes information for a resource access request
    uid
    string    		UID information about the requesting user.
    user
    string    		User is the user you're testing for. If you specify "User" but not "Groups", then is it interpreted as "What if User were not a member of any groups
    
+
    SubjectAccessReviewStatus v1 authorization
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    allowed
    boolean    		Allowed is required. True if the action would be allowed, false otherwise.
    denied
    boolean    		Denied is optional. True if the action would be denied, otherwise false. If both allowed is false and denied is false, then the authorizer has no opinion on whether to authorize the action. Denied may not be true if Allowed is true.
    evaluationError
    string    		EvaluationError is an indication that some error occurred during the authorization check. It is entirely possible to get an error and be able to continue determine authorization status in spite of it. For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
    reason
    string    		Reason is optional.  It indicates why a request was allowed or denied.
    
+
    Write Operations
    
+
    Create
    
+
    create a SubjectAccessReview
    
+
    HTTP Request
    
+POST /apis/authorization.k8s.io/v1/subjectaccessreviews
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    SubjectAccessReview
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    SubjectAccessReview    		OK
    201
    SubjectAccessReview    		Created
    202
    SubjectAccessReview    		Accepted
    
+
    TokenRequest v1 authentication.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authentication.k8s.iov1TokenRequest
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    TokenRequestSpec    		Spec holds information about the request being evaluated
    status
    TokenRequestStatus    		Status is filled in by the server and indicates whether the token can be authenticated.
    
+
    TokenRequestSpec v1 authentication
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    audiences
    string array    		Audiences are the intendend audiences of the token. A recipient of a token must identify themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to authenticate against any of the audiences listed but implies a high degree of trust between the target audiences.
    boundObjectRef
    BoundObjectReference    		BoundObjectRef is a reference to an object that the token will be bound to. The token will only be valid for as long as the bound object exists. NOTE: The API server's TokenReview endpoint will validate the BoundObjectRef, but other audiences may not. Keep ExpirationSeconds small if you want prompt revocation.
    expirationSeconds
    integer    		ExpirationSeconds is the requested duration of validity of the request. The token issuer may return a token with a different validity duration so a client needs to check the 'expiration' field in a response.
    
+
    TokenRequestStatus v1 authentication
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    expirationTimestamp
    Time    		ExpirationTimestamp is the time of expiration of the returned token.
    token
    string    		Token is the opaque bearer token.
    
+
    TokenReview v1 authentication.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authentication.k8s.iov1TokenReview
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    TokenReviewSpec    		Spec holds information about the request being evaluated
    status
    TokenReviewStatus    		Status is filled in by the server and indicates whether the request can be authenticated.
    
+
    TokenReviewSpec v1 authentication
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    audiences
    string array    		Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.
    token
    string    		Token is the opaque bearer token.
    
+
    TokenReviewStatus v1 authentication
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    audiences
    string array    		Audiences are audience identifiers chosen by the authenticator that are compatible with both the TokenReview and token. An identifier is any identifier in the intersection of the TokenReviewSpec audiences and the token's audiences. A client of the TokenReview API that sets the spec.audiences field should validate that a compatible audience identifier is returned in the status.audiences field to ensure that the TokenReview server is audience aware. If a TokenReview returns an empty status.audience field where status.authenticated is "true", the token is valid against the audience of the Kubernetes API server.
    authenticated
    boolean    		Authenticated indicates that the token was associated with a known user.
    error
    string    		Error indicates that the token couldn't be checked
    user
    UserInfo    		User is the UserInfo associated with the provided token.
    
+
    Write Operations
    
+
    Create
    
+
    create a TokenReview
    
+
    HTTP Request
    
+POST /apis/authentication.k8s.io/v1/tokenreviews
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    TokenReview
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    TokenReview    		OK
    201
    TokenReview    		Created
    202
    TokenReview    		Accepted
    
+
    NetworkPolicy v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1NetworkPolicy
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    NetworkPolicySpec    		spec represents the specification of the desired behavior for this NetworkPolicy.
    status
    NetworkPolicyStatus    		status represents the current state of the NetworkPolicy. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    NetworkPolicySpec v1 networking
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    egress
    NetworkPolicyEgressRule array    		egress is a list of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8
    ingress
    NetworkPolicyIngressRule array    		ingress is a list of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod's local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)
    podSelector
    LabelSelector    		podSelector selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.
    policyTypes
    string array    		policyTypes is a list of rule types that the NetworkPolicy relates to. Valid options are ["Ingress"], ["Egress"], or ["Ingress", "Egress"]. If this field is not specified, it will default based on the existence of ingress or egress rules; policies that contain an egress section are assumed to affect egress, and all policies (whether or not they contain an ingress section) are assumed to affect ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include "Egress" (since such a policy would not include an egress section and would otherwise default to just [ "Ingress" ]). This field is beta-level in 1.8
    
+
    NetworkPolicyStatus v1 networking
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    conditions
    Condition array
    patch strategy: merge
    patch merge key: type    		conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. Current service state
    
+
    NetworkPolicyList v1 networking
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    NetworkPolicy array    		items is a list of schema objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a NetworkPolicy
    
+
    HTTP Request
    
+POST /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    NetworkPolicy
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicy    		OK
    201
    NetworkPolicy    		Created
    202
    NetworkPolicy    		Accepted
    
+
    Patch
    
+
    partially update the specified NetworkPolicy
    
+
    HTTP Request
    
+PATCH /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NetworkPolicy
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicy    		OK
    201
    NetworkPolicy    		Created
    
+
    Replace
    
+
    replace the specified NetworkPolicy
    
+
    HTTP Request
    
+PUT /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NetworkPolicy
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    NetworkPolicy
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicy    		OK
    201
    NetworkPolicy    		Created
    
+
    Delete
    
+
    delete a NetworkPolicy
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NetworkPolicy
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of NetworkPolicy
    
+
    HTTP Request
    
+DELETE /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified NetworkPolicy
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NetworkPolicy
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicy    		OK
    
+
    List
    
+
    list or watch objects of kind NetworkPolicy
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicyList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind NetworkPolicy
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/networkpolicies
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicyList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NetworkPolicy
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/watch/networkpolicies
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified NetworkPolicy
    
+
    HTTP Request
    
+PATCH /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NetworkPolicy
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicy    		OK
    201
    NetworkPolicy    		Created
    
+
    Read Status
    
+
    read status of the specified NetworkPolicy
    
+
    HTTP Request
    
+GET /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NetworkPolicy
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicy    		OK
    
+
    Replace Status
    
+
    replace status of the specified NetworkPolicy
    
+
    HTTP Request
    
+PUT /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the NetworkPolicy
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    NetworkPolicy
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    NetworkPolicy    		OK
    201
    NetworkPolicy    		Created
    
+
    DEFINITIONS
    
+
+
    This section contains definitions for objects used in the Kubernetes APIs.
    
+
    APIGroup v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1APIGroup
    
+
    APIGroup contains the name, the supported versions, and the preferred version of a group.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    name
    string    		name is the name of the group.
    preferredVersion
    GroupVersionForDiscovery    		preferredVersion is the version preferred by the API server, which probably is the storage version.
    serverAddressByClientCIDRs
    ServerAddressByClientCIDR array    		a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
    versions
    GroupVersionForDiscovery array    		versions are the versions supported in this group.
    
+
    APIResource v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1APIResource
    
+
    APIResource specifies the name of a resource and whether it is namespaced.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    categories
    string array    		categories is a list of the grouped resources this resource belongs to (e.g. 'all')
    group
    string    		group is the preferred group of the resource.  Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale".
    kind
    string    		kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')
    name
    string    		name is the plural name of the resource.
    namespaced
    boolean    		namespaced indicates if a resource is namespaced or not.
    shortNames
    string array    		shortNames is a list of suggested short names of the resource.
    singularName
    string    		singularName is the singular name of the resource.  This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.
    storageVersionHash
    string    		The hash value of the storage version, the version this resource is converted to when written to the data store. Value must be treated as opaque by clients. Only equality comparison on the value is valid. This is an alpha feature and may change or be removed in the future. The field is populated by the apiserver only if the StorageVersionHash feature gate is enabled. This field will remain optional even if it graduates.
    verbs
    string array    		verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)
    version
    string    		version is the preferred version of the resource.  Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)".
    
+
    APIServiceCondition v1 apiregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiregistration.k8s.iov1APIServiceCondition
    
+
    APIServiceCondition describes the state of an APIService at a particular point
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		Last time the condition transitioned from one status to another.
    message
    string    		Human-readable message indicating details about last transition.
    reason
    string    		Unique, one-word, CamelCase reason for the condition's last transition.
    status
    string    		Status is the status of the condition. Can be True, False, Unknown.
    type
    string    		Type is the type of the condition.
    
+
    APIVersions v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1APIVersions
    
+
    APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    serverAddressByClientCIDRs
    ServerAddressByClientCIDR array    		a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
    versions
    string array    		versions are the api versions that are available.
    
+
    AWSElasticBlockStoreVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1AWSElasticBlockStoreVolumeSource
    
+
    Represents a Persistent Disk resource in AWS.
+
+An AWS EBS disk must exist before mounting to a container. The disk must also be in the same AWS zone as the kubelet. An AWS EBS disk can only be mounted as read/write once. AWS EBS volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
    partition
    integer    		partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
    readOnly
    boolean    		readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
    volumeID
    string    		volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
    
+
    Affinity v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Affinity
    
+
    Affinity is a group of affinity scheduling rules.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    nodeAffinity
    NodeAffinity    		Describes node affinity scheduling rules for the pod.
    podAffinity
    PodAffinity    		Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
    podAntiAffinity
    PodAntiAffinity    		Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
    
+
    AggregationRule v1 rbac.authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    rbac.authorization.k8s.iov1AggregationRule
    
+
    AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    clusterRoleSelectors
    LabelSelector array    		ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added
    
+
    AllocationResult v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2AllocationResult
    
+
    AllocationResult contains attributes of an allocated resource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    availableOnNodes
    NodeSelector    		This field will get set by the resource driver after it has allocated the resource to inform the scheduler where it can schedule Pods using the ResourceClaim.  Setting this field is optional. If null, the resource is available everywhere.
    resourceHandles
    ResourceHandle array    		ResourceHandles contain the state associated with an allocation that should be maintained throughout the lifetime of a claim. Each ResourceHandle contains data that should be passed to a specific kubelet plugin once it lands on a node. This data is returned by the driver after a successful allocation and is opaque to Kubernetes. Driver documentation may explain to users how to interpret this data if needed.  Setting this field is optional. It has a maximum size of 32 entries. If null (or empty), it is assumed this allocation will be processed by a single kubelet plugin with no ResourceHandle data attached. The name of the kubelet plugin invoked will match the DriverName set in the ResourceClaimStatus this AllocationResult is embedded in.
    shareable
    boolean    		Shareable determines whether the resource supports more than one consumer at a time.
    
+
    AttachedVolume v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1AttachedVolume
    
+
    AttachedVolume describes a volume attached to a node
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    devicePath
    string    		DevicePath represents the device path where the volume should be available
    name
    string    		Name of the attached volume
    
+
    AuditAnnotation v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1AuditAnnotation
    
+
    AuditAnnotation describes how to produce an audit annotation for an API request.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    key
    string    		key specifies the audit annotation key. The audit annotation keys of a ValidatingAdmissionPolicy must be unique. The key must be a qualified name ([A-Za-z0-9][-A-Za-z0-9_.]*) no more than 63 bytes in length.  The key is combined with the resource name of the ValidatingAdmissionPolicy to construct an audit annotation key: "{ValidatingAdmissionPolicy name}/{key}".  If an admission webhook uses the same resource name as this ValidatingAdmissionPolicy and the same audit annotation key, the annotation key will be identical. In this case, the first annotation written with the key will be included in the audit event and all subsequent annotations with the same key will be discarded.  Required.
    valueExpression
    string    		valueExpression represents the expression which is evaluated by CEL to produce an audit annotation value. The expression must evaluate to either a string or null value. If the expression evaluates to a string, the audit annotation is included with the string value. If the expression evaluates to null or empty string the audit annotation will be omitted. The valueExpression may be no longer than 5kb in length. If the result of the valueExpression is more than 10kb in length, it will be truncated to 10kb.  If multiple ValidatingAdmissionPolicyBinding resources match an API request, then the valueExpression will be evaluated for each binding. All unique values produced by the valueExpressions will be joined together in a comma-separated list.  Required.
    
+
    AzureDiskVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1AzureDiskVolumeSource
    
+
    AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    cachingMode
    string    		cachingMode is the Host Caching mode: None, Read Only, Read Write.
    diskName
    string    		diskName is the Name of the data disk in the blob storage
    diskURI
    string    		diskURI is the URI of data disk in the blob storage
    fsType
    string    		fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
    kind
    string    		kind expected values are Shared: multiple blob disks per storage account  Dedicated: single blob disk per storage account  Managed: azure managed data disk (only in managed availability set). defaults to shared
    readOnly
    boolean    		readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    
+
    AzureFilePersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1AzureFilePersistentVolumeSource
    
+
    AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    readOnly
    boolean    		readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    secretName
    string    		secretName is the name of secret that contains Azure Storage Account Name and Key
    secretNamespace
    string    		secretNamespace is the namespace of the secret that contains Azure Storage Account Name and Key default is the same as the Pod
    shareName
    string    		shareName is the azure Share Name
    
+
    AzureFileVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1AzureFileVolumeSource
    
+
    AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    readOnly
    boolean    		readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    secretName
    string    		secretName is the  name of secret that contains Azure Storage Account Name and Key
    shareName
    string    		shareName is the azure share Name
    
+
    BoundObjectReference v1 authentication.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authentication.k8s.iov1BoundObjectReference
    
+
    BoundObjectReference is a reference to an object that a token is bound to.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		API version of the referent.
    kind
    string    		Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
    name
    string    		Name of the referent.
    uid
    string    		UID of the referent.
    
+
    CSINodeDriver v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1CSINodeDriver
    
+
    CSINodeDriver holds information about the specification of one CSI driver installed on a node
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    allocatable
    VolumeNodeResources    		allocatable represents the volume resources of a node that are available for scheduling. This field is beta.
    name
    string    		name represents the name of the CSI driver that this object refers to. This MUST be the same name returned by the CSI GetPluginName() call for that driver.
    nodeID
    string    		nodeID of the node from the driver point of view. This field enables Kubernetes to communicate with storage systems that do not share the same nomenclature for nodes. For example, Kubernetes may refer to a given node as "node1", but the storage system may refer to the same node as "nodeA". When Kubernetes issues a command to the storage system to attach a volume to a specific node, it can use this field to refer to the node name using the ID that the storage system will understand, e.g. "nodeA" instead of "node1". This field is required.
    topologyKeys
    string array    		topologyKeys is the list of keys supported by the driver. When a driver is initialized on a cluster, it provides a set of topology keys that it understands (e.g. "company.com/zone", "company.com/region"). When a driver is initialized on a node, it provides the same topology keys along with values. Kubelet will expose these topology keys as labels on its own node object. When Kubernetes does topology aware provisioning, it can use this list to determine which labels it should retrieve from the node object and pass back to the driver. It is possible for different nodes to use different topology keys. This can be empty if driver does not support topology.
    
+
    CSIPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1CSIPersistentVolumeSource
    
+
    Represents storage that is managed by an external CSI volume driver (Beta feature)
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    controllerExpandSecretRef
    SecretReference    		controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.
    controllerPublishSecretRef
    SecretReference    		controllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.
    driver
    string    		driver is the name of the driver to use for this volume. Required.
    fsType
    string    		fsType to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs".
    nodeExpandSecretRef
    SecretReference    		nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.
    nodePublishSecretRef
    SecretReference    		nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.
    nodeStageSecretRef
    SecretReference    		nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.
    readOnly
    boolean    		readOnly value to pass to ControllerPublishVolumeRequest. Defaults to false (read/write).
    volumeAttributes
    object    		volumeAttributes of the volume to publish.
    volumeHandle
    string    		volumeHandle is the unique volume name returned by the CSI volume plugin’s CreateVolume to refer to the volume on all subsequent calls. Required.
    
+
    CSIVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1CSIVolumeSource
    
+
    Represents a source location of a volume to mount, managed by an external CSI driver
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    driver
    string    		driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.
    fsType
    string    		fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.
    nodePublishSecretRef
    LocalObjectReference    		nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.
    readOnly
    boolean    		readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
    volumeAttributes
    object    		volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.
    
+
    Capabilities v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Capabilities
    
+
    Adds and removes POSIX capabilities from running containers.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    add
    string array    		Added capabilities
    drop
    string array    		Removed capabilities
    
+
    CephFSPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1CephFSPersistentVolumeSource
    
+
    Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    monitors
    string array    		monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    path
    string    		path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /
    readOnly
    boolean    		readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    secretFile
    string    		secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    secretRef
    SecretReference    		secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    user
    string    		user is Optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    
+
    CephFSVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1CephFSVolumeSource
    
+
    Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    monitors
    string array    		monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    path
    string    		path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /
    readOnly
    boolean    		readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    secretFile
    string    		secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    secretRef
    LocalObjectReference    		secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    user
    string    		user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
    
+
    CertificateSigningRequestCondition v1 certificates.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    certificates.k8s.iov1CertificateSigningRequestCondition
    
+
    CertificateSigningRequestCondition describes a condition of a CertificateSigningRequest object
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		lastTransitionTime is the time the condition last transitioned from one status to another. If unset, when a new condition type is added or an existing condition's status is changed, the server defaults this to the current time.
    lastUpdateTime
    Time    		lastUpdateTime is the time of the last update to this condition
    message
    string    		message contains a human readable message with details about the request state
    reason
    string    		reason indicates a brief reason for the request state
    status
    string    		status of the condition, one of True, False, Unknown. Approved, Denied, and Failed conditions may not be "False" or "Unknown".
    type
    string    		type of the condition. Known conditions are "Approved", "Denied", and "Failed".  An "Approved" condition is added via the /approval subresource, indicating the request was approved and should be issued by the signer.  A "Denied" condition is added via the /approval subresource, indicating the request was denied and should not be issued by the signer.  A "Failed" condition is added via the /status subresource, indicating the signer failed to issue the certificate.  Approved and Denied conditions are mutually exclusive. Approved, Denied, and Failed conditions cannot be removed once added.  Only one condition of a given type is allowed.
    
+
    CinderPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1CinderPersistentVolumeSource
    
+
    Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
    readOnly
    boolean    		readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
    secretRef
    SecretReference    		secretRef is Optional: points to a secret object containing parameters used to connect to OpenStack.
    volumeID
    string    		volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
    
+
    CinderVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1CinderVolumeSource
    
+
    Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
    readOnly
    boolean    		readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
    secretRef
    LocalObjectReference    		secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.
    volumeID
    string    		volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
    
+
    ClaimSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ClaimSource
    
+
    ClaimSource describes a reference to a ResourceClaim.
+
+Exactly one of these fields should be set.  Consumers of this type must treat an empty object as if it has an unknown value.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    resourceClaimName
    string    		ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
    resourceClaimTemplateName
    string    		ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod.  The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long).  An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed.  This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.
    
+
    ClientIPConfig v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ClientIPConfig
    
+
    ClientIPConfig represents the configurations of Client IP based session affinity.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    timeoutSeconds
    integer    		timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours).
    
+
    ComponentCondition v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ComponentCondition
    
+
    Information about the condition of a component.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    error
    string    		Condition error code for a component. For example, a health check error code.
    message
    string    		Message about the condition for a component. For example, information about a health check.
    status
    string    		Status of the condition for a component. Valid values for "Healthy": "True", "False", or "Unknown".
    type
    string    		Type of condition for a component. Valid value: "Healthy"
    
+
    Condition v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1Condition
    
+
    Condition contains details for one aspect of the current state of this API Resource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
    message
    string    		message is a human readable message indicating details about the transition. This may be an empty string.
    observedGeneration
    integer    		observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
    reason
    string    		reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
    status
    string    		status of the condition, one of True, False, Unknown.
    type
    string    		type of condition in CamelCase or in foo.example.com/CamelCase.
    
+
    ConfigMapEnvSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ConfigMapEnvSource
    
+
    ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.
+
+The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    optional
    boolean    		Specify whether the ConfigMap must be defined
    
+
    ConfigMapKeySelector v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ConfigMapKeySelector
    
+
    Selects a key from a ConfigMap.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    key
    string    		The key to select.
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    optional
    boolean    		Specify whether the ConfigMap or its key must be defined
    
+
    ConfigMapNodeConfigSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ConfigMapNodeConfigSource
    
+
    ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node. This API is deprecated since 1.22: https://git.k8s.io/enhancements/keps/sig-node/281-dynamic-kubelet-configuration
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    kubeletConfigKey
    string    		KubeletConfigKey declares which key of the referenced ConfigMap corresponds to the KubeletConfiguration structure This field is required in all cases.
    name
    string    		Name is the metadata.name of the referenced ConfigMap. This field is required in all cases.
    namespace
    string    		Namespace is the metadata.namespace of the referenced ConfigMap. This field is required in all cases.
    resourceVersion
    string    		ResourceVersion is the metadata.ResourceVersion of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status.
    uid
    string    		UID is the metadata.UID of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status.
    
+
    ConfigMapProjection v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ConfigMapProjection
    
+
    Adapts a ConfigMap into a projected volume.
+
+The contents of the target ConfigMap's Data field will be presented in a projected volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. Note that this is identical to a configmap volume source without the default mode.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    items
    KeyToPath array    		items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    optional
    boolean    		optional specify whether the ConfigMap or its keys must be defined
    
+
    ConfigMapVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ConfigMapVolumeSource
    
+
    Adapts a ConfigMap into a volume.
+
+The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    defaultMode
    integer    		defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
    items
    KeyToPath array    		items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    optional
    boolean    		optional specify whether the ConfigMap or its keys must be defined
    
+
    ContainerImage v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ContainerImage
    
+
    Describe a container image
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    names
    string array    		Names by which this image is known. e.g. ["kubernetes.example/hyperkube:v1.0.7", "cloud-vendor.registry.example/cloud-vendor/hyperkube:v1.0.7"]
    sizeBytes
    integer    		The size of the image in bytes.
    
+
    ContainerPort v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ContainerPort
    
+
    ContainerPort represents a network port in a single container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    containerPort
    integer    		Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
    hostIP
    string    		What host IP to bind the external port to.
    hostPort
    integer    		Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.
    name
    string    		If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
    protocol
    string    		Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
    
+
    ContainerResizePolicy v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ContainerResizePolicy
    
+
    ContainerResizePolicy represents resource resize policy for the container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    resourceName
    string    		Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.
    restartPolicy
    string    		Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
    
+
    ContainerResourceMetricSource v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2ContainerResourceMetricSource
    
+
    ContainerResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory).  The values will be averaged together before being compared to the target.  Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.  Only one "target" type should be set.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    container
    string    		container is the name of the container in the pods of the scaling target
    name
    string    		name is the name of the resource in question.
    target
    MetricTarget    		target specifies the target value for the given metric
    
+
    ContainerResourceMetricStatus v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2ContainerResourceMetricStatus
    
+
    ContainerResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing a single container in each pod in the current scale target (e.g. CPU or memory).  Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    container
    string    		container is the name of the container in the pods of the scaling target
    current
    MetricValueStatus    		current contains the current value for the given metric
    name
    string    		name is the name of the resource in question.
    
+
    ContainerState v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ContainerState
    
+
    ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    running
    ContainerStateRunning    		Details about a running container
    terminated
    ContainerStateTerminated    		Details about a terminated container
    waiting
    ContainerStateWaiting    		Details about a waiting container
    
+
    ContainerStateRunning v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ContainerStateRunning
    
+
    ContainerStateRunning is a running state of a container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    startedAt
    Time    		Time at which the container was last (re-)started
    
+
    ContainerStateTerminated v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ContainerStateTerminated
    
+
    ContainerStateTerminated is a terminated state of a container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    containerID
    string    		Container's ID in the format '<type>://<container_id>'
    exitCode
    integer    		Exit status from the last termination of the container
    finishedAt
    Time    		Time at which the container last terminated
    message
    string    		Message regarding the last termination of the container
    reason
    string    		(brief) reason from the last termination of the container
    signal
    integer    		Signal from the last termination of the container
    startedAt
    Time    		Time at which previous execution of the container started
    
+
    ContainerStateWaiting v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ContainerStateWaiting
    
+
    ContainerStateWaiting is a waiting state of a container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    message
    string    		Message regarding why the container is not yet running.
    reason
    string    		(brief) reason the container is not yet running.
    
+
    CrossVersionObjectReference v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2CrossVersionObjectReference
    
+
    CrossVersionObjectReference contains enough information to let you identify the referred resource.
    
+
     Other API versions of this object exist:
+v1
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		apiVersion is the API version of the referent
    kind
    string    		kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    name
    string    		name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    
+
    CustomResourceColumnDefinition v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceColumnDefinition
    
+
    CustomResourceColumnDefinition specifies a column for server side printing.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    description
    string    		description is a human readable description of this column.
    format
    string    		format is an optional OpenAPI type definition for this column. The 'name' format is applied to the primary identifier column to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details.
    jsonPath
    string    		jsonPath is a simple JSON path (i.e. with array notation) which is evaluated against each custom resource to produce the value for this column.
    name
    string    		name is a human readable name for the column.
    priority
    integer    		priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a priority greater than 0.
    type
    string    		type is an OpenAPI type definition for this column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details.
    
+
    CustomResourceConversion v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceConversion
    
+
    CustomResourceConversion describes how to convert different versions of a CR.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    strategy
    string    		strategy specifies how custom resources are converted between versions. Allowed values are: - `"None"`: The converter only change the apiVersion and would not touch any other field in the custom resource. - `"Webhook"`: API Server will call to an external webhook to do the conversion. Additional information   is needed for this option. This requires spec.preserveUnknownFields to be false, and spec.conversion.webhook to be set.
    webhook
    WebhookConversion    		webhook describes how to call the conversion webhook. Required when `strategy` is set to `"Webhook"`.
    
+
    CustomResourceDefinitionCondition v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceDefinitionCondition
    
+
    CustomResourceDefinitionCondition contains details for the current condition of this pod.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		lastTransitionTime last time the condition transitioned from one status to another.
    message
    string    		message is a human-readable message indicating details about last transition.
    reason
    string    		reason is a unique, one-word, CamelCase reason for the condition's last transition.
    status
    string    		status is the status of the condition. Can be True, False, Unknown.
    type
    string    		type is the type of the condition. Types include Established, NamesAccepted and Terminating.
    
+
    CustomResourceDefinitionNames v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceDefinitionNames
    
+
    CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    categories
    string array    		categories is a list of grouped resources this custom resource belongs to (e.g. 'all'). This is published in API discovery documents, and used by clients to support invocations like `kubectl get all`.
    kind
    string    		kind is the serialized kind of the resource. It is normally CamelCase and singular. Custom resource instances will use this value as the `kind` attribute in API calls.
    listKind
    string    		listKind is the serialized kind of the list for this resource. Defaults to "`kind`List".
    plural
    string    		plural is the plural name of the resource to serve. The custom resources are served under `/apis/<group>/<version>/.../<plural>`. Must match the name of the CustomResourceDefinition (in the form `<names.plural>.<group>`). Must be all lowercase.
    shortNames
    string array    		shortNames are short names for the resource, exposed in API discovery documents, and used by clients to support invocations like `kubectl get <shortname>`. It must be all lowercase.
    singular
    string    		singular is the singular name of the resource. It must be all lowercase. Defaults to lowercased `kind`.
    
+
    CustomResourceDefinitionVersion v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceDefinitionVersion
    
+
    CustomResourceDefinitionVersion describes a version for CRD.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    additionalPrinterColumns
    CustomResourceColumnDefinition array    		additionalPrinterColumns specifies additional columns returned in Table output. See https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables for details. If no columns are specified, a single column displaying the age of the custom resource is used.
    deprecated
    boolean    		deprecated indicates this version of the custom resource API is deprecated. When set to true, API requests to this version receive a warning header in the server response. Defaults to false.
    deprecationWarning
    string    		deprecationWarning overrides the default warning returned to API clients. May only be set when `deprecated` is true. The default warning indicates this version is deprecated and recommends use of the newest served version of equal or greater stability, if one exists.
    name
    string    		name is the version name, e.g. “v1”, “v2beta1”, etc. The custom resources are served under this version at `/apis/<group>/<version>/...` if `served` is true.
    schema
    CustomResourceValidation    		schema describes the schema used for validation, pruning, and defaulting of this version of the custom resource.
    served
    boolean    		served is a flag enabling/disabling this version from being served via REST APIs
    storage
    boolean    		storage indicates this version should be used when persisting custom resources to storage. There must be exactly one version with storage=true.
    subresources
    CustomResourceSubresources    		subresources specify what subresources this version of the defined custom resource have.
    
+
    CustomResourceSubresourceScale v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceSubresourceScale
    
+
    CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    labelSelectorPath
    string    		labelSelectorPath defines the JSON path inside of a custom resource that corresponds to Scale `status.selector`. Only JSON paths without the array notation are allowed. Must be a JSON Path under `.status` or `.spec`. Must be set to work with HorizontalPodAutoscaler. The field pointed by this JSON path must be a string field (not a complex selector struct) which contains a serialized label selector in string form. More info: https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions#scale-subresource If there is no value under the given path in the custom resource, the `status.selector` value in the `/scale` subresource will default to the empty string.
    specReplicasPath
    string    		specReplicasPath defines the JSON path inside of a custom resource that corresponds to Scale `spec.replicas`. Only JSON paths without the array notation are allowed. Must be a JSON Path under `.spec`. If there is no value under the given path in the custom resource, the `/scale` subresource will return an error on GET.
    statusReplicasPath
    string    		statusReplicasPath defines the JSON path inside of a custom resource that corresponds to Scale `status.replicas`. Only JSON paths without the array notation are allowed. Must be a JSON Path under `.status`. If there is no value under the given path in the custom resource, the `status.replicas` value in the `/scale` subresource will default to 0.
    
+
    CustomResourceSubresourceStatus v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceSubresourceStatus
    
+
    CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources. Status is represented by the `.status` JSON path inside of a CustomResource. When set, * exposes a /status subresource for the custom resource * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    CustomResourceSubresources v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceSubresources
    
+
    CustomResourceSubresources defines the status and scale subresources for CustomResources.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    scale
    CustomResourceSubresourceScale    		scale indicates the custom resource should serve a `/scale` subresource that returns an `autoscaling/v1` Scale object.
    status
    CustomResourceSubresourceStatus    		status indicates the custom resource should serve a `/status` subresource. When enabled: 1. requests to the custom resource primary endpoint ignore changes to the `status` stanza of the object. 2. requests to the custom resource `/status` subresource ignore changes to anything other than the `status` stanza of the object.
    
+
    CustomResourceValidation v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1CustomResourceValidation
    
+
    CustomResourceValidation is a list of validation methods for CustomResources.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    openAPIV3Schema
    JSONSchemaProps    		openAPIV3Schema is the OpenAPI v3 schema to use for validation and pruning.
    
+
    DaemonEndpoint v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1DaemonEndpoint
    
+
    DaemonEndpoint contains information about a single Daemon endpoint.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    Port
    integer    		Port number of the given endpoint.
    
+
    DaemonSetCondition v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1DaemonSetCondition
    
+
    DaemonSetCondition describes the state of a DaemonSet at a certain point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		Last time the condition transitioned from one status to another.
    message
    string    		A human readable message indicating details about the transition.
    reason
    string    		The reason for the condition's last transition.
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of DaemonSet condition.
    
+
    DaemonSetUpdateStrategy v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1DaemonSetUpdateStrategy
    
+
    DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    rollingUpdate
    RollingUpdateDaemonSet    		Rolling update config params. Present only if type = "RollingUpdate".
    type
    string    		Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate.
    
+
    DeleteOptions v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1DeleteOptions
    
+
    DeleteOptions may be provided when deleting an API object.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    dryRun
    string array    		When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSeconds
    integer    		The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    orphanDependents
    boolean    		Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    preconditions
    Preconditions    		Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.
    propagationPolicy
    string    		Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    DeploymentCondition v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1DeploymentCondition
    
+
    DeploymentCondition describes the state of a deployment at a certain point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		Last time the condition transitioned from one status to another.
    lastUpdateTime
    Time    		The last time this condition was updated.
    message
    string    		A human readable message indicating details about the transition.
    reason
    string    		The reason for the condition's last transition.
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of deployment condition.
    
+
    DownwardAPIProjection v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1DownwardAPIProjection
    
+
    Represents downward API info for projecting into a projected volume. Note that this is identical to a downwardAPI volume source without the default mode.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    items
    DownwardAPIVolumeFile array    		Items is a list of DownwardAPIVolume file
    
+
    DownwardAPIVolumeFile v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1DownwardAPIVolumeFile
    
+
    DownwardAPIVolumeFile represents information to create the file containing the pod field
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    fieldRef
    ObjectFieldSelector    		Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.
    mode
    integer    		Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
    path
    string    		Required: Path is  the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'
    resourceFieldRef
    ResourceFieldSelector    		Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
    
+
    DownwardAPIVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1DownwardAPIVolumeSource
    
+
    DownwardAPIVolumeSource represents a volume containing downward API info. Downward API volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    defaultMode
    integer    		Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
    items
    DownwardAPIVolumeFile array    		Items is a list of downward API volume file
    
+
    EmptyDirVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EmptyDirVolumeSource
    
+
    Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    medium
    string    		medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
    sizeLimit
    Quantity    		sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
    
+
    Endpoint v1 discovery.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    discovery.k8s.iov1Endpoint
    
+
    Endpoint represents a single logical "backend" implementing a service.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    addresses
    string array    		addresses of this endpoint. The contents of this field are interpreted according to the corresponding EndpointSlice addressType field. Consumers must handle different types of addresses in the context of their own capabilities. This must contain at least one address but no more than 100. These are all assumed to be fungible and clients may choose to only use the first element. Refer to: https://issue.k8s.io/106267
    conditions
    EndpointConditions    		conditions contains information about the current status of the endpoint.
    deprecatedTopology
    object    		deprecatedTopology contains topology information part of the v1beta1 API. This field is deprecated, and will be removed when the v1beta1 API is removed (no sooner than kubernetes v1.24).  While this field can hold values, it is not writable through the v1 API, and any attempts to write to it will be silently ignored. Topology information can be found in the zone and nodeName fields instead.
    hints
    EndpointHints    		hints contains information associated with how an endpoint should be consumed.
    hostname
    string    		hostname of this endpoint. This field may be used by consumers of endpoints to distinguish endpoints from each other (e.g. in DNS names). Multiple endpoints which use the same hostname should be considered fungible (e.g. multiple A values in DNS). Must be lowercase and pass DNS Label (RFC 1123) validation.
    nodeName
    string    		nodeName represents the name of the Node hosting this endpoint. This can be used to determine endpoints local to a Node.
    targetRef
    ObjectReference    		targetRef is a reference to a Kubernetes object that represents this endpoint.
    zone
    string    		zone is the name of the Zone this endpoint exists in.
    
+
    EndpointAddress v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EndpointAddress
    
+
    EndpointAddress is a tuple that describes single IP address.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    hostname
    string    		The Hostname of this endpoint
    ip
    string    		The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16).
    nodeName
    string    		Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.
    targetRef
    ObjectReference    		Reference to object providing the endpoint.
    
+
    EndpointConditions v1 discovery.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    discovery.k8s.iov1EndpointConditions
    
+
    EndpointConditions represents the current condition of an endpoint.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    ready
    boolean    		ready indicates that this endpoint is prepared to receive traffic, according to whatever system is managing the endpoint. A nil value indicates an unknown state. In most cases consumers should interpret this unknown state as ready. For compatibility reasons, ready should never be "true" for terminating endpoints, except when the normal readiness behavior is being explicitly overridden, for example when the associated Service has set the publishNotReadyAddresses flag.
    serving
    boolean    		serving is identical to ready except that it is set regardless of the terminating state of endpoints. This condition should be set to true for a ready endpoint that is terminating. If nil, consumers should defer to the ready condition.
    terminating
    boolean    		terminating indicates that this endpoint is terminating. A nil value indicates an unknown state. Consumers should interpret this unknown state to mean that the endpoint is not terminating.
    
+
    EndpointHints v1 discovery.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    discovery.k8s.iov1EndpointHints
    
+
    EndpointHints provides hints describing how an endpoint should be consumed.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    forZones
    ForZone array    		forZones indicates the zone(s) this endpoint should be consumed by to enable topology aware routing.
    
+
    EndpointPort v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EndpointPort
    
+
    EndpointPort is a tuple that describes a single port.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    appProtocol
    string    		The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:  * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).  * Kubernetes-defined prefixed names:   * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540  * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.
    name
    string    		The name of this port.  This must match the 'name' field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined.
    port
    integer    		The port number of the endpoint.
    protocol
    string    		The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.
    
+
    EndpointSubset v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EndpointSubset
    
+
    EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:
+
+	{
+	  Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}],
+	  Ports:     [{"name": "a", "port": 8675}, {"name": "b", "port": 309}]
+	}
+
+The resulting set of endpoints can be viewed as:
+
+	a: [ 10.10.1.1:8675, 10.10.2.2:8675 ],
+	b: [ 10.10.1.1:309, 10.10.2.2:309 ]
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    addresses
    EndpointAddress array    		IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.
    notReadyAddresses
    EndpointAddress array    		IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.
    ports
    EndpointPort array    		Port numbers available on the related IP addresses.
    
+
    EnvFromSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EnvFromSource
    
+
    EnvFromSource represents the source of a set of ConfigMaps
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    configMapRef
    ConfigMapEnvSource    		The ConfigMap to select from
    prefix
    string    		An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
    secretRef
    SecretEnvSource    		The Secret to select from
    
+
    EnvVar v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EnvVar
    
+
    EnvVar represents an environment variable present in a Container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name of the environment variable. Must be a C_IDENTIFIER.
    value
    string    		Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".
    valueFrom
    EnvVarSource    		Source for the environment variable's value. Cannot be used if value is not empty.
    
+
    EnvVarSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EnvVarSource
    
+
    EnvVarSource represents a source for the value of an EnvVar.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    configMapKeyRef
    ConfigMapKeySelector    		Selects a key of a ConfigMap.
    fieldRef
    ObjectFieldSelector    		Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
    resourceFieldRef
    ResourceFieldSelector    		Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
    secretKeyRef
    SecretKeySelector    		Selects a key of a secret in the pod's namespace
    
+
    EphemeralContainer v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EphemeralContainer
    
+
    An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation.
+
+To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    args
    string array    		Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
    command
    string array    		Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
    env
    EnvVar array
    patch strategy: merge
    patch merge key: name    		List of environment variables to set in the container. Cannot be updated.
    envFrom
    EnvFromSource array    		List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
    image
    string    		Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
    imagePullPolicy
    string    		Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
    lifecycle
    Lifecycle    		Lifecycle is not allowed for ephemeral containers.
    livenessProbe
    Probe    		Probes are not allowed for ephemeral containers.
    name
    string    		Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers.
    ports
    ContainerPort array
    patch strategy: merge
    patch merge key: containerPort    		Ports are not allowed for ephemeral containers.
    readinessProbe
    Probe    		Probes are not allowed for ephemeral containers.
    resizePolicy
    ContainerResizePolicy array    		Resources resize policy for the container.
    resources
    ResourceRequirements    		Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
    securityContext
    SecurityContext    		Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
    startupProbe
    Probe    		Probes are not allowed for ephemeral containers.
    stdin
    boolean    		Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
    stdinOnce
    boolean    		Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false
    targetContainerName
    string    		If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec.  The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined.
    terminationMessagePath
    string    		Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.
    terminationMessagePolicy
    string    		Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
    tty
    boolean    		Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.
    volumeDevices
    VolumeDevice array
    patch strategy: merge
    patch merge key: devicePath    		volumeDevices is the list of block devices to be used by the container.
    volumeMounts
    VolumeMount array
    patch strategy: merge
    patch merge key: mountPath    		Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated.
    workingDir
    string    		Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
    
+
    EphemeralVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EphemeralVolumeSource
    
+
    Represents an ephemeral volume that is handled by a normal storage driver.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    volumeClaimTemplate
    PersistentVolumeClaimTemplate    		Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod.  The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).  An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.  This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.  Required, must not be nil.
    
+
    EventSeries v1 events.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    events.k8s.iov1EventSeries
    
+
    EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time. How often to update the EventSeries is up to the event reporters. The default event reporter in "k8s.io/client-go/tools/events/event_broadcaster.go" shows how this struct is updated on heartbeats and can guide customized reporter implementations.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    count
    integer    		count is the number of occurrences in this series up to the last heartbeat time.
    lastObservedTime
    MicroTime    		lastObservedTime is the time when last Event from the series was seen before last heartbeat.
    
+
    EventSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EventSource
    
+
    EventSource contains information for an event.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    component
    string    		Component from which the event is generated.
    host
    string    		Node name on which the event is generated.
    
+
    Eviction v1 policy
    
+
+
+
+
+
+
    GroupVersionKind
    policyv1Eviction
    
+
    Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod.  A request to cause such an eviction is created by POSTing to .../pods/<pod name>/evictions.
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    deleteOptions
    DeleteOptions    		DeleteOptions may be provided
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		ObjectMeta describes the pod that is being evicted.
    
+
    ExecAction v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ExecAction
    
+
    ExecAction describes a "run in container" action.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    command
    string array    		Command is the command line to execute inside the container, the working directory for the command  is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
    
+
    ExpressionWarning v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1ExpressionWarning
    
+
    ExpressionWarning is a warning information that targets a specific expression.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    fieldRef
    string    		The path to the field that refers the expression. For example, the reference to the expression of the first item of validations is "spec.validations[0].expression"
    warning
    string    		The content of type checking information in a human-readable form. Each line of the warning contains the type that the expression is checked against, followed by the type check error from the compiler.
    
+
    ExternalDocumentation v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1ExternalDocumentation
    
+
    ExternalDocumentation allows referencing an external resource for extended documentation.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    description
    string
    url
    string
    
+
    ExternalMetricSource v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2ExternalMetricSource
    
+
    ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    metric
    MetricIdentifier    		metric identifies the target metric by name and selector
    target
    MetricTarget    		target specifies the target value for the given metric
    
+
    ExternalMetricStatus v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2ExternalMetricStatus
    
+
    ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    current
    MetricValueStatus    		current contains the current value for the given metric
    metric
    MetricIdentifier    		metric identifies the target metric by name and selector
    
+
    FCVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1FCVolumeSource
    
+
    Represents a Fibre Channel volume. Fibre Channel volumes can only be mounted as read/write once. Fibre Channel volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
    lun
    integer    		lun is Optional: FC target lun number
    readOnly
    boolean    		readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    targetWWNs
    string array    		targetWWNs is Optional: FC target worldwide names (WWNs)
    wwids
    string array    		wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
    
+
    FieldsV1 v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1FieldsV1
    
+
    FieldsV1 stores a set of fields in a data structure like a Trie, in JSON format.
+
+Each key is either a '.' representing the field itself, and will always map to an empty set, or a string representing a sub-field or item. The string will follow one of these four formats: 'f:<name>', where <name> is the name of a field in a struct, or key in a map 'v:<value>', where <value> is the exact json formatted value of a list item 'i:<index>', where <index> is position of a item in a list 'k:<keys>', where <keys> is a map of  a list item's key fields to their unique values If a key maps to an empty Fields value, the field that key represents is part of the set.
+
+The exact format is defined in sigs.k8s.io/structured-merge-diff
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    FlexPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1FlexPersistentVolumeSource
    
+
    FlexPersistentVolumeSource represents a generic persistent volume resource that is provisioned/attached using an exec based plugin.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    driver
    string    		driver is the name of the driver to use for this volume.
    fsType
    string    		fsType is the Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
    options
    object    		options is Optional: this field holds extra command options if any.
    readOnly
    boolean    		readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    secretRef
    SecretReference    		secretRef is Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.
    
+
    FlexVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1FlexVolumeSource
    
+
    FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    driver
    string    		driver is the name of the driver to use for this volume.
    fsType
    string    		fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
    options
    object    		options is Optional: this field holds extra command options if any.
    readOnly
    boolean    		readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    secretRef
    LocalObjectReference    		secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.
    
+
    FlockerVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1FlockerVolumeSource
    
+
    Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    datasetName
    string    		datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated
    datasetUUID
    string    		datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset
    
+
    FlowDistinguisherMethod v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3FlowDistinguisherMethod
    
+
    FlowDistinguisherMethod specifies the method of a flow distinguisher.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    type
    string    		`type` is the type of flow distinguisher method The supported types are "ByUser" and "ByNamespace". Required.
    
+
    FlowSchemaCondition v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3FlowSchemaCondition
    
+
    FlowSchemaCondition describes conditions for a FlowSchema.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		`lastTransitionTime` is the last time the condition transitioned from one status to another.
    message
    string    		`message` is a human-readable message indicating details about last transition.
    reason
    string    		`reason` is a unique, one-word, CamelCase reason for the condition's last transition.
    status
    string    		`status` is the status of the condition. Can be True, False, Unknown. Required.
    type
    string    		`type` is the type of the condition. Required.
    
+
    ForZone v1 discovery.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    discovery.k8s.iov1ForZone
    
+
    ForZone provides information about which zones should consume this endpoint.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		name represents the name of the zone.
    
+
    GCEPersistentDiskVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1GCEPersistentDiskVolumeSource
    
+
    Represents a Persistent Disk resource in Google Compute Engine.
+
+A GCE PD must exist before mounting to a container. The disk must also be in the same GCE project and zone as the kubelet. A GCE PD can only be mounted as read/write once or read-only many times. GCE PDs support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
    partition
    integer    		partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
    pdName
    string    		pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
    readOnly
    boolean    		readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
    
+
    GRPCAction v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1GRPCAction
    
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    port
    integer    		Port number of the gRPC service. Number must be in the range 1 to 65535.
    service
    string    		Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).  If this is not specified, the default behavior is defined by gRPC.
    
+
    GitRepoVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1GitRepoVolumeSource
    
+
    Represents a volume that is populated with the contents of a git repository. Git repo volumes do not support ownership management. Git repo volumes support SELinux relabeling.
+
+DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    directory
    string    		directory is the target directory name. Must not contain or start with '..'.  If '.' is supplied, the volume directory will be the git repository.  Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.
    repository
    string    		repository is the URL
    revision
    string    		revision is the commit hash for the specified revision.
    
+
    GlusterfsPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1GlusterfsPersistentVolumeSource
    
+
    Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    endpoints
    string    		endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
    endpointsNamespace
    string    		endpointsNamespace is the namespace that contains Glusterfs endpoint. If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
    path
    string    		path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
    readOnly
    boolean    		readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
    
+
    GlusterfsVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1GlusterfsVolumeSource
    
+
    Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    endpoints
    string    		endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
    path
    string    		path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
    readOnly
    boolean    		readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
    
+
    GroupSubject v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3GroupSubject
    
+
    GroupSubject holds detailed information for group-kind subject.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		name is the user group that matches, or "*" to match all user groups. See https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some well-known group names. Required.
    
+
    GroupVersionForDiscovery v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1GroupVersionForDiscovery
    
+
    GroupVersion contains the "group/version" and "version" string of a version. It is made a struct to keep extensibility.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    groupVersion
    string    		groupVersion specifies the API group and version in the form "group/version"
    version
    string    		version specifies the version in the form of "version". This is to save the clients the trouble of splitting the GroupVersion.
    
+
    HPAScalingPolicy v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2HPAScalingPolicy
    
+
    HPAScalingPolicy is a single policy which must hold true for a specified past interval.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    periodSeconds
    integer    		periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min).
    type
    string    		type is used to specify the scaling policy.
    value
    integer    		value contains the amount of change which is permitted by the policy. It must be greater than zero
    
+
    HPAScalingRules v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2HPAScalingRules
    
+
    HPAScalingRules configures the scaling behavior for one direction. These Rules are applied after calculating DesiredReplicas from metrics for the HPA. They can limit the scaling velocity by specifying scaling policies. They can prevent flapping by specifying the stabilization window, so that the number of replicas is not set instantly, instead, the safest value from the stabilization window is chosen.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    policies
    HPAScalingPolicy array    		policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid
    selectPolicy
    string    		selectPolicy is used to specify which policy should be used. If not set, the default value Max is used.
    stabilizationWindowSeconds
    integer    		stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).
    
+
    HTTPGetAction v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1HTTPGetAction
    
+
    HTTPGetAction describes an action based on HTTP Get requests.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    host
    string    		Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
    httpHeaders
    HTTPHeader array    		Custom headers to set in the request. HTTP allows repeated headers.
    path
    string    		Path to access on the HTTP server.
    portName or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
    scheme
    string    		Scheme to use for connecting to the host. Defaults to HTTP.
    
+
    HTTPHeader v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1HTTPHeader
    
+
    HTTPHeader describes a custom header to be used in HTTP probes
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		The header field name
    value
    string    		The header field value
    
+
    HTTPIngressPath v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1HTTPIngressPath
    
+
    HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    backend
    IngressBackend    		backend defines the referenced service endpoint to which the traffic will be forwarded to.
    path
    string    		path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value "Exact" or "Prefix".
    pathType
    string    		pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is   done on a path element by element basis. A path element refers is the   list of labels in the path split by the '/' separator. A request is a   match for path p if every p is an element-wise prefix of p of the   request path. Note that if the last element of the path is a substring   of the last element in request path, it is not a match (e.g. /foo/bar   matches /foo/bar/baz, but does not match /foo/barbaz). * ImplementationSpecific: Interpretation of the Path matching is up to   the IngressClass. Implementations can treat this as a separate PathType   or treat it identically to Prefix or Exact path types. Implementations are required to support all path types.
    
+
    HTTPIngressRuleValue v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1HTTPIngressRuleValue
    
+
    HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http://<host>/<path>?<searchpart> -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    paths
    HTTPIngressPath array    		paths is a collection of paths that map requests to backends.
    
+
    HorizontalPodAutoscalerBehavior v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2HorizontalPodAutoscalerBehavior
    
+
    HorizontalPodAutoscalerBehavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    scaleDown
    HPAScalingRules    		scaleDown is scaling policy for scaling Down. If not set, the default value is to allow to scale down to minReplicas pods, with a 300 second stabilization window (i.e., the highest recommendation for the last 300sec is used).
    scaleUp
    HPAScalingRules    		scaleUp is scaling policy for scaling Up. If not set, the default value is the higher of:   * increase no more than 4 pods per 60 seconds   * double the number of pods per 60 seconds No stabilization is used.
    
+
    HorizontalPodAutoscalerCondition v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2HorizontalPodAutoscalerCondition
    
+
    HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		lastTransitionTime is the last time the condition transitioned from one status to another
    message
    string    		message is a human-readable explanation containing details about the transition
    reason
    string    		reason is the reason for the condition's last transition.
    status
    string    		status is the status of the condition (True, False, Unknown)
    type
    string    		type describes the current condition
    
+
    HostAlias v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1HostAlias
    
+
    HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    hostnames
    string array    		Hostnames for the above IP address.
    ip
    string    		IP address of the host file entry.
    
+
    HostPathVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1HostPathVolumeSource
    
+
    Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    path
    string    		path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
    type
    string    		type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
    
+
    IPBlock v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IPBlock
    
+
    IPBlock describes a particular CIDR (Ex. "192.168.1.0/24","2001:db8::/64") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    cidr
    string    		cidr is a string representing the IPBlock Valid examples are "192.168.1.0/24" or "2001:db8::/64"
    except
    string array    		except is a slice of CIDRs that should not be included within an IPBlock Valid examples are "192.168.1.0/24" or "2001:db8::/64" Except values will be rejected if they are outside the cidr range
    
+
    ISCSIPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ISCSIPersistentVolumeSource
    
+
    ISCSIPersistentVolumeSource represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    chapAuthDiscovery
    boolean    		chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
    chapAuthSession
    boolean    		chapAuthSession defines whether support iSCSI Session CHAP authentication
    fsType
    string    		fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
    initiatorName
    string    		initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.
    iqn
    string    		iqn is Target iSCSI Qualified Name.
    iscsiInterface
    string    		iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
    lun
    integer    		lun is iSCSI Target Lun number.
    portals
    string array    		portals is the iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
    readOnly
    boolean    		readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.
    secretRef
    SecretReference    		secretRef is the CHAP Secret for iSCSI target and initiator authentication
    targetPortal
    string    		targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
    
+
    ISCSIVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ISCSIVolumeSource
    
+
    Represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    chapAuthDiscovery
    boolean    		chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
    chapAuthSession
    boolean    		chapAuthSession defines whether support iSCSI Session CHAP authentication
    fsType
    string    		fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
    initiatorName
    string    		initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.
    iqn
    string    		iqn is the target iSCSI Qualified Name.
    iscsiInterface
    string    		iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
    lun
    integer    		lun represents iSCSI Target Lun number.
    portals
    string array    		portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
    readOnly
    boolean    		readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.
    secretRef
    LocalObjectReference    		secretRef is the CHAP Secret for iSCSI target and initiator authentication
    targetPortal
    string    		targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
    
+
    IngressBackend v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressBackend
    
+
    IngressBackend describes all endpoints for a given service and port.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    resource
    TypedLocalObjectReference    		resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service".
    service
    IngressServiceBackend    		service references a service as a backend. This is a mutually exclusive setting with "Resource".
    
+
    IngressClassParametersReference v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressClassParametersReference
    
+
    IngressClassParametersReference identifies an API object. This can be used to specify a cluster or namespace-scoped resource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroup
    string    		apiGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
    kind
    string    		kind is the type of resource being referenced.
    name
    string    		name is the name of resource being referenced.
    namespace
    string    		namespace is the namespace of the resource being referenced. This field is required when scope is set to "Namespace" and must be unset when scope is set to "Cluster".
    scope
    string    		scope represents if this refers to a cluster or namespace scoped resource. This may be set to "Cluster" (default) or "Namespace".
    
+
    IngressLoadBalancerIngress v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressLoadBalancerIngress
    
+
    IngressLoadBalancerIngress represents the status of a load-balancer ingress point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    hostname
    string    		hostname is set for load-balancer ingress points that are DNS based.
    ip
    string    		ip is set for load-balancer ingress points that are IP based.
    ports
    IngressPortStatus array    		ports provides information about the ports exposed by this LoadBalancer.
    
+
    IngressLoadBalancerStatus v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressLoadBalancerStatus
    
+
    IngressLoadBalancerStatus represents the status of a load-balancer.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    ingress
    IngressLoadBalancerIngress array    		ingress is a list containing ingress points for the load-balancer.
    
+
    IngressPortStatus v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressPortStatus
    
+
    IngressPortStatus represents the error condition of a service port
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    error
    string    		error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use   CamelCase names - cloud provider specific error values must have names that comply with the   format foo.example.com/CamelCase.
    port
    integer    		port is the port number of the ingress port.
    protocol
    string    		protocol is the protocol of the ingress port. The supported values are: "TCP", "UDP", "SCTP"
    
+
    IngressRule v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressRule
    
+
    IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    host
    string    		host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to    the IP in the Spec of the parent Ingress. 2. The `:` delimiter is not respected because ports are not allowed. 	  Currently the port of an Ingress is implicitly :80 for http and 	  :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.  host can be "precise" which is a domain name without the terminating dot of a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name prefixed with a single wildcard label (e.g. "*.foo.com"). The wildcard character '\*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). Requests will be matched against the Host field in the following way: 1. If host is precise, the request matches this rule if the http host header is equal to Host. 2. If host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule.
    http
    HTTPIngressRuleValue
    
+
    IngressServiceBackend v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressServiceBackend
    
+
    IngressServiceBackend references a Kubernetes Service as a Backend.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		name is the referenced service. The service must exist in the same namespace as the Ingress object.
    port
    ServiceBackendPort    		port of the referenced service. A port name or port number is required for a IngressServiceBackend.
    
+
    IngressTLS v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1IngressTLS
    
+
    IngressTLS describes the transport layer security associated with an ingress.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    hosts
    string array    		hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.
    secretName
    string    		secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing.
    
+
    JSON v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1JSON
    
+
    JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    JSONSchemaProps v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1JSONSchemaProps
    
+
    JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    $ref
    string
    $schema
    string
    additionalItems
    JSONSchemaPropsOrBool
    additionalProperties
    JSONSchemaPropsOrBool
    allOf
    JSONSchemaProps array
    anyOf
    JSONSchemaProps array
    default
    JSON    		default is a default value for undefined object fields. Defaulting is a beta feature under the CustomResourceDefaulting feature gate. Defaulting requires spec.preserveUnknownFields to be false.
    definitions
    object
    dependencies
    object
    description
    string
    enum
    JSON array
    example
    JSON
    exclusiveMaximum
    boolean
    exclusiveMinimum
    boolean
    externalDocs
    ExternalDocumentation
    format
    string    		format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:  - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10 number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like "rgb(255,255,2559" - byte: base64 encoded binary data - password: any kind of string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
    id
    string
    items
    JSONSchemaPropsOrArray
    maxItems
    integer
    maxLength
    integer
    maxProperties
    integer
    maximum
    number
    minItems
    integer
    minLength
    integer
    minProperties
    integer
    minimum
    number
    multipleOf
    number
    not
    JSONSchemaProps
    nullable
    boolean
    oneOf
    JSONSchemaProps array
    pattern
    string
    patternProperties
    object
    properties
    object
    required
    string array
    title
    string
    type
    string
    uniqueItems
    boolean
    x-kubernetes-embedded-resource
    boolean    		x-kubernetes-embedded-resource defines that the value is an embedded Kubernetes runtime.Object, with TypeMeta and ObjectMeta. The type must be object. It is allowed to further restrict the embedded object. kind, apiVersion and metadata are validated automatically. x-kubernetes-preserve-unknown-fields is allowed to be true, but does not have to be if the object is fully specified (up to kind, apiVersion, metadata).
    x-kubernetes-int-or-string
    boolean    		x-kubernetes-int-or-string specifies that this value is either an integer or a string. If this is true, an empty type is allowed and type as child of anyOf is permitted if following one of the following patterns:  1) anyOf:    - type: integer    - type: string 2) allOf:    - anyOf:      - type: integer      - type: string    - ... zero or more
    x-kubernetes-list-map-keys
    string array    		x-kubernetes-list-map-keys annotates an array with the x-kubernetes-list-type `map` by specifying the keys used as the index of the map.  This tag MUST only be used on lists that have the "x-kubernetes-list-type" extension set to "map". Also, the values specified for this attribute must be a scalar typed field of the child structure (no nesting is supported).  The properties specified must either be required or have a default value, to ensure those properties are present for all list items.
    x-kubernetes-list-type
    string    		x-kubernetes-list-type annotates an array to further describe its topology. This extension must only be used on lists and may have 3 possible values:  1) `atomic`: the list is treated as a single entity, like a scalar.      Atomic lists will be entirely replaced when updated. This extension      may be used on any type of list (struct, scalar, ...). 2) `set`:      Sets are lists that must not have multiple items with the same value. Each      value must be a scalar, an object with x-kubernetes-map-type `atomic` or an      array with x-kubernetes-list-type `atomic`. 3) `map`:      These lists are like maps in that their elements have a non-index key      used to identify them. Order is preserved upon merge. The map tag      must only be used on a list with elements of type object. Defaults to atomic for arrays.
    x-kubernetes-map-type
    string    		x-kubernetes-map-type annotates an object to further describe its topology. This extension must only be used when type is object and may have 2 possible values:  1) `granular`:      These maps are actual maps (key-value pairs) and each fields are independent      from each other (they can each be manipulated by separate actors). This is      the default behaviour for all maps. 2) `atomic`: the list is treated as a single entity, like a scalar.      Atomic maps will be entirely replaced when updated.
    x-kubernetes-preserve-unknown-fields
    boolean    		x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning fields which are not specified in the validation schema. This affects fields recursively, but switches back to normal pruning behaviour if nested properties or additionalProperties are specified in the schema. This can either be true or undefined. False is forbidden.
    x-kubernetes-validations
    ValidationRule array
    patch strategy: merge
    patch merge key: rule    		x-kubernetes-validations describes a list of validation rules written in the CEL expression language. This field is an alpha-level. Using this field requires the feature gate `CustomResourceValidationExpressions` to be enabled.
    
+
    JSONSchemaPropsOrArray v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1JSONSchemaPropsOrArray
    
+
    JSONSchemaPropsOrArray represents a value that can either be a JSONSchemaProps or an array of JSONSchemaProps. Mainly here for serialization purposes.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    JSONSchemaPropsOrBool v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1JSONSchemaPropsOrBool
    
+
    JSONSchemaPropsOrBool represents JSONSchemaProps or a boolean value. Defaults to true for the boolean property.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    JobCondition v1 batch
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1JobCondition
    
+
    JobCondition describes current state of a job.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastProbeTime
    Time    		Last time the condition was checked.
    lastTransitionTime
    Time    		Last time the condition transit from one status to another.
    message
    string    		Human readable message indicating details about last transition.
    reason
    string    		(brief) reason for the condition's last transition.
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of job condition, Complete or Failed.
    
+
    JobTemplateSpec v1 batch
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1JobTemplateSpec
    
+
    JobTemplateSpec describes the data a Job should have when created from a template
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    metadata
    ObjectMeta    		Standard object's metadata of the jobs created from this template. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    JobSpec    		Specification of the desired behavior of the job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    KeyToPath v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1KeyToPath
    
+
    Maps a string key to a path within a volume.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    key
    string    		key is the key to project.
    mode
    integer    		mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
    path
    string    		path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
    
+
    LabelSelector v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1LabelSelector
    
+
    A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    matchExpressions
    LabelSelectorRequirement array    		matchExpressions is a list of label selector requirements. The requirements are ANDed.
    matchLabels
    object    		matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
    
+
    LabelSelectorRequirement v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1LabelSelectorRequirement
    
+
    A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    key
    string
    patch strategy: merge
    patch merge key: key    		key is the label key that the selector applies to.
    operator
    string    		operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
    values
    string array    		values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
    
+
    Lifecycle v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Lifecycle
    
+
    Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    postStart
    LifecycleHandler    		PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
    preStop
    LifecycleHandler    		PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
    
+
    LifecycleHandler v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1LifecycleHandler
    
+
    LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    exec
    ExecAction    		Exec specifies the action to take.
    httpGet
    HTTPGetAction    		HTTPGet specifies the http request to perform.
    tcpSocket
    TCPSocketAction    		Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.
    
+
    LimitRangeItem v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1LimitRangeItem
    
+
    LimitRangeItem defines a min/max usage limit for any resource that matches on kind.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    default
    object    		Default resource requirement limit value by resource name if resource limit is omitted.
    defaultRequest
    object    		DefaultRequest is the default resource requirement request value by resource name if resource request is omitted.
    max
    object    		Max usage constraints on this kind by resource name.
    maxLimitRequestRatio
    object    		MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource.
    min
    object    		Min usage constraints on this kind by resource name.
    type
    string    		Type of resource that this limit applies to.
    
+
    LimitResponse v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3LimitResponse
    
+
    LimitResponse defines how to handle requests that can not be executed right now.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    queuing
    QueuingConfiguration    		`queuing` holds the configuration parameters for queuing. This field may be non-empty only if `type` is `"Queue"`.
    type
    string    		`type` is "Queue" or "Reject". "Queue" means that requests that can not be executed upon arrival are held in a queue until they can be executed or a queuing limit is reached. "Reject" means that requests that can not be executed upon arrival are rejected. Required.
    
+
    LimitedPriorityLevelConfiguration v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3LimitedPriorityLevelConfiguration
    
+
    LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits. It addresses two issues:
+  - How are requests for this priority level limited?
+  - What should be done with requests that exceed the limit?
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    borrowingLimitPercent
    integer    		`borrowingLimitPercent`, if present, configures a limit on how many seats this priority level can borrow from other priority levels. The limit is known as this level's BorrowingConcurrencyLimit (BorrowingCL) and is a limit on the total number of seats that this level may borrow at any one time. This field holds the ratio of that limit to the level's nominal concurrency limit. When this field is non-nil, it must hold a non-negative integer and the limit is calculated as follows.  BorrowingCL(i) = round( NominalCL(i) * borrowingLimitPercent(i)/100.0 )  The value of this field can be more than 100, implying that this priority level can borrow a number of seats that is greater than its own nominal concurrency limit (NominalCL). When this field is left `nil`, the limit is effectively infinite.
    lendablePercent
    integer    		`lendablePercent` prescribes the fraction of the level's NominalCL that can be borrowed by other priority levels. The value of this field must be between 0 and 100, inclusive, and it defaults to 0. The number of seats that other levels can borrow from this level, known as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.  LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
    limitResponse
    LimitResponse    		`limitResponse` indicates what to do with requests that can not be executed right now
    nominalConcurrencyShares
    integer    		`nominalConcurrencyShares` (NCS) contributes to the computation of the NominalConcurrencyLimit (NominalCL) of this level. This is the number of execution seats available at this priority level. This is used both for requests dispatched from this priority level as well as requests dispatched from other priority levels borrowing seats from this level. The server's concurrency limit (ServerCL) is divided among the Limited priority levels in proportion to their NCS values:  NominalCL(i)  = ceil( ServerCL * NCS(i) / sum_ncs ) sum_ncs = sum[limited priority level k] NCS(k)  Bigger numbers mean a larger nominal concurrency limit, at the expense of every other Limited priority level. This field has a default value of 30.
    
+
    ListMeta v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1ListMeta
    
+
    ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    continue
    string    		continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message.
    remainingItemCount
    integer    		remainingItemCount is the number of subsequent items in the list which are not included in this list response. If the list request contained label or field selectors, then the number of remaining items is unknown and the field will be left unset and omitted during serialization. If the list is complete (either because it is not chunking or because this is the last chunk), then there are no more remaining items and this field will be left unset and omitted during serialization. Servers older than v1.15 do not set this field. The intended use of the remainingItemCount is *estimating* the size of a collection. Clients should not rely on the remainingItemCount to be set or to be exact.
    resourceVersion
    string    		String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
    selfLink
    string    		Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.
    
+
    LoadBalancerIngress v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1LoadBalancerIngress
    
+
    LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    hostname
    string    		Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)
    ip
    string    		IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)
    ports
    PortStatus array    		Ports is a list of records of service ports If used, every port defined in the service should have an entry in it
    
+
    LoadBalancerStatus v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1LoadBalancerStatus
    
+
    LoadBalancerStatus represents the status of a load-balancer.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    ingress
    LoadBalancerIngress array    		Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.
    
+
    LocalObjectReference v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1LocalObjectReference
    
+
    LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    
+
    LocalVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1LocalVolumeSource
    
+
    Local represents directly-attached storage with node affinity (Beta feature)
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type to mount. It applies only when the Path is a block device. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a filesystem if unspecified.
    path
    string    		path of the full path to the volume on the node. It can be either a directory or block device (disk, partition, ...).
    
+
    ManagedFieldsEntry v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1ManagedFieldsEntry
    
+
    ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted.
    fieldsType
    string    		FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: "FieldsV1"
    fieldsV1
    FieldsV1    		FieldsV1 holds the first JSON version format as described in the "FieldsV1" type.
    manager
    string    		Manager is an identifier of the workflow managing these fields.
    operation
    string    		Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'.
    subresource
    string    		Subresource is the name of the subresource used to update that object, or empty string if the object was updated through the main resource. The value of this field is used to distinguish between managers, even if they share the same name. For example, a status update will be distinct from a regular update using the same manager name. Note that the APIVersion field is not related to the Subresource field and it always corresponds to the version of the main resource.
    time
    Time    		Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over.
    
+
    MatchCondition v1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1MatchCondition
    
+
    MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook.
    
+
     Other API versions of this object exist:
+v1alpha1
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    expression
    string    		Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. CEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:  'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest). 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.   See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the   request resource. Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/  Required.
    name
    string    		Name is an identifier for this match condition, used for strategic merging of MatchConditions, as well as providing an identifier for logging purposes. A good name should be descriptive of the associated expression. Name must be a qualified name consisting of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyName',  or 'my.name',  or '123-abc', regex used for validation is '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]') with an optional DNS subdomain prefix and '/' (e.g. 'example.com/MyName')  Required.
    
+
    MatchResources v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1MatchResources
    
+
    MatchResources decides whether to run the admission control policy on an object based on whether it meets the match criteria. The exclude rules take precedence over include rules (if a resource matches both, it is excluded)
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    excludeResourceRules
    NamedRuleWithOperations array    		ExcludeResourceRules describes what operations on what resources/subresources the ValidatingAdmissionPolicy should not care about. The exclude rules take precedence over include rules (if a resource matches both, it is excluded)
    matchPolicy
    string    		matchPolicy defines how the "MatchResources" list is used to match incoming requests. Allowed values are "Exact" or "Equivalent".  - Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`, a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the ValidatingAdmissionPolicy.  - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`, a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the ValidatingAdmissionPolicy.  Defaults to "Equivalent"
    namespaceSelector
    LabelSelector    		NamespaceSelector decides whether to run the admission control policy on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the policy.  For example, to run the webhook on any objects whose namespace is not associated with "runlevel" of "0" or "1";  you will set the selector as follows: "namespaceSelector": {   "matchExpressions": [     {       "key": "runlevel",       "operator": "NotIn",       "values": [         "0",         "1"       ]     }   ] }  If instead you want to only run the policy on any objects whose namespace is associated with the "environment" of "prod" or "staging"; you will set the selector as follows: "namespaceSelector": {   "matchExpressions": [     {       "key": "environment",       "operator": "In",       "values": [         "prod",         "staging"       ]     }   ] }  See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more examples of label selectors.  Default to the empty LabelSelector, which matches everything.
    objectSelector
    LabelSelector    		ObjectSelector decides whether to run the validation based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the cel validation, and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.
    resourceRules
    NamedRuleWithOperations array    		ResourceRules describes what operations on what resources/subresources the ValidatingAdmissionPolicy matches. The policy cares about an operation if it matches _any_ Rule.
    
+
    MetricIdentifier v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2MetricIdentifier
    
+
    MetricIdentifier defines the name and optionally selector for a metric
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		name is the name of the given metric
    selector
    LabelSelector    		selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.
    
+
    MetricSpec v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2MetricSpec
    
+
    MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    containerResource
    ContainerResourceMetricSource    		containerResource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag.
    external
    ExternalMetricSource    		external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).
    object
    ObjectMetricSource    		object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).
    pods
    PodsMetricSource    		pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second).  The values will be averaged together before being compared to the target value.
    resource
    ResourceMetricSource    		resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.
    type
    string    		type is the type of metric source.  It should be one of "ContainerResource", "External", "Object", "Pods" or "Resource", each mapping to a matching field in the object. Note: "ContainerResource" type is available on when the feature-gate HPAContainerMetrics is enabled
    
+
    MetricStatus v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2MetricStatus
    
+
    MetricStatus describes the last-read state of a single metric.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    containerResource
    ContainerResourceMetricStatus    		container resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.
    external
    ExternalMetricStatus    		external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).
    object
    ObjectMetricStatus    		object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).
    pods
    PodsMetricStatus    		pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second).  The values will be averaged together before being compared to the target value.
    resource
    ResourceMetricStatus    		resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.
    type
    string    		type is the type of metric source.  It will be one of "ContainerResource", "External", "Object", "Pods" or "Resource", each corresponds to a matching field in the object. Note: "ContainerResource" type is available on when the feature-gate HPAContainerMetrics is enabled
    
+
    MetricTarget v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2MetricTarget
    
+
    MetricTarget defines the target value, average value, or average utilization of a specific metric
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    averageUtilization
    integer    		averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type
    averageValue
    Quantity    		averageValue is the target value of the average of the metric across all relevant pods (as a quantity)
    type
    string    		type represents whether the metric type is Utilization, Value, or AverageValue
    value
    Quantity    		value is the target value of the metric (as a quantity).
    
+
    MetricValueStatus v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2MetricValueStatus
    
+
    MetricValueStatus holds the current value for a metric
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    averageUtilization
    integer    		currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods.
    averageValue
    Quantity    		averageValue is the current value of the average of the metric across all relevant pods (as a quantity)
    value
    Quantity    		value is the current value of the metric (as a quantity).
    
+
    MicroTime v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1MicroTime
    
+
    MicroTime is version of Time with microsecond level precision.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    MutatingWebhook v1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1MutatingWebhook
    
+
    MutatingWebhook describes an admission webhook and the resources and operations it applies to.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    admissionReviewVersions
    string array    		AdmissionReviewVersions is an ordered list of preferred `AdmissionReview` versions the Webhook expects. API server will try to use first version in the list which it supports. If none of the versions specified in this list supported by API server, validation will fail for this object. If a persisted webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail and be subject to the failure policy.
    clientConfig
    WebhookClientConfig    		ClientConfig defines how to communicate with the hook. Required
    failurePolicy
    string    		FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail.
    matchConditions
    MatchCondition array
    patch strategy: merge
    patch merge key: name    		MatchConditions is a list of conditions that must be met for a request to be sent to this webhook. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed.  The exact matching logic is (in order):   1. If ANY matchCondition evaluates to FALSE, the webhook is skipped.   2. If ALL matchConditions evaluate to TRUE, the webhook is called.   3. If any matchCondition evaluates to an error (but none are FALSE):      - If failurePolicy=Fail, reject the request      - If failurePolicy=Ignore, the error is ignored and the webhook is skipped  This is an alpha feature and managed by the AdmissionWebhookMatchConditions feature gate.
    matchPolicy
    string    		matchPolicy defines how the "rules" list is used to match incoming requests. Allowed values are "Exact" or "Equivalent".  - Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`, a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.  - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`, a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.  Defaults to "Equivalent"
    name
    string    		The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of the webhook, and kubernetes.io is the name of the organization. Required.
    namespaceSelector
    LabelSelector    		NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.  For example, to run the webhook on any objects whose namespace is not associated with "runlevel" of "0" or "1";  you will set the selector as follows: "namespaceSelector": {   "matchExpressions": [     {       "key": "runlevel",       "operator": "NotIn",       "values": [         "0",         "1"       ]     }   ] }  If instead you want to only run the webhook on any objects whose namespace is associated with the "environment" of "prod" or "staging"; you will set the selector as follows: "namespaceSelector": {   "matchExpressions": [     {       "key": "environment",       "operator": "In",       "values": [         "prod",         "staging"       ]     }   ] }  See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more examples of label selectors.  Default to the empty LabelSelector, which matches everything.
    objectSelector
    LabelSelector    		ObjectSelector decides whether to run the webhook based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the webhook, and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.
    reinvocationPolicy
    string    		reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation. Allowed values are "Never" and "IfNeeded".  Never: the webhook will not be called more than once in a single admission evaluation.  IfNeeded: the webhook will be called at least one additional time as part of the admission evaluation if the object being admitted is modified by other admission plugins after the initial webhook call. Webhooks that specify this option *must* be idempotent, able to process objects they previously admitted. Note: * the number of additional invocations is not guaranteed to be exactly one. * if additional invocations result in further modifications to the object, webhooks are not guaranteed to be invoked again. * webhooks that use this option may be reordered to minimize the number of additional invocations. * to validate an object after all mutations are guaranteed complete, use a validating admission webhook instead.  Defaults to "Never".
    rules
    RuleWithOperations array    		Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches _any_ Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
    sideEffects
    string    		SideEffects states whether this webhook has side effects. Acceptable values are: None, NoneOnDryRun (webhooks created via v1beta1 may also specify Some or Unknown). Webhooks with side effects MUST implement a reconciliation system, since a request may be rejected by a future step in the admission chain and the side effects therefore need to be undone. Requests with the dryRun attribute will be auto-rejected if they match a webhook with sideEffects == Unknown or Some.
    timeoutSeconds
    integer    		TimeoutSeconds specifies the timeout for this webhook. After the timeout passes, the webhook call will be ignored or the API call will fail based on the failure policy. The timeout value must be between 1 and 30 seconds. Default to 10 seconds.
    
+
    NFSVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NFSVolumeSource
    
+
    Represents an NFS mount that lasts the lifetime of a pod. NFS volumes do not support ownership management or SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    path
    string    		path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
    readOnly
    boolean    		readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
    server
    string    		server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
    
+
    NamedRuleWithOperations v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1NamedRuleWithOperations
    
+
    NamedRuleWithOperations is a tuple of Operations and Resources with ResourceNames.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroups
    string array    		APIGroups is the API groups the resources belong to. '\*' is all groups. If '\*' is present, the length of the slice must be one. Required.
    apiVersions
    string array    		APIVersions is the API versions the resources belong to. '\*' is all versions. If '\*' is present, the length of the slice must be one. Required.
    operations
    string array    		Operations is the operations the admission hook cares about - CREATE, UPDATE, DELETE, CONNECT or * for all of those operations and any future admission operations that are added. If '\*' is present, the length of the slice must be one. Required.
    resourceNames
    string array    		ResourceNames is an optional white list of names that the rule applies to.  An empty set means that everything is allowed.
    resources
    string array    		Resources is a list of resources this rule applies to.  For example: 'pods' means pods. 'pods/log' means the log subresource of pods. '\*' means all resources, but not subresources. 'pods/\*' means all subresources of pods. '\*/scale' means all scale subresources. '\*/\*' means all resources and their subresources.  If wildcard is present, the validation rule will ensure resources do not overlap with each other.  Depending on the enclosing object, subresources might not be allowed. Required.
    scope
    string    		scope specifies the scope of this rule. Valid values are "Cluster", "Namespaced", and "*" "Cluster" means that only cluster-scoped resources will match this rule. Namespace API objects are cluster-scoped. "Namespaced" means that only namespaced resources will match this rule. "*" means that there are no scope restrictions. Subresources match the scope of their parent resource. Default is "*".
    
+
    NamespaceCondition v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NamespaceCondition
    
+
    NamespaceCondition contains details about state of namespace.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time
    message
    string
    reason
    string
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of namespace controller condition.
    
+
    NetworkPolicyEgressRule v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1NetworkPolicyEgressRule
    
+
    NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. This type is beta-level in 1.8
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    ports
    NetworkPolicyPort array    		ports is a list of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.
    to
    NetworkPolicyPeer array    		to is a list of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.
    
+
    NetworkPolicyIngressRule v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1NetworkPolicyIngressRule
    
+
    NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    from
    NetworkPolicyPeer array    		from is a list of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the from list.
    ports
    NetworkPolicyPort array    		ports is a list of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.
    
+
    NetworkPolicyPeer v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1NetworkPolicyPeer
    
+
    NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    ipBlock
    IPBlock    		ipBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be.
    namespaceSelector
    LabelSelector    		namespaceSelector selects namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.  If podSelector is also set, then the NetworkPolicyPeer as a whole selects the pods matching podSelector in the namespaces selected by namespaceSelector. Otherwise it selects all pods in the namespaces selected by namespaceSelector.
    podSelector
    LabelSelector    		podSelector is a label selector which selects pods. This field follows standard label selector semantics; if present but empty, it selects all pods.  If namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the pods matching podSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the pods matching podSelector in the policy's own namespace.
    
+
    NetworkPolicyPort v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1NetworkPolicyPort
    
+
    NetworkPolicyPort describes a port to allow traffic on
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    endPort
    integer    		endPort indicates that the range of ports from port to endPort if set, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.
    portport represents the port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.
    protocol
    string    		protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.
    
+
    NodeAddress v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeAddress
    
+
    NodeAddress contains information for the node's address.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    address
    string    		The node address.
    type
    string    		Node address type, one of Hostname, ExternalIP or InternalIP.
    
+
    NodeAffinity v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeAffinity
    
+
    Node affinity is a group of node affinity scheduling rules.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    preferredDuringSchedulingIgnoredDuringExecution
    PreferredSchedulingTerm array    		The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
    requiredDuringSchedulingIgnoredDuringExecution
    NodeSelector    		If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
    
+
    NodeCondition v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeCondition
    
+
    NodeCondition contains condition information for a node.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastHeartbeatTime
    Time    		Last time we got an update on a given condition.
    lastTransitionTime
    Time    		Last time the condition transit from one status to another.
    message
    string    		Human readable message indicating details about last transition.
    reason
    string    		(brief) reason for the condition's last transition.
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of node condition.
    
+
    NodeConfigSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeConfigSource
    
+
    NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil. This API is deprecated since 1.22
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    configMap
    ConfigMapNodeConfigSource    		ConfigMap is a reference to a Node's ConfigMap
    
+
    NodeConfigStatus v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeConfigStatus
    
+
    NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    active
    NodeConfigSource    		Active reports the checkpointed config the node is actively using. Active will represent either the current version of the Assigned config, or the current LastKnownGood config, depending on whether attempting to use the Assigned config results in an error.
    assigned
    NodeConfigSource    		Assigned reports the checkpointed config the node will try to use. When Node.Spec.ConfigSource is updated, the node checkpoints the associated config payload to local disk, along with a record indicating intended config. The node refers to this record to choose its config checkpoint, and reports this record in Assigned. Assigned only updates in the status after the record has been checkpointed to disk. When the Kubelet is restarted, it tries to make the Assigned config the Active config by loading and validating the checkpointed payload identified by Assigned.
    error
    string    		Error describes any problems reconciling the Spec.ConfigSource to the Active config. Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting to load or validate the Assigned config, etc. Errors may occur at different points while syncing config. Earlier errors (e.g. download or checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error by fixing the config assigned in Spec.ConfigSource. You can find additional information for debugging by searching the error message in the Kubelet log. Error is a human-readable description of the error state; machines can check whether or not Error is empty, but should not rely on the stability of the Error text across Kubelet versions.
    lastKnownGood
    NodeConfigSource    		LastKnownGood reports the checkpointed config the node will fall back to when it encounters an error attempting to use the Assigned config. The Assigned config becomes the LastKnownGood config when the node determines that the Assigned config is stable and correct. This is currently implemented as a 10-minute soak period starting when the local record of Assigned config is updated. If the Assigned config is Active at the end of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, because the local default config is always assumed good. You should not make assumptions about the node's method of determining config stability and correctness, as this may change or become configurable in the future.
    
+
    NodeDaemonEndpoints v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeDaemonEndpoints
    
+
    NodeDaemonEndpoints lists ports opened by daemons running on the Node.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    kubeletEndpoint
    DaemonEndpoint    		Endpoint on which Kubelet is listening.
    
+
    NodeSelector v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeSelector
    
+
    A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    nodeSelectorTerms
    NodeSelectorTerm array    		Required. A list of node selector terms. The terms are ORed.
    
+
    NodeSelectorRequirement v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeSelectorRequirement
    
+
    A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    key
    string    		The label key that the selector applies to.
    operator
    string    		Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
    values
    string array    		An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
    
+
    NodeSelectorTerm v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeSelectorTerm
    
+
    A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    matchExpressions
    NodeSelectorRequirement array    		A list of node selector requirements by node's labels.
    matchFields
    NodeSelectorRequirement array    		A list of node selector requirements by node's fields.
    
+
    NodeSystemInfo v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1NodeSystemInfo
    
+
    NodeSystemInfo is a set of ids/uuids to uniquely identify the node.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    architecture
    string    		The Architecture reported by the node
    bootID
    string    		Boot ID reported by the node.
    containerRuntimeVersion
    string    		ContainerRuntime Version reported by the node through runtime remote API (e.g. containerd://1.4.2).
    kernelVersion
    string    		Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64).
    kubeProxyVersion
    string    		KubeProxy Version reported by the node.
    kubeletVersion
    string    		Kubelet Version reported by the node.
    machineID
    string    		MachineID reported by the node. For unique machine identification in the cluster this field is preferred. Learn more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html
    operatingSystem
    string    		The Operating System reported by the node
    osImage
    string    		OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)).
    systemUUID
    string    		SystemUUID reported by the node. For unique machine identification MachineID is preferred. This field is specific to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid
    
+
    NonResourceAttributes v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1NonResourceAttributes
    
+
    NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    path
    string    		Path is the URL path of the request
    verb
    string    		Verb is the standard HTTP verb
    
+
    NonResourcePolicyRule v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3NonResourcePolicyRule
    
+
    NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    nonResourceURLs
    string array    		`nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty. For example:   - "/healthz" is legal   - "/hea*" is illegal   - "/hea" is legal but matches nothing   - "/hea/*" also matches nothing   - "/healthz/*" matches all per-component health checks. "*" matches all non-resource urls. if it is present, it must be the only entry. Required.
    verbs
    string array    		`verbs` is a list of matching verbs and may not be empty. "*" matches all verbs. If it is present, it must be the only entry. Required.
    
+
    NonResourceRule v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1NonResourceRule
    
+
    NonResourceRule holds information that describes a rule for the non-resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    nonResourceURLs
    string array    		NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path.  "*" means all.
    verbs
    string array    		Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options.  "*" means all.
    
+
    ObjectFieldSelector v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ObjectFieldSelector
    
+
    ObjectFieldSelector selects an APIVersioned field of an object.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		Version of the schema the FieldPath is written in terms of, defaults to "v1".
    fieldPath
    string    		Path of the field to select in the specified API version.
    
+
    ObjectMeta v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1ObjectMeta
    
+
    ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    annotations
    object    		Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations
    creationTimestamp
    Time    		CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.  Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    deletionGracePeriodSeconds
    integer    		Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.
    deletionTimestamp
    Time    		DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.  Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    finalizers
    string array
    patch strategy: merge    		Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order.  Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.
    generateName
    string    		GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.  If this field is specified and the generated name exists, the server will return a 409.  Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
    generation
    integer    		A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.
    labels
    object    		Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels
    managedFields
    ManagedFieldsEntry array    		ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
    name
    string    		Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names
    namespace
    string    		Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.  Must be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces
    ownerReferences
    OwnerReference array
    patch strategy: merge
    patch merge key: uid    		List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
    resourceVersion
    string    		An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.  Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
    selfLink
    string    		Deprecated: selfLink is a legacy read-only field that is no longer populated by the system.
    uid
    string    		UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.  Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids
    
+
    ObjectMetricSource v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2ObjectMetricSource
    
+
    ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    describedObject
    CrossVersionObjectReference    		describedObject specifies the descriptions of a object,such as kind,name apiVersion
    metric
    MetricIdentifier    		metric identifies the target metric by name and selector
    target
    MetricTarget    		target specifies the target value for the given metric
    
+
    ObjectMetricStatus v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2ObjectMetricStatus
    
+
    ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    current
    MetricValueStatus    		current contains the current value for the given metric
    describedObject
    CrossVersionObjectReference    		DescribedObject specifies the descriptions of a object,such as kind,name apiVersion
    metric
    MetricIdentifier    		metric identifies the target metric by name and selector
    
+
    ObjectReference v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ObjectReference
    
+
    ObjectReference contains enough information to let you inspect or modify the referred object.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		API version of the referent.
    fieldPath
    string    		If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
    kind
    string    		Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    namespace
    string    		Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
    resourceVersion
    string    		Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
    uid
    string    		UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
    
+
    Overhead v1 node.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    node.k8s.iov1Overhead
    
+
    Overhead structure represents the resource overhead associated with running a pod.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    podFixed
    object    		podFixed represents the fixed resource overhead associated with running a pod.
    
+
    OwnerReference v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1OwnerReference
    
+
    OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		API version of the referent.
    blockOwnerDeletion
    boolean    		If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.
    controller
    boolean    		If true, this reference points to the managing controller.
    kind
    string    		Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names
    uid
    string    		UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids
    
+
    ParamKind v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1ParamKind
    
+
    ParamKind is a tuple of Group Kind and Version.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion is the API group version the resources belong to. In format of "group/version". Required.
    kind
    string    		Kind is the API kind the resources belong to. Required.
    
+
    ParamRef v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1ParamRef
    
+
    ParamRef references a parameter resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name of the resource being referenced.
    namespace
    string    		Namespace of the referenced resource. Should be empty for the cluster-scoped resources
    
+
    ParentReference v1alpha1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1alpha1ParentReference
    
+
    ParentReference describes a reference to a parent object.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    group
    string    		Group is the group of the object being referenced.
    name
    string    		Name is the name of the object being referenced.
    namespace
    string    		Namespace is the namespace of the object being referenced.
    resource
    string    		Resource is the resource of the object being referenced.
    uid
    string    		UID is the uid of the object being referenced.
    
+
    Patch v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1Patch
    
+
    Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.
    
+
+
+
+
+
    FieldDescription
    
+
    PersistentVolumeClaimCondition v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PersistentVolumeClaimCondition
    
+
    PersistentVolumeClaimCondition contains details about state of pvc
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastProbeTime
    Time    		lastProbeTime is the time we probed the condition.
    lastTransitionTime
    Time    		lastTransitionTime is the time the condition transitioned from one status to another.
    message
    string    		message is the human-readable message indicating details about last transition.
    reason
    string    		reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.
    status
    string
    type
    string
    
+
    PersistentVolumeClaimTemplate v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PersistentVolumeClaimTemplate
    
+
    PersistentVolumeClaimTemplate is used to produce PersistentVolumeClaim objects as part of an EphemeralVolumeSource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    metadata
    ObjectMeta    		May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.
    spec
    PersistentVolumeClaimSpec    		The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.
    
+
    PersistentVolumeClaimVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PersistentVolumeClaimVolumeSource
    
+
    PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    claimName
    string    		claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
    readOnly
    boolean    		readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
    
+
    PhotonPersistentDiskVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PhotonPersistentDiskVolumeSource
    
+
    Represents a Photon Controller persistent disk resource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
    pdID
    string    		pdID is the ID that identifies Photon Controller persistent disk
    
+
    PodAffinity v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodAffinity
    
+
    Pod affinity is a group of inter pod affinity scheduling rules.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    preferredDuringSchedulingIgnoredDuringExecution
    WeightedPodAffinityTerm array    		The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
    requiredDuringSchedulingIgnoredDuringExecution
    PodAffinityTerm array    		If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
    
+
    PodAffinityTerm v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodAffinityTerm
    
+
    Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    labelSelector
    LabelSelector    		A label query over a set of resources, in this case pods.
    namespaceSelector
    LabelSelector    		A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
    namespaces
    string array    		namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
    topologyKey
    string    		This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
    
+
    PodAntiAffinity v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodAntiAffinity
    
+
    Pod anti affinity is a group of inter pod anti affinity scheduling rules.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    preferredDuringSchedulingIgnoredDuringExecution
    WeightedPodAffinityTerm array    		The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
    requiredDuringSchedulingIgnoredDuringExecution
    PodAffinityTerm array    		If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
    
+
    PodCondition v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodCondition
    
+
    PodCondition contains details for the current condition of this pod.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastProbeTime
    Time    		Last time we probed the condition.
    lastTransitionTime
    Time    		Last time the condition transitioned from one status to another.
    message
    string    		Human-readable message indicating details about last transition.
    reason
    string    		Unique, one-word, CamelCase reason for the condition's last transition.
    status
    string    		Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
    type
    string    		Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
    
+
    PodDNSConfig v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodDNSConfig
    
+
    PodDNSConfig defines the DNS parameters of a pod in addition to those generated from DNSPolicy.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    nameservers
    string array    		A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.
    options
    PodDNSConfigOption array    		A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.
    searches
    string array    		A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.
    
+
    PodDNSConfigOption v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodDNSConfigOption
    
+
    PodDNSConfigOption defines DNS resolver options of a pod.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Required.
    value
    string
    
+
    PodFailurePolicy v1 batch
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1PodFailurePolicy
    
+
    PodFailurePolicy describes how failed pods influence the backoffLimit.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    rules
    PodFailurePolicyRule array    		A list of pod failure policy rules. The rules are evaluated in order. Once a rule matches a Pod failure, the remaining of the rules are ignored. When no rule matches the Pod failure, the default handling applies - the counter of pod failures is incremented and it is checked against the backoffLimit. At most 20 elements are allowed.
    
+
    PodFailurePolicyOnExitCodesRequirement v1 batch
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1PodFailurePolicyOnExitCodesRequirement
    
+
    PodFailurePolicyOnExitCodesRequirement describes the requirement for handling a failed pod based on its container exit codes. In particular, it lookups the .state.terminated.exitCode for each app container and init container status, represented by the .status.containerStatuses and .status.initContainerStatuses fields in the Pod status, respectively. Containers completed with success (exit code 0) are excluded from the requirement check.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    containerName
    string    		Restricts the check for exit codes to the container with the specified name. When null, the rule applies to all containers. When specified, it should match one the container or initContainer names in the pod template.
    operator
    string    		Represents the relationship between the container exit code(s) and the specified values. Containers completed with success (exit code 0) are excluded from the requirement check. Possible values are:  - In: the requirement is satisfied if at least one container exit code   (might be multiple if there are multiple containers not restricted   by the 'containerName' field) is in the set of specified values. - NotIn: the requirement is satisfied if at least one container exit code   (might be multiple if there are multiple containers not restricted   by the 'containerName' field) is not in the set of specified values. Additional values are considered to be added in the future. Clients should react to an unknown operator by assuming the requirement is not satisfied.
    values
    integer array    		Specifies the set of values. Each returned container exit code (might be multiple in case of multiple containers) is checked against this set of values with respect to the operator. The list of values must be ordered and must not contain duplicates. Value '0' cannot be used for the In operator. At least one element is required. At most 255 elements are allowed.
    
+
    PodFailurePolicyOnPodConditionsPattern v1 batch
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1PodFailurePolicyOnPodConditionsPattern
    
+
    PodFailurePolicyOnPodConditionsPattern describes a pattern for matching an actual pod condition type.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    status
    string    		Specifies the required Pod condition status. To match a pod condition it is required that the specified status equals the pod condition status. Defaults to True.
    type
    string    		Specifies the required Pod condition type. To match a pod condition it is required that specified type equals the pod condition type.
    
+
    PodFailurePolicyRule v1 batch
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1PodFailurePolicyRule
    
+
    PodFailurePolicyRule describes how a pod failure is handled when the requirements are met. One of onExitCodes and onPodConditions, but not both, can be used in each rule.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    action
    string    		Specifies the action taken on a pod failure when the requirements are satisfied. Possible values are:  - FailJob: indicates that the pod's job is marked as Failed and all   running pods are terminated. - Ignore: indicates that the counter towards the .backoffLimit is not   incremented and a replacement pod is created. - Count: indicates that the pod is handled in the default way - the   counter towards the .backoffLimit is incremented. Additional values are considered to be added in the future. Clients should react to an unknown action by skipping the rule.
    onExitCodes
    PodFailurePolicyOnExitCodesRequirement    		Represents the requirement on the container exit codes.
    onPodConditions
    PodFailurePolicyOnPodConditionsPattern array    		Represents the requirement on the pod conditions. The requirement is represented as a list of pod condition patterns. The requirement is satisfied if at least one pattern matches an actual pod condition. At most 20 elements are allowed.
    
+
    PodIP v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodIP
    
+
    IP address information for entries in the (plural) PodIPs field. Each entry includes:
+
+	IP: An IP address allocated to the pod. Routable at least within the cluster.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    ip
    string    		ip is an IP address (IPv4 or IPv6) assigned to the pod
    
+
    PodOS v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodOS
    
+
    PodOS defines the OS parameters of a pod.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null
    
+
    PodReadinessGate v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodReadinessGate
    
+
    PodReadinessGate contains the reference to a pod condition
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    conditionType
    string    		ConditionType refers to a condition in the pod's condition list with matching type.
    
+
    PodResourceClaim v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodResourceClaim
    
+
    PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name uniquely identifies this resource claim inside the pod. This must be a DNS_LABEL.
    source
    ClaimSource    		Source describes where to find the ResourceClaim.
    
+
    PodSchedulingGate v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodSchedulingGate
    
+
    PodSchedulingGate is associated to a Pod to guard its scheduling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name of the scheduling gate. Each scheduling gate must have a unique name field.
    
+
    PodSecurityContext v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PodSecurityContext
    
+
    PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsGroup
    integer    		A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:  1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----  If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
    fsGroupChangePolicy
    string    		fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.
    runAsGroup
    integer    		The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
    runAsNonRoot
    boolean    		Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
    runAsUser
    integer    		The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
    seLinuxOptions
    SELinuxOptions    		The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
    seccompProfile
    SeccompProfile    		The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
    supplementalGroups
    integer array    		A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
    sysctls
    Sysctl array    		Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.
    windowsOptions
    WindowsSecurityContextOptions    		The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
    
+
    PodsMetricSource v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2PodsMetricSource
    
+
    PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    metric
    MetricIdentifier    		metric identifies the target metric by name and selector
    target
    MetricTarget    		target specifies the target value for the given metric
    
+
    PodsMetricStatus v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2PodsMetricStatus
    
+
    PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    current
    MetricValueStatus    		current contains the current value for the given metric
    metric
    MetricIdentifier    		metric identifies the target metric by name and selector
    
+
    PolicyRule v1 rbac.authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    rbac.authorization.k8s.iov1PolicyRule
    
+
    PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroups
    string array    		APIGroups is the name of the APIGroup that contains the resources.  If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
    nonResourceURLs
    string array    		NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"),  but not both.
    resourceNames
    string array    		ResourceNames is an optional white list of names that the rule applies to.  An empty set means that everything is allowed.
    resources
    string array    		Resources is a list of resources this rule applies to. '\*' represents all resources.
    verbs
    string array    		Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '\*' represents all verbs.
    
+
    PolicyRulesWithSubjects v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3PolicyRulesWithSubjects
    
+
    PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member of resourceRules or nonResourceRules matches the request.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    nonResourceRules
    NonResourcePolicyRule array    		`nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb and the target non-resource URL.
    resourceRules
    ResourcePolicyRule array    		`resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the target resource. At least one of `resourceRules` and `nonResourceRules` has to be non-empty.
    subjects
    Subject array    		subjects is the list of normal user, serviceaccount, or group that this rule cares about. There must be at least one member in this slice. A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request. Required.
    
+
    PortStatus v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PortStatus
    
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    error
    string    		Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use   CamelCase names - cloud provider specific error values must have names that comply with the   format foo.example.com/CamelCase.
    port
    integer    		Port is the port number of the service port of which status is recorded here
    protocol
    string    		Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP"
    
+
    PortworxVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PortworxVolumeSource
    
+
    PortworxVolumeSource represents a Portworx volume resource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
    readOnly
    boolean    		readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    volumeID
    string    		volumeID uniquely identifies a Portworx volume
    
+
    Preconditions v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1Preconditions
    
+
    Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    resourceVersion
    string    		Specifies the target ResourceVersion
    uid
    string    		Specifies the target UID.
    
+
    PreferredSchedulingTerm v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1PreferredSchedulingTerm
    
+
    An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    preference
    NodeSelectorTerm    		A node selector term, associated with the corresponding weight.
    weight
    integer    		Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
    
+
    PriorityLevelConfigurationCondition v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3PriorityLevelConfigurationCondition
    
+
    PriorityLevelConfigurationCondition defines the condition of priority level.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		`lastTransitionTime` is the last time the condition transitioned from one status to another.
    message
    string    		`message` is a human-readable message indicating details about last transition.
    reason
    string    		`reason` is a unique, one-word, CamelCase reason for the condition's last transition.
    status
    string    		`status` is the status of the condition. Can be True, False, Unknown. Required.
    type
    string    		`type` is the type of the condition. Required.
    
+
    PriorityLevelConfigurationReference v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3PriorityLevelConfigurationReference
    
+
    PriorityLevelConfigurationReference contains information that points to the "request-priority" being used.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		`name` is the name of the priority level configuration being referenced Required.
    
+
    Probe v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Probe
    
+
    Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    exec
    ExecAction    		Exec specifies the action to take.
    failureThreshold
    integer    		Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
    grpc
    GRPCAction    		GRPC specifies an action involving a GRPC port.
    httpGet
    HTTPGetAction    		HTTPGet specifies the http request to perform.
    initialDelaySeconds
    integer    		Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
    periodSeconds
    integer    		How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
    successThreshold
    integer    		Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
    tcpSocket
    TCPSocketAction    		TCPSocket specifies an action involving a TCP port.
    terminationGracePeriodSeconds
    integer    		Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
    timeoutSeconds
    integer    		Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
    
+
    ProjectedVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ProjectedVolumeSource
    
+
    Represents a projected volume source
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    defaultMode
    integer    		defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
    sources
    VolumeProjection array    		sources is the list of volume projections
    
+
    Quantity resource core
    
+
+
+
+
+
+
    GroupVersionKind
    coreresourceQuantity
    
+
    Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.
+
+The serialization format is:
+
+``` <quantity>        ::= <signedNumber><suffix>
+
+	(Note that <suffix> may be empty, from the "" case in <decimalSI>.)
+
+<digit>           ::= 0 | 1 | ... | 9 <digits>          ::= <digit> | <digit><digits> <number>          ::= <digits> | <digits>.<digits> | <digits>. | .<digits> <sign>            ::= "+" | "-" <signedNumber>    ::= <number> | <sign><number> <suffix>          ::= <binarySI> | <decimalExponent> | <decimalSI> <binarySI>        ::= Ki | Mi | Gi | Ti | Pi | Ei
+
+	(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)
+
+<decimalSI>       ::= m | "" | k | M | G | T | P | E
+
+	(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)
+
+<decimalExponent> ::= "e" <signedNumber> | "E" <signedNumber> ```
+
+No matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.
+
+When a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.
+
+Before serializing, Quantity will be put in "canonical form". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:
+
+- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.
+
+The sign will be omitted unless the number is negative.
+
+Examples:
+
+- 1.5 will be serialized as "1500m" - 1.5Gi will be serialized as "1536Mi"
+
+Note that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.
+
+Non-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)
+
+This format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    QueuingConfiguration v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3QueuingConfiguration
    
+
    QueuingConfiguration holds the configuration parameters for queuing
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    handSize
    integer    		`handSize` is a small positive number that configures the shuffle sharding of requests into queues.  When enqueuing a request at this priority level the request's flow identifier (a string pair) is hashed and the hash value is used to shuffle the list of queues and deal a hand of the size specified here.  The request is put into one of the shortest queues in that hand. `handSize` must be no larger than `queues`, and should be significantly smaller (so that a few heavy flows do not saturate most of the queues).  See the user-facing documentation for more extensive guidance on setting this field.  This field has a default value of 8.
    queueLengthLimit
    integer    		`queueLengthLimit` is the maximum number of requests allowed to be waiting in a given queue of this priority level at a time; excess requests are rejected.  This value must be positive.  If not specified, it will be defaulted to 50.
    queues
    integer    		`queues` is the number of queues for this priority level. The queues exist independently at each apiserver. The value must be positive.  Setting it to 1 effectively precludes shufflesharding and thus makes the distinguisher method of associated flow schemas irrelevant.  This field has a default value of 64.
    
+
    QuobyteVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1QuobyteVolumeSource
    
+
    Represents a Quobyte mount that lasts the lifetime of a pod. Quobyte volumes do not support ownership management or SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    group
    string    		group to map volume access to Default is no group
    readOnly
    boolean    		readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.
    registry
    string    		registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes
    tenant
    string    		tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin
    user
    string    		user to map volume access to Defaults to serivceaccount user
    volume
    string    		volume is a string that references an already created Quobyte volume by name.
    
+
    RBDPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1RBDPersistentVolumeSource
    
+
    Represents a Rados Block Device mount that lasts the lifetime of a pod. RBD volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
    image
    string    		image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    keyring
    string    		keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    monitors
    string array    		monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    pool
    string    		pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    readOnly
    boolean    		readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    secretRef
    SecretReference    		secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    user
    string    		user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    
+
    RBDVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1RBDVolumeSource
    
+
    Represents a Rados Block Device mount that lasts the lifetime of a pod. RBD volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
    image
    string    		image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    keyring
    string    		keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    monitors
    string array    		monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    pool
    string    		pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    readOnly
    boolean    		readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    secretRef
    LocalObjectReference    		secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    user
    string    		user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
    
+
    ReplicaSetCondition v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1ReplicaSetCondition
    
+
    ReplicaSetCondition describes the state of a replica set at a certain point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		The last time the condition transitioned from one status to another.
    message
    string    		A human readable message indicating details about the transition.
    reason
    string    		The reason for the condition's last transition.
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of replica set condition.
    
+
    ReplicationControllerCondition v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ReplicationControllerCondition
    
+
    ReplicationControllerCondition describes the state of a replication controller at a certain point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		The last time the condition transitioned from one status to another.
    message
    string    		A human readable message indicating details about the transition.
    reason
    string    		The reason for the condition's last transition.
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of replication controller condition.
    
+
    ResourceAttributes v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1ResourceAttributes
    
+
    ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    group
    string    		Group is the API Group of the Resource.  "*" means all.
    name
    string    		Name is the name of the resource being requested for a "get" or deleted for a "delete". "" (empty) means all.
    namespace
    string    		Namespace is the namespace of the action being requested.  Currently, there is no distinction between no namespace and all namespaces "" (empty) is defaulted for LocalSubjectAccessReviews "" (empty) is empty for cluster-scoped resources "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview
    resource
    string    		Resource is one of the existing resource types.  "*" means all.
    subresource
    string    		Subresource is one of the existing resource types.  "" means none.
    verb
    string    		Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy.  "*" means all.
    version
    string    		Version is the API Version of the Resource.  "*" means all.
    
+
    ResourceClaim v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ResourceClaim
    
+
    ResourceClaim references one entry in PodSpec.ResourceClaims.
    
+
     Other API versions of this object exist:
+v1alpha2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
    
+
    ResourceClaimConsumerReference v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceClaimConsumerReference
    
+
    ResourceClaimConsumerReference contains enough information to let you locate the consumer of a ResourceClaim. The user must be a resource in the same namespace as the ResourceClaim.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroup
    string    		APIGroup is the group for the resource being referenced. It is empty for the core API. This matches the group in the APIVersion that is used when creating the resources.
    name
    string    		Name is the name of resource being referenced.
    resource
    string    		Resource is the type of resource being referenced, for example "pods".
    uid
    string    		UID identifies exactly one incarnation of the resource.
    
+
    ResourceClaimParametersReference v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceClaimParametersReference
    
+
    ResourceClaimParametersReference contains enough information to let you locate the parameters for a ResourceClaim. The object must be in the same namespace as the ResourceClaim.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroup
    string    		APIGroup is the group for the resource being referenced. It is empty for the core API. This matches the group in the APIVersion that is used when creating the resources.
    kind
    string    		Kind is the type of resource being referenced. This is the same value as in the parameter object's metadata, for example "ConfigMap".
    name
    string    		Name is the name of resource being referenced.
    
+
    ResourceClaimSchedulingStatus v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceClaimSchedulingStatus
    
+
    ResourceClaimSchedulingStatus contains information about one particular ResourceClaim with "WaitForFirstConsumer" allocation mode.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name matches the pod.spec.resourceClaims[*].Name field.
    unsuitableNodes
    string array    		UnsuitableNodes lists nodes that the ResourceClaim cannot be allocated for.  The size of this field is limited to 128, the same as for PodSchedulingSpec.PotentialNodes. This may get increased in the future, but not reduced.
    
+
    ResourceClassParametersReference v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceClassParametersReference
    
+
    ResourceClassParametersReference contains enough information to let you locate the parameters for a ResourceClass.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroup
    string    		APIGroup is the group for the resource being referenced. It is empty for the core API. This matches the group in the APIVersion that is used when creating the resources.
    kind
    string    		Kind is the type of resource being referenced. This is the same value as in the parameter object's metadata.
    name
    string    		Name is the name of resource being referenced.
    namespace
    string    		Namespace that contains the referenced resource. Must be empty for cluster-scoped resources and non-empty for namespaced resources.
    
+
    ResourceFieldSelector v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ResourceFieldSelector
    
+
    ResourceFieldSelector represents container resources (cpu, memory) and their output format
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    containerName
    string    		Container name: required for volumes, optional for env vars
    divisor
    Quantity    		Specifies the output format of the exposed resources, defaults to "1"
    resource
    string    		Required: resource to select
    
+
    ResourceHandle v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceHandle
    
+
    ResourceHandle holds opaque resource data for processing by a specific kubelet plugin.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    data
    string    		Data contains the opaque data associated with this ResourceHandle. It is set by the controller component of the resource driver whose name matches the DriverName set in the ResourceClaimStatus this ResourceHandle is embedded in. It is set at allocation time and is intended for processing by the kubelet plugin whose name matches the DriverName set in this ResourceHandle.  The maximum size of this field is 16KiB. This may get increased in the future, but not reduced.
    driverName
    string    		DriverName specifies the name of the resource driver whose kubelet plugin should be invoked to process this ResourceHandle's data once it lands on a node. This may differ from the DriverName set in ResourceClaimStatus this ResourceHandle is embedded in.
    
+
    ResourceMetricSource v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2ResourceMetricSource
    
+
    ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory).  The values will be averaged together before being compared to the target.  Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.  Only one "target" type should be set.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		name is the name of the resource in question.
    target
    MetricTarget    		target specifies the target value for the given metric
    
+
    ResourceMetricStatus v2 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv2ResourceMetricStatus
    
+
    ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory).  Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    current
    MetricValueStatus    		current contains the current value for the given metric
    name
    string    		name is the name of the resource in question.
    
+
    ResourcePolicyRule v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3ResourcePolicyRule
    
+
    ResourcePolicyRule is a predicate that matches some resource requests, testing the request's verb and the target resource. A ResourcePolicyRule matches a resource request if and only if: (a) at least one member of verbs matches the request, (b) at least one member of apiGroups matches the request, (c) at least one member of resources matches the request, and (d) either (d1) the request does not specify a namespace (i.e., `Namespace==""`) and clusterScope is true or (d2) the request specifies a namespace and least one member of namespaces matches the request's namespace.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroups
    string array    		`apiGroups` is a list of matching API groups and may not be empty. "*" matches all API groups and, if present, must be the only entry. Required.
    clusterScope
    boolean    		`clusterScope` indicates whether to match requests that do not specify a namespace (which happens either because the resource is not namespaced or the request targets all namespaces). If this field is omitted or false then the `namespaces` field must contain a non-empty list.
    namespaces
    string array    		`namespaces` is a list of target namespaces that restricts matches.  A request that specifies a target namespace matches only if either (a) this list contains that target namespace or (b) this list contains "*".  Note that "*" matches any specified namespace but does not match a request that _does not specify_ a namespace (see the `clusterScope` field for that). This list may be empty, but only if `clusterScope` is true.
    resources
    string array    		`resources` is a list of matching resources (i.e., lowercase and plural) with, if desired, subresource.  For example, [ "services", "nodes/status" ].  This list may not be empty. "*" matches all resources and, if present, must be the only entry. Required.
    verbs
    string array    		`verbs` is a list of matching verbs and may not be empty. "*" matches all verbs and, if present, must be the only entry. Required.
    
+
    ResourceRequirements v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ResourceRequirements
    
+
    ResourceRequirements describes the compute resource requirements.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    claims
    ResourceClaim array    		Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.  This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.  This field is immutable. It can only be set for containers.
    limits
    object    		Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
    requests
    object    		Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
    
+
    ResourceRule v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1ResourceRule
    
+
    ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroups
    string array    		APIGroups is the name of the APIGroup that contains the resources.  If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.  "*" means all.
    resourceNames
    string array    		ResourceNames is an optional white list of names that the rule applies to.  An empty set means that everything is allowed.  "*" means all.
    resources
    string array    		Resources is a list of resources this rule applies to.  "*" means all in the specified apiGroups.  "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
    verbs
    string array    		Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy.  "*" means all.
    
+
    RoleRef v1 rbac.authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    rbac.authorization.k8s.iov1RoleRef
    
+
    RoleRef contains information that points to the role being used
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroup
    string    		APIGroup is the group for the resource being referenced
    kind
    string    		Kind is the type of resource being referenced
    name
    string    		Name is the name of resource being referenced
    
+
    RollingUpdateStatefulSetStrategy v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1RollingUpdateStatefulSetStrategy
    
+
    RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    maxUnavailableThe maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable.
    partition
    integer    		Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0.
    
+
    RuleWithOperations v1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1RuleWithOperations
    
+
    RuleWithOperations is a tuple of Operations and Resources. It is recommended to make sure that all the tuple expansions are valid.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroups
    string array    		APIGroups is the API groups the resources belong to. '\*' is all groups. If '\*' is present, the length of the slice must be one. Required.
    apiVersions
    string array    		APIVersions is the API versions the resources belong to. '\*' is all versions. If '\*' is present, the length of the slice must be one. Required.
    operations
    string array    		Operations is the operations the admission hook cares about - CREATE, UPDATE, DELETE, CONNECT or * for all of those operations and any future admission operations that are added. If '\*' is present, the length of the slice must be one. Required.
    resources
    string array    		Resources is a list of resources this rule applies to.  For example: 'pods' means pods. 'pods/log' means the log subresource of pods. '\*' means all resources, but not subresources. 'pods/\*' means all subresources of pods. '\*/scale' means all scale subresources. '\*/\*' means all resources and their subresources.  If wildcard is present, the validation rule will ensure resources do not overlap with each other.  Depending on the enclosing object, subresources might not be allowed. Required.
    scope
    string    		scope specifies the scope of this rule. Valid values are "Cluster", "Namespaced", and "*" "Cluster" means that only cluster-scoped resources will match this rule. Namespace API objects are cluster-scoped. "Namespaced" means that only namespaced resources will match this rule. "*" means that there are no scope restrictions. Subresources match the scope of their parent resource. Default is "*".
    
+
    SELinuxOptions v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SELinuxOptions
    
+
    SELinuxOptions are the labels to be applied to the container
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    level
    string    		Level is SELinux level label that applies to the container.
    role
    string    		Role is a SELinux role label that applies to the container.
    type
    string    		Type is a SELinux type label that applies to the container.
    user
    string    		User is a SELinux user label that applies to the container.
    
+
    Scale v1 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv1Scale
    
+
    Scale represents a scaling request for a resource.
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
    spec
    ScaleSpec    		spec defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
    status
    ScaleStatus    		status is the current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only.
    
+
    ScaleIOPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ScaleIOPersistentVolumeSource
    
+
    ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs"
    gateway
    string    		gateway is the host address of the ScaleIO API Gateway.
    protectionDomain
    string    		protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.
    readOnly
    boolean    		readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    secretRef
    SecretReference    		secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.
    sslEnabled
    boolean    		sslEnabled is the flag to enable/disable SSL communication with Gateway, default false
    storageMode
    string    		storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.
    storagePool
    string    		storagePool is the ScaleIO Storage Pool associated with the protection domain.
    system
    string    		system is the name of the storage system as configured in ScaleIO.
    volumeName
    string    		volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.
    
+
    ScaleIOVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ScaleIOVolumeSource
    
+
    ScaleIOVolumeSource represents a persistent ScaleIO volume
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".
    gateway
    string    		gateway is the host address of the ScaleIO API Gateway.
    protectionDomain
    string    		protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.
    readOnly
    boolean    		readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    secretRef
    LocalObjectReference    		secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.
    sslEnabled
    boolean    		sslEnabled Flag enable/disable SSL communication with Gateway, default false
    storageMode
    string    		storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.
    storagePool
    string    		storagePool is the ScaleIO Storage Pool associated with the protection domain.
    system
    string    		system is the name of the storage system as configured in ScaleIO.
    volumeName
    string    		volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.
    
+
    Scheduling v1 node.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    node.k8s.iov1Scheduling
    
+
    Scheduling specifies the scheduling constraints for nodes supporting a RuntimeClass.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    nodeSelector
    object    		nodeSelector lists labels that must be present on nodes that support this RuntimeClass. Pods using this RuntimeClass can only be scheduled to a node matched by this selector. The RuntimeClass nodeSelector is merged with a pod's existing nodeSelector. Any conflicts will cause the pod to be rejected in admission.
    tolerations
    Toleration array    		tolerations are appended (excluding duplicates) to pods running with this RuntimeClass during admission, effectively unioning the set of nodes tolerated by the pod and the RuntimeClass.
    
+
    ScopeSelector v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ScopeSelector
    
+
    A scope selector represents the AND of the selectors represented by the scoped-resource selector requirements.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    matchExpressions
    ScopedResourceSelectorRequirement array    		A list of scope selector requirements by scope of the resources.
    
+
    ScopedResourceSelectorRequirement v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ScopedResourceSelectorRequirement
    
+
    A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator that relates the scope name and values.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    operator
    string    		Represents a scope's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist.
    scopeName
    string    		The name of the scope that the selector applies to.
    values
    string array    		An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
    
+
    SeccompProfile v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SeccompProfile
    
+
    SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    localhostProfile
    string    		localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
    type
    string    		type indicates which kind of seccomp profile will be applied. Valid options are:  Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.
    
+
    SecretEnvSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SecretEnvSource
    
+
    SecretEnvSource selects a Secret to populate the environment variables with.
+
+The contents of the target Secret's Data field will represent the key-value pairs as environment variables.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    optional
    boolean    		Specify whether the Secret must be defined
    
+
    SecretKeySelector v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SecretKeySelector
    
+
    SecretKeySelector selects a key of a Secret.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    key
    string    		The key of the secret to select from.  Must be a valid secret key.
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    optional
    boolean    		Specify whether the Secret or its key must be defined
    
+
    SecretProjection v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SecretProjection
    
+
    Adapts a secret into a projected volume.
+
+The contents of the target Secret's Data field will be presented in a projected volume as files using the keys in the Data field as the file names. Note that this is identical to a secret volume source without the default mode.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    items
    KeyToPath array    		items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
    name
    string    		Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    optional
    boolean    		optional field specify whether the Secret or its key must be defined
    
+
    SecretReference v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SecretReference
    
+
    SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		name is unique within a namespace to reference a secret resource.
    namespace
    string    		namespace defines the space within which the secret name must be unique.
    
+
    SecretVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SecretVolumeSource
    
+
    Adapts a Secret into a volume.
+
+The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    defaultMode
    integer    		defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
    items
    KeyToPath array    		items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
    optional
    boolean    		optional field specify whether the Secret or its keys must be defined
    secretName
    string    		secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
    
+
    SecurityContext v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SecurityContext
    
+
    SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext.  When both are set, the values in SecurityContext take precedence.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    allowPrivilegeEscalation
    boolean    		AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
    capabilities
    Capabilities    		The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.
    privileged
    boolean    		Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
    procMount
    string    		procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
    readOnlyRootFilesystem
    boolean    		Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
    runAsGroup
    integer    		The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
    runAsNonRoot
    boolean    		Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
    runAsUser
    integer    		The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
    seLinuxOptions
    SELinuxOptions    		The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
    seccompProfile
    SeccompProfile    		The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
    windowsOptions
    WindowsSecurityContextOptions    		The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.
    
+
    ServerAddressByClientCIDR v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1ServerAddressByClientCIDR
    
+
    ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    clientCIDR
    string    		The CIDR with which clients can match their IP to figure out the server address that they should use.
    serverAddress
    string    		Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.
    
+
    ServerStorageVersion v1alpha1 internal.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    internal.apiserver.k8s.iov1alpha1ServerStorageVersion
    
+
    An API server instance reports the version it can decode and the version it encodes objects to when persisting objects in the backend.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    apiServerID
    string    		The ID of the reporting API server.
    decodableVersions
    string array    		The API server can decode objects encoded in these versions. The encodingVersion must be included in the decodableVersions.
    encodingVersion
    string    		The API server encodes the object to this version when persisting it in the backend (e.g., etcd).
    
+
    ServiceAccountSubject v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3ServiceAccountSubject
    
+
    ServiceAccountSubject holds detailed information for service-account-kind subject.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		`name` is the name of matching ServiceAccount objects, or "*" to match regardless of name. Required.
    namespace
    string    		`namespace` is the namespace of matching ServiceAccount objects. Required.
    
+
    ServiceAccountTokenProjection v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ServiceAccountTokenProjection
    
+
    ServiceAccountTokenProjection represents a projected service account token volume. This projection can be used to insert a service account token into the pods runtime filesystem for use against APIs (Kubernetes API Server or otherwise).
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    audience
    string    		audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
    expirationSeconds
    integer    		expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
    path
    string    		path is the path relative to the mount point of the file to project the token into.
    
+
    ServiceBackendPort v1 networking.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    networking.k8s.iov1ServiceBackendPort
    
+
    ServiceBackendPort is the service port being referenced.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		name is the name of the port on the Service. This is a mutually exclusive setting with "Number".
    number
    integer    		number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with "Name".
    
+
    ServicePort v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1ServicePort
    
+
    ServicePort contains information on service's port.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    appProtocol
    string    		The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.
    name
    string    		The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service.
    nodePort
    integer    		The port on each node on which this service is exposed when type is NodePort or LoadBalancer.  Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail.  If not specified, a port will be allocated if this Service requires one.  If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
    port
    integer    		The port that will be exposed by this service.
    protocol
    string    		The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP.
    targetPortNumber or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service
    
+
    ServiceReference v1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1ServiceReference
    
+
    ServiceReference holds a reference to Service.legacy.k8s.io
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		`name` is the name of the service. Required
    namespace
    string    		`namespace` is the namespace of the service. Required
    path
    string    		`path` is an optional URL path which will be sent in any request to this service.
    port
    integer    		If specified, the port on the service that hosting webhook. Default to 443 for backward compatibility. `port` should be a valid port number (1-65535, inclusive).
    
+
    SessionAffinityConfig v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1SessionAffinityConfig
    
+
    SessionAffinityConfig represents the configurations of session affinity.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    clientIP
    ClientIPConfig    		clientIP contains the configurations of Client IP based session affinity.
    
+
    StatefulSetCondition v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1StatefulSetCondition
    
+
    StatefulSetCondition describes the state of a statefulset at a certain point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		Last time the condition transitioned from one status to another.
    message
    string    		A human readable message indicating details about the transition.
    reason
    string    		The reason for the condition's last transition.
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of statefulset condition.
    
+
    StatefulSetOrdinals v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1StatefulSetOrdinals
    
+
    StatefulSetOrdinals describes the policy used for replica ordinal assignment in this StatefulSet.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    start
    integer    		start is the number representing the first replica's index. It may be used to number replicas from an alternate index (eg: 1-indexed) over the default 0-indexed names, or to orchestrate progressive movement of replicas from one StatefulSet to another. If set, replica indices will be in the range:   [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas). If unset, defaults to 0. Replica indices will be in the range:   [0, .spec.replicas).
    
+
    StatefulSetPersistentVolumeClaimRetentionPolicy v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1StatefulSetPersistentVolumeClaimRetentionPolicy
    
+
    StatefulSetPersistentVolumeClaimRetentionPolicy describes the policy used for PVCs created from the StatefulSet VolumeClaimTemplates.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    whenDeleted
    string    		WhenDeleted specifies what happens to PVCs created from StatefulSet VolumeClaimTemplates when the StatefulSet is deleted. The default policy of `Retain` causes PVCs to not be affected by StatefulSet deletion. The `Delete` policy causes those PVCs to be deleted.
    whenScaled
    string    		WhenScaled specifies what happens to PVCs created from StatefulSet VolumeClaimTemplates when the StatefulSet is scaled down. The default policy of `Retain` causes PVCs to not be affected by a scaledown. The `Delete` policy causes the associated PVCs for any excess pods above the replica count to be deleted.
    
+
    StatefulSetUpdateStrategy v1 apps
    
+
+
+
+
+
+
    GroupVersionKind
    appsv1StatefulSetUpdateStrategy
    
+
    StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    rollingUpdate
    RollingUpdateStatefulSetStrategy    		RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.
    type
    string    		Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.
    
+
    Status v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1Status
    
+
    Status is a return value for calls that don't return other objects.
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    code
    integer    		Suggested HTTP return code for this status, 0 if not set.
    details
    StatusDetails    		Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    message
    string    		A human-readable description of the status of this operation.
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    reason
    string    		A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.
    status
    string    		Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    StatusCause v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1StatusCause
    
+
    StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    field
    string    		The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed.  Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.  Examples:   "name" - the field "name" on the current resource   "items[0].name" - the field "name" on the first array entry in "items"
    message
    string    		A human-readable description of the cause of the error.  This field may be presented as-is to a reader.
    reason
    string    		A machine-readable description of the cause of the error. If this value is empty there is no information available.
    
+
    StatusDetails v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1StatusDetails
    
+
    StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    causes
    StatusCause array    		The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.
    group
    string    		The group attribute of the resource associated with the status StatusReason.
    kind
    string    		The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    name
    string    		The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).
    retryAfterSeconds
    integer    		If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.
    uid
    string    		UID of the resource. (when there is a single resource which can be described). More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids
    
+
    StorageOSPersistentVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1StorageOSPersistentVolumeSource
    
+
    Represents a StorageOS persistent volume resource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
    readOnly
    boolean    		readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    secretRef
    ObjectReference    		secretRef specifies the secret to use for obtaining the StorageOS API credentials.  If not specified, default values will be attempted.
    volumeName
    string    		volumeName is the human-readable name of the StorageOS volume.  Volume names are only unique within a namespace.
    volumeNamespace
    string    		volumeNamespace specifies the scope of the volume within StorageOS.  If no namespace is specified then the Pod's namespace will be used.  This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.
    
+
    StorageOSVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1StorageOSVolumeSource
    
+
    Represents a StorageOS persistent volume resource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
    readOnly
    boolean    		readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
    secretRef
    LocalObjectReference    		secretRef specifies the secret to use for obtaining the StorageOS API credentials.  If not specified, default values will be attempted.
    volumeName
    string    		volumeName is the human-readable name of the StorageOS volume.  Volume names are only unique within a namespace.
    volumeNamespace
    string    		volumeNamespace specifies the scope of the volume within StorageOS.  If no namespace is specified then the Pod's namespace will be used.  This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.
    
+
    StorageVersionCondition v1alpha1 internal.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    internal.apiserver.k8s.iov1alpha1StorageVersionCondition
    
+
    Describes the state of the storageVersion at a certain point.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		Last time the condition transitioned from one status to another.
    message
    string    		A human readable message indicating details about the transition.
    observedGeneration
    integer    		If set, this represents the .metadata.generation that the condition was set based upon.
    reason
    string    		The reason for the condition's last transition.
    status
    string    		Status of the condition, one of True, False, Unknown.
    type
    string    		Type of the condition.
    
+
    Subject v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3Subject
    
+
    Subject matches the originator of a request, as identified by the request authentication system. There are three ways of matching an originator; by user, group, or service account.
    
+
     Other API versions of this object exist:
+v1beta2
+v1
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    group
    GroupSubject    		`group` matches based on user group name.
    kind
    string    		`kind` indicates which one of the other fields is non-empty. Required
    serviceAccount
    ServiceAccountSubject    		`serviceAccount` matches ServiceAccounts.
    user
    UserSubject    		`user` matches based on username.
    
+
    SubjectRulesReviewStatus v1 authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authorization.k8s.iov1SubjectRulesReviewStatus
    
+
    SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on the set of authorizers the server is configured with and any errors experienced during evaluation. Because authorization rules are additive, if a rule appears in a list it's safe to assume the subject has that permission, even if that list is incomplete.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    evaluationError
    string    		EvaluationError can appear in combination with Rules. It indicates an error occurred during rule evaluation, such as an authorizer that doesn't support rule evaluation, and that ResourceRules and/or NonResourceRules may be incomplete.
    incomplete
    boolean    		Incomplete is true when the rules returned by this call are incomplete. This is most commonly encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.
    nonResourceRules
    NonResourceRule array    		NonResourceRules is the list of actions the subject is allowed to perform on non-resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
    resourceRules
    ResourceRule array    		ResourceRules is the list of actions the subject is allowed to perform on resources. The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
    
+
    Sysctl v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Sysctl
    
+
    Sysctl defines a kernel parameter to be set
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name of a property to set
    value
    string    		Value of a property to set
    
+
    TCPSocketAction v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1TCPSocketAction
    
+
    TCPSocketAction describes an action based on opening a socket
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    host
    string    		Optional: Host name to connect to, defaults to the pod IP.
    portNumber or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
    
+
    Taint v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Taint
    
+
    The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    effect
    string    		Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute.
    key
    string    		Required. The taint key to be applied to a node.
    timeAdded
    Time    		TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints.
    value
    string    		The taint value corresponding to the taint key.
    
+
    Time v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1Time
    
+
    Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON.  Wrappers are provided for many of the factory methods that the time package offers.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
    FieldDescription
    
+
    Toleration v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Toleration
    
+
    The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    effect
    string    		Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
    key
    string    		Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
    operator
    string    		Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
    tolerationSeconds
    integer    		TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
    value
    string    		Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
    
+
    TopologySelectorLabelRequirement v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1TopologySelectorLabelRequirement
    
+
    A topology selector requirement is a selector that matches given label. This is an alpha feature and may change in the future.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    key
    string    		The label key that the selector applies to.
    values
    string array    		An array of string values. One value must match the label to be selected. Each entry in Values is ORed.
    
+
    TopologySelectorTerm v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1TopologySelectorTerm
    
+
    A topology selector term represents the result of label queries. A null or empty topology selector term matches no objects. The requirements of them are ANDed. It provides a subset of functionality as NodeSelectorTerm. This is an alpha feature and may change in the future.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    matchLabelExpressions
    TopologySelectorLabelRequirement array    		A list of topology selector requirements by labels.
    
+
    TopologySpreadConstraint v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1TopologySpreadConstraint
    
+
    TopologySpreadConstraint specifies how to spread matching pods among the given topology.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    labelSelector
    LabelSelector    		LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.
    matchLabelKeys
    string array    		MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.  This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
    maxSkew
    integer    		MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.
    minDomains
    integer    		MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.  For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.  This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
    nodeAffinityPolicy
    string    		NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.  If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
    nodeTaintsPolicy
    string    		NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.  If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
    topologyKey
    string    		TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
    whenUnsatisfiable
    string    		WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location,   but giving higher precedence to topologies that would help reduce the   skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.
    
+
    TypeChecking v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1TypeChecking
    
+
    TypeChecking contains results of type checking the expressions in the ValidatingAdmissionPolicy
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    expressionWarnings
    ExpressionWarning array    		The type checking warnings for each expression.
    
+
    TypedLocalObjectReference v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1TypedLocalObjectReference
    
+
    TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroup
    string    		APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
    kind
    string    		Kind is the type of resource being referenced
    name
    string    		Name is the name of resource being referenced
    
+
    TypedObjectReference v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1TypedObjectReference
    
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroup
    string    		APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
    kind
    string    		Kind is the type of resource being referenced
    name
    string    		Name is the name of resource being referenced
    namespace
    string    		Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
    
+
    UncountedTerminatedPods v1 batch
    
+
+
+
+
+
+
    GroupVersionKind
    batchv1UncountedTerminatedPods
    
+
    UncountedTerminatedPods holds UIDs of Pods that have terminated but haven't been accounted in Job status counters.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    failed
    string array    		failed holds UIDs of failed Pods.
    succeeded
    string array    		succeeded holds UIDs of succeeded Pods.
    
+
    UserInfo v1 authentication.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authentication.k8s.iov1UserInfo
    
+
    UserInfo holds the information about the user needed to implement the user.Info interface.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    extra
    object    		Any additional information provided by the authenticator.
    groups
    string array    		The names of groups this user is a part of.
    uid
    string    		A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.
    username
    string    		The name that uniquely identifies this user among all active users.
    
+
    UserSubject v1beta3 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta3UserSubject
    
+
    UserSubject holds detailed information for user-kind subject.
    
+
     Other API versions of this object exist:
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		`name` is the username that matches, or "*" to match all usernames. Required.
    
+
    ValidatingWebhook v1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1ValidatingWebhook
    
+
    ValidatingWebhook describes an admission webhook and the resources and operations it applies to.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    admissionReviewVersions
    string array    		AdmissionReviewVersions is an ordered list of preferred `AdmissionReview` versions the Webhook expects. API server will try to use first version in the list which it supports. If none of the versions specified in this list supported by API server, validation will fail for this object. If a persisted webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail and be subject to the failure policy.
    clientConfig
    WebhookClientConfig    		ClientConfig defines how to communicate with the hook. Required
    failurePolicy
    string    		FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail.
    matchConditions
    MatchCondition array
    patch strategy: merge
    patch merge key: name    		MatchConditions is a list of conditions that must be met for a request to be sent to this webhook. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions matches all requests. There are a maximum of 64 match conditions allowed.  The exact matching logic is (in order):   1. If ANY matchCondition evaluates to FALSE, the webhook is skipped.   2. If ALL matchConditions evaluate to TRUE, the webhook is called.   3. If any matchCondition evaluates to an error (but none are FALSE):      - If failurePolicy=Fail, reject the request      - If failurePolicy=Ignore, the error is ignored and the webhook is skipped  This is an alpha feature and managed by the AdmissionWebhookMatchConditions feature gate.
    matchPolicy
    string    		matchPolicy defines how the "rules" list is used to match incoming requests. Allowed values are "Exact" or "Equivalent".  - Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`, a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.  - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`, a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.  Defaults to "Equivalent"
    name
    string    		The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where "imagepolicy" is the name of the webhook, and kubernetes.io is the name of the organization. Required.
    namespaceSelector
    LabelSelector    		NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.  For example, to run the webhook on any objects whose namespace is not associated with "runlevel" of "0" or "1";  you will set the selector as follows: "namespaceSelector": {   "matchExpressions": [     {       "key": "runlevel",       "operator": "NotIn",       "values": [         "0",         "1"       ]     }   ] }  If instead you want to only run the webhook on any objects whose namespace is associated with the "environment" of "prod" or "staging"; you will set the selector as follows: "namespaceSelector": {   "matchExpressions": [     {       "key": "environment",       "operator": "In",       "values": [         "prod",         "staging"       ]     }   ] }  See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels for more examples of label selectors.  Default to the empty LabelSelector, which matches everything.
    objectSelector
    LabelSelector    		ObjectSelector decides whether to run the webhook based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the webhook, and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.
    rules
    RuleWithOperations array    		Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches _any_ Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
    sideEffects
    string    		SideEffects states whether this webhook has side effects. Acceptable values are: None, NoneOnDryRun (webhooks created via v1beta1 may also specify Some or Unknown). Webhooks with side effects MUST implement a reconciliation system, since a request may be rejected by a future step in the admission chain and the side effects therefore need to be undone. Requests with the dryRun attribute will be auto-rejected if they match a webhook with sideEffects == Unknown or Some.
    timeoutSeconds
    integer    		TimeoutSeconds specifies the timeout for this webhook. After the timeout passes, the webhook call will be ignored or the API call will fail based on the failure policy. The timeout value must be between 1 and 30 seconds. Default to 10 seconds.
    
+
    Validation v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1Validation
    
+
    Validation specifies the CEL expression which is used to apply the validation.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    expression
    string    		Expression represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec CEL expressions have access to the contents of the API request/response, organized into CEL variables as well as some other useful variables:  - 'object' - The object from the incoming request. The value is null for DELETE requests. - 'oldObject' - The existing object. The value is null for CREATE requests. - 'request' - Attributes of the API request([ref](/pkg/apis/admission/types.go#AdmissionRequest)). - 'params' - Parameter resource referred to by the policy binding being evaluated. Only populated if the policy has a ParamKind. - 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.   See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz - 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the   request resource.  The `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object. No other metadata properties are accessible.  Only property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - '__' escapes to '__underscores__' - '.' escapes to '__dot__' - '-' escapes to '__dash__' - '/' escapes to '__slash__' - Property names that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are: 	  "true", "false", "null", "in", "as", "break", "const", "continue", "else", "for", "function", "if", 	  "import", "let", "loop", "package", "namespace", "return". Examples:   - Expression accessing a property named "namespace": {"Expression": "object.__namespace__ > 0"}   - Expression accessing a property named "x-prop": {"Expression": "object.x__dash__prop > 0"}   - Expression accessing a property named "redact__d": {"Expression": "object.redact__underscores__d > 0"}  Equality on arrays with list type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type:   - 'set': `X + Y` performs a union where the array positions of all elements in `X` are preserved and     non-intersecting elements in `Y` are appended, retaining their partial order.   - 'map': `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values     are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with     non-intersecting keys are appended, retaining their partial order. Required.
    message
    string    		Message represents the message displayed when validation fails. The message is required if the Expression contains line breaks. The message must not contain line breaks. If unset, the message is "failed rule: {Rule}". e.g. "must be a URL with the host matching spec.host" If the Expression contains line breaks. Message is required. The message must not contain line breaks. If unset, the message is "failed Expression: {Expression}".
    messageExpression
    string    		messageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. Since messageExpression is used as a failure message, it must evaluate to a string. If both message and messageExpression are present on a validation, then messageExpression will be used if validation fails. If messageExpression results in a runtime error, the runtime error is logged, and the validation failure message is produced as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset, and the fact that messageExpression produced an empty string/string with only spaces/string with line breaks will be logged. messageExpression has access to all the same variables as the `expression` except for 'authorizer' and 'authorizer.requestResource'. Example: "object.x must be less than max ("+string(params.max)+")"
    reason
    string    		Reason represents a machine-readable description of why this validation failed. If this is the first validation in the list to fail, this reason, as well as the corresponding HTTP response code, are used in the HTTP response to the client. The currently supported reasons are: "Unauthorized", "Forbidden", "Invalid", "RequestEntityTooLarge". If not set, StatusReasonInvalid is used in the response to the client.
    
+
    ValidationRule v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1ValidationRule
    
+
    ValidationRule describes a validation rule written in the CEL expression language.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    message
    string    		Message represents the message displayed when validation fails. The message is required if the Rule contains line breaks. The message must not contain line breaks. If unset, the message is "failed rule: {Rule}". e.g. "must be a URL with the host matching spec.host"
    messageExpression
    string    		MessageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails. Since messageExpression is used as a failure message, it must evaluate to a string. If both message and messageExpression are present on a rule, then messageExpression will be used if validation fails. If messageExpression results in a runtime error, the runtime error is logged, and the validation failure message is produced as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset, and the fact that messageExpression produced an empty string/string with only spaces/string with line breaks will be logged. messageExpression has access to all the same variables as the rule; the only difference is the return type. Example: "x must be less than max ("+string(self.max)+")"
    rule
    string    		Rule represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec The Rule is scoped to the location of the x-kubernetes-validations extension in the schema. The `self` variable in the CEL expression is bound to the scoped value. Example: - Rule scoped to the root of a resource with a status subresource: {"rule": "self.status.actual <= self.spec.maxDesired"}  If the Rule is scoped to an object with properties, the accessible properties of the object are field selectable via `self.field` and field presence can be checked via `has(self.field)`. Null valued fields are treated as absent fields in CEL expressions. If the Rule is scoped to an object with additionalProperties (i.e. a map) the value of the map are accessible via `self[mapKey]`, map containment can be checked via `mapKey in self` and all entries of the map are accessible via CEL macros and functions such as `self.all(...)`. If the Rule is scoped to an array, the elements of the array are accessible via `self[i]` and also by macros and functions. If the Rule is scoped to a scalar, `self` is bound to the scalar value. Examples: - Rule scoped to a map of objects: {"rule": "self.components['Widget'].priority < 10"} - Rule scoped to a list of integers: {"rule": "self.values.all(value, value >= 0 && value < 100)"} - Rule scoped to a string value: {"rule": "self.startsWith('kube')"}  The `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the object and from any x-kubernetes-embedded-resource annotated objects. No other metadata properties are accessible.  Unknown data preserved in custom resources via x-kubernetes-preserve-unknown-fields is not accessible in CEL expressions. This includes: - Unknown field values that are preserved by object schemas with x-kubernetes-preserve-unknown-fields. - Object properties where the property schema is of an "unknown type". An "unknown type" is recursively defined as:   - A schema with no type and x-kubernetes-preserve-unknown-fields set to true   - An array where the items schema is of an "unknown type"   - An object where the additionalProperties schema is of an "unknown type"  Only property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - '__' escapes to '__underscores__' - '.' escapes to '__dot__' - '-' escapes to '__dash__' - '/' escapes to '__slash__' - Property names that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are: 	  "true", "false", "null", "in", "as", "break", "const", "continue", "else", "for", "function", "if", 	  "import", "let", "loop", "package", "namespace", "return". Examples:   - Rule accessing a property named "namespace": {"rule": "self.__namespace__ > 0"}   - Rule accessing a property named "x-prop": {"rule": "self.x__dash__prop > 0"}   - Rule accessing a property named "redact__d": {"rule": "self.redact__underscores__d > 0"}  Equality on arrays with x-kubernetes-list-type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type:   - 'set': `X + Y` performs a union where the array positions of all elements in `X` are preserved and     non-intersecting elements in `Y` are appended, retaining their partial order.   - 'map': `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values     are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with     non-intersecting keys are appended, retaining their partial order.
    
+
    VolumeAttachmentSource v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1VolumeAttachmentSource
    
+
    VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    inlineVolumeSpec
    PersistentVolumeSpec    		inlineVolumeSpec contains all the information necessary to attach a persistent volume defined by a pod's inline VolumeSource. This field is populated only for the CSIMigration feature. It contains translated fields from a pod's inline VolumeSource to a PersistentVolumeSpec. This field is beta-level and is only honored by servers that enabled the CSIMigration feature.
    persistentVolumeName
    string    		persistentVolumeName represents the name of the persistent volume to attach.
    
+
    VolumeDevice v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1VolumeDevice
    
+
    volumeDevice describes a mapping of a raw block device within a container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    devicePath
    string    		devicePath is the path inside of the container that the device will be mapped to.
    name
    string    		name must match the name of a persistentVolumeClaim in the pod
    
+
    VolumeError v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1VolumeError
    
+
    VolumeError captures an error encountered during a volume operation.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    message
    string    		message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.
    time
    Time    		time represents the time the error was encountered.
    
+
    VolumeMount v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1VolumeMount
    
+
    VolumeMount describes a mounting of a Volume within a container.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    mountPath
    string    		Path within the container at which the volume should be mounted.  Must not contain ':'.
    mountPropagation
    string    		mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
    name
    string    		This must match the Name of a Volume.
    readOnly
    boolean    		Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
    subPath
    string    		Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
    subPathExpr
    string    		Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.
    
+
    VolumeNodeAffinity v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1VolumeNodeAffinity
    
+
    VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    required
    NodeSelector    		required specifies hard node constraints that must be met.
    
+
    VolumeNodeResources v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1VolumeNodeResources
    
+
    VolumeNodeResources is a set of resource limits for scheduling of volumes.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    count
    integer    		count indicates the maximum number of unique volumes managed by the CSI driver that can be used on a node. A volume that is both attached and mounted on a node is considered to be used once, not twice. The same rule applies for a unique volume that is shared among multiple pods on the same node. If this field is not specified, then the supported number of volumes on this node is unbounded.
    
+
    VolumeProjection v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1VolumeProjection
    
+
    Projection that may be projected along with other supported volume types
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    configMap
    ConfigMapProjection    		configMap information about the configMap data to project
    downwardAPI
    DownwardAPIProjection    		downwardAPI information about the downwardAPI data to project
    secret
    SecretProjection    		secret information about the secret data to project
    serviceAccountToken
    ServiceAccountTokenProjection    		serviceAccountToken is information about the serviceAccountToken data to project
    
+
    VsphereVirtualDiskVolumeSource v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1VsphereVirtualDiskVolumeSource
    
+
    Represents a vSphere volume resource.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    fsType
    string    		fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
    storagePolicyID
    string    		storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.
    storagePolicyName
    string    		storagePolicyName is the storage Policy Based Management (SPBM) profile name.
    volumePath
    string    		volumePath is the path that identifies vSphere volume vmdk
    
+
    WatchEvent v1 meta
    
+
+
+
+
+
+
    GroupVersionKind
    metav1WatchEvent
    
+
    Event represents a single event to a watched resource.
    
+
+
+
+
+
+
+
    FieldDescription
    objectObject is:  * If Type is Added or Modified: the new state of the object.  * If Type is Deleted: the state of the object immediately before deletion.  * If Type is Error: *Status is recommended; other types may make sense    depending on context.
    type
    string
    
+
    WebhookClientConfig v1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1WebhookClientConfig
    
+
    WebhookClientConfig contains the information to make a TLS connection with the webhook
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    caBundle
    string    		`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.
    service
    ServiceReference    		`service` is a reference to the service for this webhook. Either `service` or `url` must be specified.  If the webhook is running within the cluster, then you should use `service`.
    url
    string    		`url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.  The `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.  Please note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.  The scheme must be "https"; the URL must begin with "https://".  A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.  Attempting to use a user or basic auth e.g. "user:password@" is not allowed. Fragments ("#...") and query parameters ("?...") are not allowed, either.
    
+
    WebhookConversion v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1WebhookConversion
    
+
    WebhookConversion describes how to call a conversion webhook
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    clientConfig
    WebhookClientConfig    		clientConfig is the instructions for how to call the webhook if strategy is `Webhook`.
    conversionReviewVersions
    string array    		conversionReviewVersions is an ordered list of preferred `ConversionReview` versions the Webhook expects. The API server will use the first version in the list which it supports. If none of the versions specified in this list are supported by API server, conversion will fail for the custom resource. If a persisted Webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail.
    
+
    WeightedPodAffinityTerm v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1WeightedPodAffinityTerm
    
+
    The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    podAffinityTerm
    PodAffinityTerm    		Required. A pod affinity term, associated with the corresponding weight.
    weight
    integer    		weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
    
+
    WindowsSecurityContextOptions v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1WindowsSecurityContextOptions
    
+
    WindowsSecurityContextOptions contain Windows-specific options and credentials.
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    gmsaCredentialSpec
    string    		GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
    gmsaCredentialSpecName
    string    		GMSACredentialSpecName is the name of the GMSA credential spec to use.
    hostProcess
    boolean    		HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).  In addition, if HostProcess is true then HostNetwork must also be set to true.
    runAsUserName
    string    		The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
    
+
    OLD API VERSIONS
    
+
+
    This section contains older versions of resources shown above.
    
+
    CrossVersionObjectReference v1 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv1CrossVersionObjectReference
    
+
     Other API versions of this object exist:
+v2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		apiVersion is the API version of the referent
    kind
    string    		kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    name
    string    		name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    
+
    EndpointPort v1 discovery.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    discovery.k8s.iov1EndpointPort
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    appProtocol
    string    		The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:  * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).  * Kubernetes-defined prefixed names:   * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540  * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.
    name
    string    		name represents the name of this port. All ports in an EndpointSlice must have a unique name. If the EndpointSlice is dervied from a Kubernetes service, this corresponds to the Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation: * must be no more than 63 characters long. * must consist of lower case alphanumeric characters or '-'. * must start and end with an alphanumeric character. Default is empty string.
    port
    integer    		port represents the port number of the endpoint. If this is not specified, ports are not restricted and must be interpreted in the context of the specific consumer.
    protocol
    string    		protocol represents the IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.
    
+
    Event v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1Event
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    action
    string    		What action was taken/failed regarding to the Regarding object.
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    count
    integer    		The number of times this event has occurred.
    eventTime
    MicroTime    		Time when this Event was first observed.
    firstTimestamp
    Time    		The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)
    involvedObject
    ObjectReference    		The object that this event is about.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    lastTimestamp
    Time    		The time at which the most recent occurrence of this event was recorded.
    message
    string    		A human-readable description of the status of this operation.
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    reason
    string    		This should be a short, machine understandable string that gives the reason for the transition into the object's current status.
    related
    ObjectReference    		Optional secondary object for more complex actions.
    reportingComponent
    string    		Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.
    reportingInstance
    string    		ID of the controller instance, e.g. `kubelet-xyzf`.
    series
    EventSeries    		Data about the Event series this event represents or nil if it's a singleton Event.
    source
    EventSource    		The component reporting this event. Should be a short machine understandable string.
    type
    string    		Type of this event (Normal, Warning), new types could be added in the future
    
+
    EventList v1 core
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    Event array    		List of events
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    
+
    Write Operations
    
+
    Create
    
+
    create an Event
    
+
    HTTP Request
    
+POST /api/v1/namespaces/{namespace}/events
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Event
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    Event    		OK
    201
    Event    		Created
    202
    Event    		Accepted
    
+
    Patch
    
+
    partially update the specified Event
    
+
    HTTP Request
    
+PATCH /api/v1/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Event    		OK
    201
    Event    		Created
    
+
    Replace
    
+
    replace the specified Event
    
+
    HTTP Request
    
+PUT /api/v1/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Event
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Event    		OK
    201
    Event    		Created
    
+
    Delete
    
+
    delete an Event
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of Event
    
+
    HTTP Request
    
+DELETE /api/v1/namespaces/{namespace}/events
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified Event
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Event    		OK
    
+
    List
    
+
    list or watch objects of kind Event
    
+
    HTTP Request
    
+GET /api/v1/namespaces/{namespace}/events
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EventList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind Event
    
+
    HTTP Request
    
+GET /api/v1/events
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    EventList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind Event. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/events/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the Event
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/namespaces/{namespace}/events
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of Event. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /api/v1/watch/events
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    EventSeries v1 core
    
+
+
+
+
+
+
    GroupVersionKind
    corev1EventSeries
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    count
    integer    		Number of occurrences in this series up to the last heartbeat time
    lastObservedTime
    MicroTime    		Time of the last occurrence observed
    
+
    FlowDistinguisherMethod v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2FlowDistinguisherMethod
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    type
    string    		`type` is the type of flow distinguisher method The supported types are "ByUser" and "ByNamespace". Required.
    
+
    FlowSchema v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2FlowSchema
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    FlowSchemaSpec    		`spec` is the specification of the desired behavior of a FlowSchema. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    FlowSchemaStatus    		`status` is the current status of a FlowSchema. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    FlowSchemaSpec v1beta2 flowcontrol
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    distinguisherMethod
    FlowDistinguisherMethod    		`distinguisherMethod` defines how to compute the flow distinguisher for requests that match this schema. `nil` specifies that the distinguisher is disabled and thus will always be the empty string.
    matchingPrecedence
    integer    		`matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen FlowSchema is among those with the numerically lowest (which we take to be logically highest) MatchingPrecedence.  Each MatchingPrecedence value must be ranged in [1,10000]. Note that if the precedence is not specified, it will be set to 1000 as default.
    priorityLevelConfiguration
    PriorityLevelConfigurationReference    		`priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster. If the reference cannot be resolved, the FlowSchema will be ignored and marked as invalid in its status. Required.
    rules
    PolicyRulesWithSubjects array    		`rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if at least one member of rules matches the request. if it is an empty slice, there will be no requests matching the FlowSchema.
    
+
    FlowSchemaStatus v1beta2 flowcontrol
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    conditions
    FlowSchemaCondition array    		`conditions` is a list of the current states of FlowSchema.
    
+
    FlowSchemaList v1beta2 flowcontrol
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    FlowSchema array    		`items` is a list of FlowSchemas.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		`metadata` is the standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a FlowSchema
    
+
    HTTP Request
    
+POST /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    FlowSchema
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    202
    FlowSchema    		Accepted
    
+
    Patch
    
+
    partially update the specified FlowSchema
    
+
    HTTP Request
    
+PATCH /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    
+
    Replace
    
+
    replace the specified FlowSchema
    
+
    HTTP Request
    
+PUT /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    FlowSchema
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    
+
    Delete
    
+
    delete a FlowSchema
    
+
    HTTP Request
    
+DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of FlowSchema
    
+
    HTTP Request
    
+DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified FlowSchema
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    
+
    List
    
+
    list or watch objects of kind FlowSchema
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchemaList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind FlowSchema. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/watch/flowschemas/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of FlowSchema. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/watch/flowschemas
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified FlowSchema
    
+
    HTTP Request
    
+PATCH /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    
+
    Read Status
    
+
    read status of the specified FlowSchema
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    
+
    Replace Status
    
+
    replace status of the specified FlowSchema
    
+
    HTTP Request
    
+PUT /apis/flowcontrol.apiserver.k8s.io/v1beta2/flowschemas/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the FlowSchema
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    FlowSchema
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    FlowSchema    		OK
    201
    FlowSchema    		Created
    
+
    FlowSchemaCondition v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2FlowSchemaCondition
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		`lastTransitionTime` is the last time the condition transitioned from one status to another.
    message
    string    		`message` is a human-readable message indicating details about last transition.
    reason
    string    		`reason` is a unique, one-word, CamelCase reason for the condition's last transition.
    status
    string    		`status` is the status of the condition. Can be True, False, Unknown. Required.
    type
    string    		`type` is the type of the condition. Required.
    
+
    GroupSubject v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2GroupSubject
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		name is the user group that matches, or "*" to match all user groups. See https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some well-known group names. Required.
    
+
    HorizontalPodAutoscaler v1 autoscaling
    
+
+
+
+
+
+
    GroupVersionKind
    autoscalingv1HorizontalPodAutoscaler
    
+
     Other API versions of this object exist:
+v2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    HorizontalPodAutoscalerSpec    		spec defines the behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
    status
    HorizontalPodAutoscalerStatus    		status is the current information about the autoscaler.
    
+
    HorizontalPodAutoscalerSpec v1 autoscaling
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    maxReplicas
    integer    		maxReplicas is the upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.
    minReplicas
    integer    		minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down.  It defaults to 1 pod.  minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured.  Scaling is active as long as at least one metric value is available.
    scaleTargetRef
    CrossVersionObjectReference    		reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource.
    targetCPUUtilizationPercentage
    integer    		targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used.
    
+
    HorizontalPodAutoscalerStatus v1 autoscaling
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    currentCPUUtilizationPercentage
    integer    		currentCPUUtilizationPercentage is the current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU.
    currentReplicas
    integer    		currentReplicas is the current number of replicas of pods managed by this autoscaler.
    desiredReplicas
    integer    		desiredReplicas is the  desired number of replicas of pods managed by this autoscaler.
    lastScaleTime
    Time    		lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed.
    observedGeneration
    integer    		observedGeneration is the most recent generation observed by this autoscaler.
    
+
    HorizontalPodAutoscalerList v1 autoscaling
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    HorizontalPodAutoscaler array    		items is the list of horizontal pod autoscaler objects.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata.
    
+
    Write Operations
    
+
    Create
    
+
    create a HorizontalPodAutoscaler
    
+
    HTTP Request
    
+POST /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    HorizontalPodAutoscaler
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    202
    HorizontalPodAutoscaler    		Accepted
    
+
    Patch
    
+
    partially update the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+PATCH /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    
+
    Replace
    
+
    replace the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+PUT /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    HorizontalPodAutoscaler
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    
+
    Delete
    
+
    delete a HorizontalPodAutoscaler
    
+
    HTTP Request
    
+DELETE /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of HorizontalPodAutoscaler
    
+
    HTTP Request
    
+DELETE /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+GET /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    
+
    List
    
+
    list or watch objects of kind HorizontalPodAutoscaler
    
+
    HTTP Request
    
+GET /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscalerList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind HorizontalPodAutoscaler
    
+
    HTTP Request
    
+GET /apis/autoscaling/v1/horizontalpodautoscalers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscalerList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/autoscaling/v1/watch/horizontalpodautoscalers
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+PATCH /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    
+
    Read Status
    
+
    read status of the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+GET /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    
+
    Replace Status
    
+
    replace status of the specified HorizontalPodAutoscaler
    
+
    HTTP Request
    
+PUT /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the HorizontalPodAutoscaler
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    HorizontalPodAutoscaler
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    HorizontalPodAutoscaler    		OK
    201
    HorizontalPodAutoscaler    		Created
    
+
    LimitResponse v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2LimitResponse
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    queuing
    QueuingConfiguration    		`queuing` holds the configuration parameters for queuing. This field may be non-empty only if `type` is `"Queue"`.
    type
    string    		`type` is "Queue" or "Reject". "Queue" means that requests that can not be executed upon arrival are held in a queue until they can be executed or a queuing limit is reached. "Reject" means that requests that can not be executed upon arrival are rejected. Required.
    
+
    LimitedPriorityLevelConfiguration v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2LimitedPriorityLevelConfiguration
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    assuredConcurrencyShares
    integer    		`assuredConcurrencyShares` (ACS) configures the execution limit, which is a limit on the number of requests of this priority level that may be exeucting at a given time.  ACS must be a positive number. The server's concurrency limit (SCL) is divided among the concurrency-controlled priority levels in proportion to their assured concurrency shares. This produces the assured concurrency value (ACV) --- the number of requests that may be executing at a time --- for each such priority level:              ACV(l) = ceil( SCL * ACS(l) / ( sum[priority levels k] ACS(k) ) )  bigger numbers of ACS mean more reserved concurrent requests (at the expense of every other PL). This field has a default value of 30.
    borrowingLimitPercent
    integer    		`borrowingLimitPercent`, if present, configures a limit on how many seats this priority level can borrow from other priority levels. The limit is known as this level's BorrowingConcurrencyLimit (BorrowingCL) and is a limit on the total number of seats that this level may borrow at any one time. This field holds the ratio of that limit to the level's nominal concurrency limit. When this field is non-nil, it must hold a non-negative integer and the limit is calculated as follows.  BorrowingCL(i) = round( NominalCL(i) * borrowingLimitPercent(i)/100.0 )  The value of this field can be more than 100, implying that this priority level can borrow a number of seats that is greater than its own nominal concurrency limit (NominalCL). When this field is left `nil`, the limit is effectively infinite.
    lendablePercent
    integer    		`lendablePercent` prescribes the fraction of the level's NominalCL that can be borrowed by other priority levels. The value of this field must be between 0 and 100, inclusive, and it defaults to 0. The number of seats that other levels can borrow from this level, known as this level's LendableConcurrencyLimit (LendableCL), is defined as follows.  LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
    limitResponse
    LimitResponse    		`limitResponse` indicates what to do with requests that can not be executed right now
    
+
    MatchCondition v1alpha1 admissionregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    admissionregistration.k8s.iov1alpha1MatchCondition
    
+
     Other API versions of this object exist:
+v1
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    expression
    string    		Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. CEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:  'object' - The object from the incoming request. The value is null for DELETE requests. 'oldObject' - The existing object. The value is null for CREATE requests. 'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest). 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.   See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the   request resource. Documentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/  Required.
    name
    string    		Name is an identifier for this match condition, used for strategic merging of MatchConditions, as well as providing an identifier for logging purposes. A good name should be descriptive of the associated expression. Name must be a qualified name consisting of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyName',  or 'my.name',  or '123-abc', regex used for validation is '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]') with an optional DNS subdomain prefix and '/' (e.g. 'example.com/MyName')  Required.
    
+
    NonResourcePolicyRule v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2NonResourcePolicyRule
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    nonResourceURLs
    string array    		`nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty. For example:   - "/healthz" is legal   - "/hea*" is illegal   - "/hea" is legal but matches nothing   - "/hea/*" also matches nothing   - "/healthz/*" matches all per-component health checks. "*" matches all non-resource urls. if it is present, it must be the only entry. Required.
    verbs
    string array    		`verbs` is a list of matching verbs and may not be empty. "*" matches all verbs. If it is present, it must be the only entry. Required.
    
+
    PolicyRulesWithSubjects v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2PolicyRulesWithSubjects
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    nonResourceRules
    NonResourcePolicyRule array    		`nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb and the target non-resource URL.
    resourceRules
    ResourcePolicyRule array    		`resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the target resource. At least one of `resourceRules` and `nonResourceRules` has to be non-empty.
    subjects
    Subject array    		subjects is the list of normal user, serviceaccount, or group that this rule cares about. There must be at least one member in this slice. A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request. Required.
    
+
    PriorityLevelConfiguration v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2PriorityLevelConfiguration
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    spec
    PriorityLevelConfigurationSpec    		`spec` is the specification of the desired behavior of a "request-priority". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    status
    PriorityLevelConfigurationStatus    		`status` is the current status of a "request-priority". More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
    
+
    PriorityLevelConfigurationSpec v1beta2 flowcontrol
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    limited
    LimitedPriorityLevelConfiguration    		`limited` specifies how requests are handled for a Limited priority level. This field must be non-empty if and only if `type` is `"Limited"`.
    type
    string    		`type` indicates whether this priority level is subject to limitation on request execution.  A value of `"Exempt"` means that requests of this priority level are not subject to a limit (and thus are never queued) and do not detract from the capacity made available to other priority levels.  A value of `"Limited"` means that (a) requests of this priority level _are_ subject to limits and (b) some of the server's limited capacity is made available exclusively to this priority level. Required.
    
+
    PriorityLevelConfigurationStatus v1beta2 flowcontrol
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    conditions
    PriorityLevelConfigurationCondition array    		`conditions` is the current state of "request-priority".
    
+
    PriorityLevelConfigurationList v1beta2 flowcontrol
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    PriorityLevelConfiguration array    		`items` is a list of request-priorities.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		`metadata` is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a PriorityLevelConfiguration
    
+
    HTTP Request
    
+POST /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PriorityLevelConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    202
    PriorityLevelConfiguration    		Accepted
    
+
    Patch
    
+
    partially update the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+PATCH /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    
+
    Replace
    
+
    replace the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+PUT /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PriorityLevelConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    
+
    Delete
    
+
    delete a PriorityLevelConfiguration
    
+
    HTTP Request
    
+DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    202
    Status    		Accepted
    
+
    Delete Collection
    
+
    delete collection of PriorityLevelConfiguration
    
+
    HTTP Request
    
+DELETE /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    
+
    List
    
+
    list or watch objects of kind PriorityLevelConfiguration
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfigurationList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind PriorityLevelConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/watch/prioritylevelconfigurations/{name}
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of PriorityLevelConfiguration. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/watch/prioritylevelconfigurations
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+PATCH /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    
+
    Read Status
    
+
    read status of the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+GET /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    
+
    Replace Status
    
+
    replace status of the specified PriorityLevelConfiguration
    
+
    HTTP Request
    
+PUT /apis/flowcontrol.apiserver.k8s.io/v1beta2/prioritylevelconfigurations/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namename of the PriorityLevelConfiguration
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    PriorityLevelConfiguration
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    PriorityLevelConfiguration    		OK
    201
    PriorityLevelConfiguration    		Created
    
+
    PriorityLevelConfigurationCondition v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2PriorityLevelConfigurationCondition
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    lastTransitionTime
    Time    		`lastTransitionTime` is the last time the condition transitioned from one status to another.
    message
    string    		`message` is a human-readable message indicating details about last transition.
    reason
    string    		`reason` is a unique, one-word, CamelCase reason for the condition's last transition.
    status
    string    		`status` is the status of the condition. Can be True, False, Unknown. Required.
    type
    string    		`type` is the type of the condition. Required.
    
+
    PriorityLevelConfigurationReference v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2PriorityLevelConfigurationReference
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		`name` is the name of the priority level configuration being referenced Required.
    
+
    QueuingConfiguration v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2QueuingConfiguration
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    handSize
    integer    		`handSize` is a small positive number that configures the shuffle sharding of requests into queues.  When enqueuing a request at this priority level the request's flow identifier (a string pair) is hashed and the hash value is used to shuffle the list of queues and deal a hand of the size specified here.  The request is put into one of the shortest queues in that hand. `handSize` must be no larger than `queues`, and should be significantly smaller (so that a few heavy flows do not saturate most of the queues).  See the user-facing documentation for more extensive guidance on setting this field.  This field has a default value of 8.
    queueLengthLimit
    integer    		`queueLengthLimit` is the maximum number of requests allowed to be waiting in a given queue of this priority level at a time; excess requests are rejected.  This value must be positive.  If not specified, it will be defaulted to 50.
    queues
    integer    		`queues` is the number of queues for this priority level. The queues exist independently at each apiserver. The value must be positive.  Setting it to 1 effectively precludes shufflesharding and thus makes the distinguisher method of associated flow schemas irrelevant.  This field has a default value of 64.
    
+
    ResourceClaim v1alpha2 resource.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    resource.k8s.iov1alpha2ResourceClaim
    
+
     Other API versions of this object exist:
+v1
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object metadata
    spec
    ResourceClaimSpec    		Spec describes the desired attributes of a resource that then needs to be allocated. It can only be set once when creating the ResourceClaim.
    status
    ResourceClaimStatus    		Status describes whether the resource is available and with which attributes.
    
+
    ResourceClaimSpec v1alpha2 resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    allocationMode
    string    		Allocation can start immediately or when a Pod wants to use the resource. "WaitForFirstConsumer" is the default.
    parametersRef
    ResourceClaimParametersReference    		ParametersRef references a separate object with arbitrary parameters that will be used by the driver when allocating a resource for the claim.  The object must be in the same namespace as the ResourceClaim.
    resourceClassName
    string    		ResourceClassName references the driver and additional parameters via the name of a ResourceClass that was created as part of the driver deployment.
    
+
    ResourceClaimStatus v1alpha2 resource
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    allocation
    AllocationResult    		Allocation is set by the resource driver once a resource or set of resources has been allocated successfully. If this is not specified, the resources have not been allocated yet.
    deallocationRequested
    boolean    		DeallocationRequested indicates that a ResourceClaim is to be deallocated.  The driver then must deallocate this claim and reset the field together with clearing the Allocation field.  While DeallocationRequested is set, no new consumers may be added to ReservedFor.
    driverName
    string    		DriverName is a copy of the driver name from the ResourceClass at the time when allocation started.
    reservedFor
    ResourceClaimConsumerReference array    		ReservedFor indicates which entities are currently allowed to use the claim. A Pod which references a ResourceClaim which is not reserved for that Pod will not be started.  There can be at most 32 such reservations. This may get increased in the future, but not reduced.
    
+
    ResourceClaimList v1alpha2 resource
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    items
    ResourceClaim array    		Items is the list of resource claims.
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ListMeta    		Standard list metadata
    
+
    Write Operations
    
+
    Create
    
+
    create a ResourceClaim
    
+
    HTTP Request
    
+POST /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClaim
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    202
    ResourceClaim    		Accepted
    
+
    Patch
    
+
    partially update the specified ResourceClaim
    
+
    HTTP Request
    
+PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    
+
    Replace
    
+
    replace the specified ResourceClaim
    
+
    HTTP Request
    
+PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClaim
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    
+
    Delete
    
+
    delete a ResourceClaim
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    202
    ResourceClaim    		Accepted
    
+
    Delete Collection
    
+
    delete collection of ResourceClaim
    
+
    HTTP Request
    
+DELETE /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    gracePeriodSecondsThe duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    orphanDependentsDeprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.
    propagationPolicyWhether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    DeleteOptions
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    Status    		OK
    
+
    Read Operations
    
+
    Read
    
+
    read the specified ResourceClaim
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    
+
    List
    
+
    list or watch objects of kind ResourceClaim
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimList    		OK
    
+
    List All Namespaces
    
+
    list or watch objects of kind ResourceClaim
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/resourceclaims
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaimList    		OK
    
+
    Watch
    
+
    watch changes to an object of kind ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaims/{name}
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List
    
+
    watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/namespaces/{namespace}/resourceclaims
+
    Path Parameters
    
+
+
+
+
+
+
    ParameterDescription
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Watch List All Namespaces
    
+
    watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/watch/resourceclaims
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    allowWatchBookmarksallowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
    continueThe continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".  This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
    fieldSelectorA selector to restrict the list of returned objects by their fields. Defaults to everything.
    labelSelectorA selector to restrict the list of returned objects by their labels. Defaults to everything.
    limitlimit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.  The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
    prettyIf 'true', then the output is pretty printed.
    resourceVersionresourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    resourceVersionMatchresourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.  Defaults to unset
    sendInitialEvents`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event  will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.  When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan   is interpreted as "data at least as new as the provided `resourceVersion`"   and the bookmark event is send when the state is synced   to a `resourceVersion` at least as fresh as the one provided by the ListOptions.   If `resourceVersion` is unset, this is interpreted as "consistent read" and the   bookmark event is send when the state is synced at least to the moment   when request started being processed. - `resourceVersionMatch` set to any other value or unset   Invalid error is returned.  Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.
    timeoutSecondsTimeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
    watchWatch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    WatchEvent    		OK
    
+
    Status Operations
    
+
    Patch Status
    
+
    partially update status of the specified ResourceClaim
    
+
    HTTP Request
    
+PATCH /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    forceForce is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    Patch
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    
+
    Read Status
    
+
    read status of the specified ResourceClaim
    
+
    HTTP Request
    
+GET /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    
+
    Response
    
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    
+
    Replace Status
    
+
    replace status of the specified ResourceClaim
    
+
    HTTP Request
    
+PUT /apis/resource.k8s.io/v1alpha2/namespaces/{namespace}/resourceclaims/{name}/status
+
    Path Parameters
    
+
+
+
+
+
+
+
    ParameterDescription
    namename of the ResourceClaim
    namespaceobject name and auth scope, such as for teams and projects
    
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    prettyIf 'true', then the output is pretty printed.
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    ResourceClaim
    
+
    Response
    
+
+
+
+
+
+
+
    CodeDescription
    200
    ResourceClaim    		OK
    201
    ResourceClaim    		Created
    
+
    ResourcePolicyRule v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2ResourcePolicyRule
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroups
    string array    		`apiGroups` is a list of matching API groups and may not be empty. "*" matches all API groups and, if present, must be the only entry. Required.
    clusterScope
    boolean    		`clusterScope` indicates whether to match requests that do not specify a namespace (which happens either because the resource is not namespaced or the request targets all namespaces). If this field is omitted or false then the `namespaces` field must contain a non-empty list.
    namespaces
    string array    		`namespaces` is a list of target namespaces that restricts matches.  A request that specifies a target namespace matches only if either (a) this list contains that target namespace or (b) this list contains "*".  Note that "*" matches any specified namespace but does not match a request that _does not specify_ a namespace (see the `clusterScope` field for that). This list may be empty, but only if `clusterScope` is true.
    resources
    string array    		`resources` is a list of matching resources (i.e., lowercase and plural) with, if desired, subresource.  For example, [ "services", "nodes/status" ].  This list may not be empty. "*" matches all resources and, if present, must be the only entry. Required.
    verbs
    string array    		`verbs` is a list of matching verbs and may not be empty. "*" matches all verbs and, if present, must be the only entry. Required.
    
+
    SelfSubjectReview v1alpha1 authentication.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    authentication.k8s.iov1alpha1SelfSubjectReview
    
+
     Other API versions of this object exist:
+v1beta1
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiVersion
    string    		APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
    kind
    string    		Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
    metadata
    ObjectMeta    		Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
    status
    SelfSubjectReviewStatus    		Status is filled in by the server with the user attributes.
    
+
    SelfSubjectReviewStatus v1alpha1 authentication
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    userInfo
    UserInfo    		User attributes of the user making this request.
    
+
    Write Operations
    
+
    Create
    
+
    create a SelfSubjectReview
    
+
    HTTP Request
    
+POST /apis/authentication.k8s.io/v1alpha1/selfsubjectreviews
+
    Query Parameters
    
+
+
+
+
+
+
+
+
+
    ParameterDescription
    dryRunWhen present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
    fieldManagerfieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
    fieldValidationfieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
    prettyIf 'true', then the output is pretty printed.
    
+
    Body Parameters
    
+
+
+
+
+
+
    ParameterDescription
    body
    SelfSubjectReview
    
+
    Response
    
+
+
+
+
+
+
+
+
    CodeDescription
    200
    SelfSubjectReview    		OK
    201
    SelfSubjectReview    		Created
    202
    SelfSubjectReview    		Accepted
    
+
    ServiceAccountSubject v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2ServiceAccountSubject
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		`name` is the name of matching ServiceAccount objects, or "*" to match regardless of name. Required.
    namespace
    string    		`namespace` is the namespace of matching ServiceAccount objects. Required.
    
+
    ServiceReference v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1ServiceReference
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		name is the name of the service. Required
    namespace
    string    		namespace is the namespace of the service. Required
    path
    string    		path is an optional URL path at which the webhook will be contacted.
    port
    integer    		port is an optional service port at which the webhook will be contacted. `port` should be a valid port number (1-65535, inclusive). Defaults to 443 for backward compatibility.
    
+
    ServiceReference v1 apiregistration.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiregistration.k8s.iov1ServiceReference
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    name
    string    		Name is the name of the service
    namespace
    string    		Namespace is the namespace of the service
    port
    integer    		If specified, the port on the service that hosting webhook. Default to 443 for backward compatibility. `port` should be a valid port number (1-65535, inclusive).
    
+
    Subject v1 rbac.authorization.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    rbac.authorization.k8s.iov1Subject
    
+
     Other API versions of this object exist:
+v1beta3
+v1beta2
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    apiGroup
    string    		APIGroup holds the API group of the referenced subject. Defaults to "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for User and Group subjects.
    kind
    string    		Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". If the Authorizer does not recognized the kind value, the Authorizer should report an error.
    name
    string    		Name of the object being referenced.
    namespace
    string    		Namespace of the referenced object.  If the object kind is non-namespace, such as "User" or "Group", and this value is not empty the Authorizer should report an error.
    
+
    Subject v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2Subject
    
+
     Other API versions of this object exist:
+v1beta3
+v1
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
+
    FieldDescription
    group
    GroupSubject    		`group` matches based on user group name.
    kind
    string    		`kind` indicates which one of the other fields is non-empty. Required
    serviceAccount
    ServiceAccountSubject    		`serviceAccount` matches ServiceAccounts.
    user
    UserSubject    		`user` matches based on username.
    
+
    TokenRequest v1 storage.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    storage.k8s.iov1TokenRequest
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
    FieldDescription
    audience
    string    		audience is the intended audience of the token in "TokenRequestSpec". It will default to the audiences of kube apiserver.
    expirationSeconds
    integer    		expirationSeconds is the duration of validity of the token in "TokenRequestSpec". It has the same default value of "ExpirationSeconds" in "TokenRequestSpec".
    
+
    UserSubject v1beta2 flowcontrol.apiserver.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    flowcontrol.apiserver.k8s.iov1beta2UserSubject
    
+
     Other API versions of this object exist:
+v1beta3
+
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
    FieldDescription
    name
    string    		`name` is the username that matches, or "*" to match all usernames. Required.
    
+
    WebhookClientConfig v1 apiextensions.k8s.io
    
+
+
+
+
+
+
    GroupVersionKind
    apiextensions.k8s.iov1WebhookClientConfig
    
+
     Appears In:
+ 
+
    
+
+
+
+
+
+
+
+
    FieldDescription
    caBundle
    string    		caBundle is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.
    service
    ServiceReference    		service is a reference to the service for this webhook. Either service or url must be specified.  If the webhook is running within the cluster, then you should use `service`.
    url
    string    		url gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.  The `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.  Please note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.  The scheme must be "https"; the URL must begin with "https://".  A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.  Attempting to use a user or basic auth e.g. "user:password@" is not allowed. Fragments ("#...") and query parameters ("?...") are not allowed, either.
    
+
+
    
+
    
+
    
+
+
+
+
+
+
+
diff --git a/static/docs/reference/generated/kubernetes-api/v1.27/js/navData.js b/static/docs/reference/generated/kubernetes-api/v1.27/js/navData.js
new file mode 100644
index 00000000000..da9e235fb18
--- /dev/null
+++ b/static/docs/reference/generated/kubernetes-api/v1.27/js/navData.js
@@ -0,0 +1 @@
+(function(){navData={"toc":[{"section":"webhookclientconfig-v1-apiextensions-k8s-io","subsections":[]},{"section":"usersubject-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"tokenrequest-v1-storage-k8s-io","subsections":[]},{"section":"subject-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"subject-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"servicereference-v1-apiregistration-k8s-io","subsections":[]},{"section":"servicereference-v1-apiextensions-k8s-io","subsections":[]},{"section":"serviceaccountsubject-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"selfsubjectreview-v1alpha1-authentication-k8s-io","subsections":[{"section":"-strong-write-operations-selfsubjectreview-v1alpha1-authentication-k8s-io-strong-","subsections":[{"section":"create-selfsubjectreview-v1alpha1-authentication-k8s-io","subsections":[]}]}]},{"section":"resourcepolicyrule-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"resourceclaim-v1alpha2-resource-k8s-io","subsections":[{"section":"-strong-status-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"replace-status-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"read-status-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"patch-status-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-list-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-all-namespaces-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"read-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"delete-collection-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"delete-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"replace-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"patch-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"create-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]}]}]},{"section":"queuingconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"prioritylevelconfigurationreference-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"prioritylevelconfigurationcondition-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[{"section":"-strong-status-operations-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"replace-status-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"read-status-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"patch-status-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"watch-list-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"watch-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"list-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"read-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"delete-collection-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"delete-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"replace-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"patch-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"create-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]}]}]},{"section":"policyruleswithsubjects-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"nonresourcepolicyrule-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"matchcondition-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"limitedprioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"limitresponse-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"horizontalpodautoscaler-v1-autoscaling","subsections":[{"section":"-strong-status-operations-horizontalpodautoscaler-v1-autoscaling-strong-","subsections":[{"section":"replace-status-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"read-status-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"patch-status-horizontalpodautoscaler-v1-autoscaling","subsections":[]}]},{"section":"-strong-read-operations-horizontalpodautoscaler-v1-autoscaling-strong-","subsections":[{"section":"watch-list-all-namespaces-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"watch-list-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"watch-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"list-all-namespaces-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"list-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"read-horizontalpodautoscaler-v1-autoscaling","subsections":[]}]},{"section":"-strong-write-operations-horizontalpodautoscaler-v1-autoscaling-strong-","subsections":[{"section":"delete-collection-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"delete-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"replace-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"patch-horizontalpodautoscaler-v1-autoscaling","subsections":[]},{"section":"create-horizontalpodautoscaler-v1-autoscaling","subsections":[]}]}]},{"section":"groupsubject-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"flowschemacondition-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[{"section":"-strong-status-operations-flowschema-v1beta2-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"replace-status-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"read-status-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"patch-status-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-flowschema-v1beta2-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"watch-list-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"watch-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"list-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"read-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-flowschema-v1beta2-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"delete-collection-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"delete-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"replace-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"patch-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"create-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]}]}]},{"section":"flowdistinguishermethod-v1beta2-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"eventseries-v1-core","subsections":[]},{"section":"event-v1-core","subsections":[{"section":"-strong-read-operations-event-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-event-v1-core","subsections":[]},{"section":"watch-list-event-v1-core","subsections":[]},{"section":"watch-event-v1-core","subsections":[]},{"section":"list-all-namespaces-event-v1-core","subsections":[]},{"section":"list-event-v1-core","subsections":[]},{"section":"read-event-v1-core","subsections":[]}]},{"section":"-strong-write-operations-event-v1-core-strong-","subsections":[{"section":"delete-collection-event-v1-core","subsections":[]},{"section":"delete-event-v1-core","subsections":[]},{"section":"replace-event-v1-core","subsections":[]},{"section":"patch-event-v1-core","subsections":[]},{"section":"create-event-v1-core","subsections":[]}]}]},{"section":"endpointport-v1-discovery-k8s-io","subsections":[]},{"section":"crossversionobjectreference-v1-autoscaling","subsections":[]},{"section":"-strong-old-api-versions-strong-","subsections":[]},{"section":"windowssecuritycontextoptions-v1-core","subsections":[]},{"section":"weightedpodaffinityterm-v1-core","subsections":[]},{"section":"webhookconversion-v1-apiextensions-k8s-io","subsections":[]},{"section":"webhookclientconfig-v1-admissionregistration-k8s-io","subsections":[]},{"section":"watchevent-v1-meta","subsections":[]},{"section":"vspherevirtualdiskvolumesource-v1-core","subsections":[]},{"section":"volumeprojection-v1-core","subsections":[]},{"section":"volumenoderesources-v1-storage-k8s-io","subsections":[]},{"section":"volumenodeaffinity-v1-core","subsections":[]},{"section":"volumemount-v1-core","subsections":[]},{"section":"volumeerror-v1-storage-k8s-io","subsections":[]},{"section":"volumedevice-v1-core","subsections":[]},{"section":"volumeattachmentsource-v1-storage-k8s-io","subsections":[]},{"section":"validationrule-v1-apiextensions-k8s-io","subsections":[]},{"section":"validation-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"validatingwebhook-v1-admissionregistration-k8s-io","subsections":[]},{"section":"usersubject-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"userinfo-v1-authentication-k8s-io","subsections":[]},{"section":"uncountedterminatedpods-v1-batch","subsections":[]},{"section":"typedobjectreference-v1-core","subsections":[]},{"section":"typedlocalobjectreference-v1-core","subsections":[]},{"section":"typechecking-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"topologyspreadconstraint-v1-core","subsections":[]},{"section":"topologyselectorterm-v1-core","subsections":[]},{"section":"topologyselectorlabelrequirement-v1-core","subsections":[]},{"section":"toleration-v1-core","subsections":[]},{"section":"time-v1-meta","subsections":[]},{"section":"taint-v1-core","subsections":[]},{"section":"tcpsocketaction-v1-core","subsections":[]},{"section":"sysctl-v1-core","subsections":[]},{"section":"subjectrulesreviewstatus-v1-authorization-k8s-io","subsections":[]},{"section":"subject-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"storageversioncondition-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"storageosvolumesource-v1-core","subsections":[]},{"section":"storageospersistentvolumesource-v1-core","subsections":[]},{"section":"statusdetails-v1-meta","subsections":[]},{"section":"statuscause-v1-meta","subsections":[]},{"section":"status-v1-meta","subsections":[]},{"section":"statefulsetupdatestrategy-v1-apps","subsections":[]},{"section":"statefulsetpersistentvolumeclaimretentionpolicy-v1-apps","subsections":[]},{"section":"statefulsetordinals-v1-apps","subsections":[]},{"section":"statefulsetcondition-v1-apps","subsections":[]},{"section":"sessionaffinityconfig-v1-core","subsections":[]},{"section":"servicereference-v1-admissionregistration-k8s-io","subsections":[]},{"section":"serviceport-v1-core","subsections":[]},{"section":"servicebackendport-v1-networking-k8s-io","subsections":[]},{"section":"serviceaccounttokenprojection-v1-core","subsections":[]},{"section":"serviceaccountsubject-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"serverstorageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"serveraddressbyclientcidr-v1-meta","subsections":[]},{"section":"securitycontext-v1-core","subsections":[]},{"section":"secretvolumesource-v1-core","subsections":[]},{"section":"secretreference-v1-core","subsections":[]},{"section":"secretprojection-v1-core","subsections":[]},{"section":"secretkeyselector-v1-core","subsections":[]},{"section":"secretenvsource-v1-core","subsections":[]},{"section":"seccompprofile-v1-core","subsections":[]},{"section":"scopedresourceselectorrequirement-v1-core","subsections":[]},{"section":"scopeselector-v1-core","subsections":[]},{"section":"scheduling-v1-node-k8s-io","subsections":[]},{"section":"scaleiovolumesource-v1-core","subsections":[]},{"section":"scaleiopersistentvolumesource-v1-core","subsections":[]},{"section":"scale-v1-autoscaling","subsections":[]},{"section":"selinuxoptions-v1-core","subsections":[]},{"section":"rulewithoperations-v1-admissionregistration-k8s-io","subsections":[]},{"section":"rollingupdatestatefulsetstrategy-v1-apps","subsections":[]},{"section":"roleref-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"resourcerule-v1-authorization-k8s-io","subsections":[]},{"section":"resourcerequirements-v1-core","subsections":[]},{"section":"resourcepolicyrule-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"resourcemetricstatus-v2-autoscaling","subsections":[]},{"section":"resourcemetricsource-v2-autoscaling","subsections":[]},{"section":"resourcehandle-v1alpha2-resource-k8s-io","subsections":[]},{"section":"resourcefieldselector-v1-core","subsections":[]},{"section":"resourceclassparametersreference-v1alpha2-resource-k8s-io","subsections":[]},{"section":"resourceclaimschedulingstatus-v1alpha2-resource-k8s-io","subsections":[]},{"section":"resourceclaimparametersreference-v1alpha2-resource-k8s-io","subsections":[]},{"section":"resourceclaimconsumerreference-v1alpha2-resource-k8s-io","subsections":[]},{"section":"resourceclaim-v1-core","subsections":[]},{"section":"resourceattributes-v1-authorization-k8s-io","subsections":[]},{"section":"replicationcontrollercondition-v1-core","subsections":[]},{"section":"replicasetcondition-v1-apps","subsections":[]},{"section":"rbdvolumesource-v1-core","subsections":[]},{"section":"rbdpersistentvolumesource-v1-core","subsections":[]},{"section":"quobytevolumesource-v1-core","subsections":[]},{"section":"queuingconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"quantity-resource-core","subsections":[]},{"section":"projectedvolumesource-v1-core","subsections":[]},{"section":"probe-v1-core","subsections":[]},{"section":"prioritylevelconfigurationreference-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"prioritylevelconfigurationcondition-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"preferredschedulingterm-v1-core","subsections":[]},{"section":"preconditions-v1-meta","subsections":[]},{"section":"portworxvolumesource-v1-core","subsections":[]},{"section":"portstatus-v1-core","subsections":[]},{"section":"policyruleswithsubjects-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"policyrule-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"podsmetricstatus-v2-autoscaling","subsections":[]},{"section":"podsmetricsource-v2-autoscaling","subsections":[]},{"section":"podsecuritycontext-v1-core","subsections":[]},{"section":"podschedulinggate-v1-core","subsections":[]},{"section":"podresourceclaim-v1-core","subsections":[]},{"section":"podreadinessgate-v1-core","subsections":[]},{"section":"podos-v1-core","subsections":[]},{"section":"podip-v1-core","subsections":[]},{"section":"podfailurepolicyrule-v1-batch","subsections":[]},{"section":"podfailurepolicyonpodconditionspattern-v1-batch","subsections":[]},{"section":"podfailurepolicyonexitcodesrequirement-v1-batch","subsections":[]},{"section":"podfailurepolicy-v1-batch","subsections":[]},{"section":"poddnsconfigoption-v1-core","subsections":[]},{"section":"poddnsconfig-v1-core","subsections":[]},{"section":"podcondition-v1-core","subsections":[]},{"section":"podantiaffinity-v1-core","subsections":[]},{"section":"podaffinityterm-v1-core","subsections":[]},{"section":"podaffinity-v1-core","subsections":[]},{"section":"photonpersistentdiskvolumesource-v1-core","subsections":[]},{"section":"persistentvolumeclaimvolumesource-v1-core","subsections":[]},{"section":"persistentvolumeclaimtemplate-v1-core","subsections":[]},{"section":"persistentvolumeclaimcondition-v1-core","subsections":[]},{"section":"patch-v1-meta","subsections":[]},{"section":"parentreference-v1alpha1-networking-k8s-io","subsections":[]},{"section":"paramref-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"paramkind-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"ownerreference-v1-meta","subsections":[]},{"section":"overhead-v1-node-k8s-io","subsections":[]},{"section":"objectreference-v1-core","subsections":[]},{"section":"objectmetricstatus-v2-autoscaling","subsections":[]},{"section":"objectmetricsource-v2-autoscaling","subsections":[]},{"section":"objectmeta-v1-meta","subsections":[]},{"section":"objectfieldselector-v1-core","subsections":[]},{"section":"nonresourcerule-v1-authorization-k8s-io","subsections":[]},{"section":"nonresourcepolicyrule-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"nonresourceattributes-v1-authorization-k8s-io","subsections":[]},{"section":"nodesysteminfo-v1-core","subsections":[]},{"section":"nodeselectorterm-v1-core","subsections":[]},{"section":"nodeselectorrequirement-v1-core","subsections":[]},{"section":"nodeselector-v1-core","subsections":[]},{"section":"nodedaemonendpoints-v1-core","subsections":[]},{"section":"nodeconfigstatus-v1-core","subsections":[]},{"section":"nodeconfigsource-v1-core","subsections":[]},{"section":"nodecondition-v1-core","subsections":[]},{"section":"nodeaffinity-v1-core","subsections":[]},{"section":"nodeaddress-v1-core","subsections":[]},{"section":"networkpolicyport-v1-networking-k8s-io","subsections":[]},{"section":"networkpolicypeer-v1-networking-k8s-io","subsections":[]},{"section":"networkpolicyingressrule-v1-networking-k8s-io","subsections":[]},{"section":"networkpolicyegressrule-v1-networking-k8s-io","subsections":[]},{"section":"namespacecondition-v1-core","subsections":[]},{"section":"namedrulewithoperations-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"nfsvolumesource-v1-core","subsections":[]},{"section":"mutatingwebhook-v1-admissionregistration-k8s-io","subsections":[]},{"section":"microtime-v1-meta","subsections":[]},{"section":"metricvaluestatus-v2-autoscaling","subsections":[]},{"section":"metrictarget-v2-autoscaling","subsections":[]},{"section":"metricstatus-v2-autoscaling","subsections":[]},{"section":"metricspec-v2-autoscaling","subsections":[]},{"section":"metricidentifier-v2-autoscaling","subsections":[]},{"section":"matchresources-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"matchcondition-v1-admissionregistration-k8s-io","subsections":[]},{"section":"managedfieldsentry-v1-meta","subsections":[]},{"section":"localvolumesource-v1-core","subsections":[]},{"section":"localobjectreference-v1-core","subsections":[]},{"section":"loadbalancerstatus-v1-core","subsections":[]},{"section":"loadbalanceringress-v1-core","subsections":[]},{"section":"listmeta-v1-meta","subsections":[]},{"section":"limitedprioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"limitresponse-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"limitrangeitem-v1-core","subsections":[]},{"section":"lifecyclehandler-v1-core","subsections":[]},{"section":"lifecycle-v1-core","subsections":[]},{"section":"labelselectorrequirement-v1-meta","subsections":[]},{"section":"labelselector-v1-meta","subsections":[]},{"section":"keytopath-v1-core","subsections":[]},{"section":"jobtemplatespec-v1-batch","subsections":[]},{"section":"jobcondition-v1-batch","subsections":[]},{"section":"jsonschemapropsorbool-v1-apiextensions-k8s-io","subsections":[]},{"section":"jsonschemapropsorarray-v1-apiextensions-k8s-io","subsections":[]},{"section":"jsonschemaprops-v1-apiextensions-k8s-io","subsections":[]},{"section":"json-v1-apiextensions-k8s-io","subsections":[]},{"section":"ingresstls-v1-networking-k8s-io","subsections":[]},{"section":"ingressservicebackend-v1-networking-k8s-io","subsections":[]},{"section":"ingressrule-v1-networking-k8s-io","subsections":[]},{"section":"ingressportstatus-v1-networking-k8s-io","subsections":[]},{"section":"ingressloadbalancerstatus-v1-networking-k8s-io","subsections":[]},{"section":"ingressloadbalanceringress-v1-networking-k8s-io","subsections":[]},{"section":"ingressclassparametersreference-v1-networking-k8s-io","subsections":[]},{"section":"ingressbackend-v1-networking-k8s-io","subsections":[]},{"section":"iscsivolumesource-v1-core","subsections":[]},{"section":"iscsipersistentvolumesource-v1-core","subsections":[]},{"section":"ipblock-v1-networking-k8s-io","subsections":[]},{"section":"hostpathvolumesource-v1-core","subsections":[]},{"section":"hostalias-v1-core","subsections":[]},{"section":"horizontalpodautoscalercondition-v2-autoscaling","subsections":[]},{"section":"horizontalpodautoscalerbehavior-v2-autoscaling","subsections":[]},{"section":"httpingressrulevalue-v1-networking-k8s-io","subsections":[]},{"section":"httpingresspath-v1-networking-k8s-io","subsections":[]},{"section":"httpheader-v1-core","subsections":[]},{"section":"httpgetaction-v1-core","subsections":[]},{"section":"hpascalingrules-v2-autoscaling","subsections":[]},{"section":"hpascalingpolicy-v2-autoscaling","subsections":[]},{"section":"groupversionfordiscovery-v1-meta","subsections":[]},{"section":"groupsubject-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"glusterfsvolumesource-v1-core","subsections":[]},{"section":"glusterfspersistentvolumesource-v1-core","subsections":[]},{"section":"gitrepovolumesource-v1-core","subsections":[]},{"section":"grpcaction-v1-core","subsections":[]},{"section":"gcepersistentdiskvolumesource-v1-core","subsections":[]},{"section":"forzone-v1-discovery-k8s-io","subsections":[]},{"section":"flowschemacondition-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"flowdistinguishermethod-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"flockervolumesource-v1-core","subsections":[]},{"section":"flexvolumesource-v1-core","subsections":[]},{"section":"flexpersistentvolumesource-v1-core","subsections":[]},{"section":"fieldsv1-v1-meta","subsections":[]},{"section":"fcvolumesource-v1-core","subsections":[]},{"section":"externalmetricstatus-v2-autoscaling","subsections":[]},{"section":"externalmetricsource-v2-autoscaling","subsections":[]},{"section":"externaldocumentation-v1-apiextensions-k8s-io","subsections":[]},{"section":"expressionwarning-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"execaction-v1-core","subsections":[]},{"section":"eviction-v1-policy","subsections":[]},{"section":"eventsource-v1-core","subsections":[]},{"section":"eventseries-v1-events-k8s-io","subsections":[]},{"section":"ephemeralvolumesource-v1-core","subsections":[]},{"section":"ephemeralcontainer-v1-core","subsections":[]},{"section":"envvarsource-v1-core","subsections":[]},{"section":"envvar-v1-core","subsections":[]},{"section":"envfromsource-v1-core","subsections":[]},{"section":"endpointsubset-v1-core","subsections":[]},{"section":"endpointport-v1-core","subsections":[]},{"section":"endpointhints-v1-discovery-k8s-io","subsections":[]},{"section":"endpointconditions-v1-discovery-k8s-io","subsections":[]},{"section":"endpointaddress-v1-core","subsections":[]},{"section":"endpoint-v1-discovery-k8s-io","subsections":[]},{"section":"emptydirvolumesource-v1-core","subsections":[]},{"section":"downwardapivolumesource-v1-core","subsections":[]},{"section":"downwardapivolumefile-v1-core","subsections":[]},{"section":"downwardapiprojection-v1-core","subsections":[]},{"section":"deploymentcondition-v1-apps","subsections":[]},{"section":"deleteoptions-v1-meta","subsections":[]},{"section":"daemonsetupdatestrategy-v1-apps","subsections":[]},{"section":"daemonsetcondition-v1-apps","subsections":[]},{"section":"daemonendpoint-v1-core","subsections":[]},{"section":"customresourcevalidation-v1-apiextensions-k8s-io","subsections":[]},{"section":"customresourcesubresources-v1-apiextensions-k8s-io","subsections":[]},{"section":"customresourcesubresourcestatus-v1-apiextensions-k8s-io","subsections":[]},{"section":"customresourcesubresourcescale-v1-apiextensions-k8s-io","subsections":[]},{"section":"customresourcedefinitionversion-v1-apiextensions-k8s-io","subsections":[]},{"section":"customresourcedefinitionnames-v1-apiextensions-k8s-io","subsections":[]},{"section":"customresourcedefinitioncondition-v1-apiextensions-k8s-io","subsections":[]},{"section":"customresourceconversion-v1-apiextensions-k8s-io","subsections":[]},{"section":"customresourcecolumndefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"crossversionobjectreference-v2-autoscaling","subsections":[]},{"section":"containerstatewaiting-v1-core","subsections":[]},{"section":"containerstateterminated-v1-core","subsections":[]},{"section":"containerstaterunning-v1-core","subsections":[]},{"section":"containerstate-v1-core","subsections":[]},{"section":"containerresourcemetricstatus-v2-autoscaling","subsections":[]},{"section":"containerresourcemetricsource-v2-autoscaling","subsections":[]},{"section":"containerresizepolicy-v1-core","subsections":[]},{"section":"containerport-v1-core","subsections":[]},{"section":"containerimage-v1-core","subsections":[]},{"section":"configmapvolumesource-v1-core","subsections":[]},{"section":"configmapprojection-v1-core","subsections":[]},{"section":"configmapnodeconfigsource-v1-core","subsections":[]},{"section":"configmapkeyselector-v1-core","subsections":[]},{"section":"configmapenvsource-v1-core","subsections":[]},{"section":"condition-v1-meta","subsections":[]},{"section":"componentcondition-v1-core","subsections":[]},{"section":"clientipconfig-v1-core","subsections":[]},{"section":"claimsource-v1-core","subsections":[]},{"section":"cindervolumesource-v1-core","subsections":[]},{"section":"cinderpersistentvolumesource-v1-core","subsections":[]},{"section":"certificatesigningrequestcondition-v1-certificates-k8s-io","subsections":[]},{"section":"cephfsvolumesource-v1-core","subsections":[]},{"section":"cephfspersistentvolumesource-v1-core","subsections":[]},{"section":"capabilities-v1-core","subsections":[]},{"section":"csivolumesource-v1-core","subsections":[]},{"section":"csipersistentvolumesource-v1-core","subsections":[]},{"section":"csinodedriver-v1-storage-k8s-io","subsections":[]},{"section":"boundobjectreference-v1-authentication-k8s-io","subsections":[]},{"section":"azurefilevolumesource-v1-core","subsections":[]},{"section":"azurefilepersistentvolumesource-v1-core","subsections":[]},{"section":"azurediskvolumesource-v1-core","subsections":[]},{"section":"auditannotation-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"attachedvolume-v1-core","subsections":[]},{"section":"allocationresult-v1alpha2-resource-k8s-io","subsections":[]},{"section":"aggregationrule-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"affinity-v1-core","subsections":[]},{"section":"awselasticblockstorevolumesource-v1-core","subsections":[]},{"section":"apiversions-v1-meta","subsections":[]},{"section":"apiservicecondition-v1-apiregistration-k8s-io","subsections":[]},{"section":"apiresource-v1-meta","subsections":[]},{"section":"apigroup-v1-meta","subsections":[]},{"section":"-strong-definitions-strong-","subsections":[]},{"section":"networkpolicy-v1-networking-k8s-io","subsections":[{"section":"-strong-status-operations-networkpolicy-v1-networking-k8s-io-strong-","subsections":[{"section":"replace-status-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"read-status-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"patch-status-networkpolicy-v1-networking-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-networkpolicy-v1-networking-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"watch-list-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"watch-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"list-all-namespaces-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"list-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"read-networkpolicy-v1-networking-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-networkpolicy-v1-networking-k8s-io-strong-","subsections":[{"section":"delete-collection-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"delete-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"replace-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"patch-networkpolicy-v1-networking-k8s-io","subsections":[]},{"section":"create-networkpolicy-v1-networking-k8s-io","subsections":[]}]}]},{"section":"tokenreview-v1-authentication-k8s-io","subsections":[{"section":"-strong-write-operations-tokenreview-v1-authentication-k8s-io-strong-","subsections":[{"section":"create-tokenreview-v1-authentication-k8s-io","subsections":[]}]}]},{"section":"tokenrequest-v1-authentication-k8s-io","subsections":[]},{"section":"subjectaccessreview-v1-authorization-k8s-io","subsections":[{"section":"-strong-write-operations-subjectaccessreview-v1-authorization-k8s-io-strong-","subsections":[{"section":"create-subjectaccessreview-v1-authorization-k8s-io","subsections":[]}]}]},{"section":"storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[{"section":"-strong-status-operations-storageversion-v1alpha1-internal-apiserver-k8s-io-strong-","subsections":[{"section":"replace-status-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"read-status-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"patch-status-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-storageversion-v1alpha1-internal-apiserver-k8s-io-strong-","subsections":[{"section":"watch-list-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"watch-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"list-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"read-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-storageversion-v1alpha1-internal-apiserver-k8s-io-strong-","subsections":[{"section":"delete-collection-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"delete-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"replace-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"patch-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]},{"section":"create-storageversion-v1alpha1-internal-apiserver-k8s-io","subsections":[]}]}]},{"section":"serviceaccount-v1-core","subsections":[{"section":"-strong-read-operations-serviceaccount-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-serviceaccount-v1-core","subsections":[]},{"section":"watch-list-serviceaccount-v1-core","subsections":[]},{"section":"watch-serviceaccount-v1-core","subsections":[]},{"section":"list-all-namespaces-serviceaccount-v1-core","subsections":[]},{"section":"list-serviceaccount-v1-core","subsections":[]},{"section":"read-serviceaccount-v1-core","subsections":[]}]},{"section":"-strong-write-operations-serviceaccount-v1-core-strong-","subsections":[{"section":"delete-collection-serviceaccount-v1-core","subsections":[]},{"section":"delete-serviceaccount-v1-core","subsections":[]},{"section":"replace-serviceaccount-v1-core","subsections":[]},{"section":"patch-serviceaccount-v1-core","subsections":[]},{"section":"create-serviceaccount-v1-core","subsections":[]}]}]},{"section":"selfsubjectrulesreview-v1-authorization-k8s-io","subsections":[{"section":"-strong-write-operations-selfsubjectrulesreview-v1-authorization-k8s-io-strong-","subsections":[{"section":"create-selfsubjectrulesreview-v1-authorization-k8s-io","subsections":[]}]}]},{"section":"selfsubjectreview-v1beta1-authentication-k8s-io","subsections":[{"section":"-strong-write-operations-selfsubjectreview-v1beta1-authentication-k8s-io-strong-","subsections":[{"section":"create-selfsubjectreview-v1beta1-authentication-k8s-io","subsections":[]}]}]},{"section":"selfsubjectaccessreview-v1-authorization-k8s-io","subsections":[{"section":"-strong-write-operations-selfsubjectaccessreview-v1-authorization-k8s-io-strong-","subsections":[{"section":"create-selfsubjectaccessreview-v1-authorization-k8s-io","subsections":[]}]}]},{"section":"runtimeclass-v1-node-k8s-io","subsections":[{"section":"-strong-read-operations-runtimeclass-v1-node-k8s-io-strong-","subsections":[{"section":"watch-list-runtimeclass-v1-node-k8s-io","subsections":[]},{"section":"watch-runtimeclass-v1-node-k8s-io","subsections":[]},{"section":"list-runtimeclass-v1-node-k8s-io","subsections":[]},{"section":"read-runtimeclass-v1-node-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-runtimeclass-v1-node-k8s-io-strong-","subsections":[{"section":"delete-collection-runtimeclass-v1-node-k8s-io","subsections":[]},{"section":"delete-runtimeclass-v1-node-k8s-io","subsections":[]},{"section":"replace-runtimeclass-v1-node-k8s-io","subsections":[]},{"section":"patch-runtimeclass-v1-node-k8s-io","subsections":[]},{"section":"create-runtimeclass-v1-node-k8s-io","subsections":[]}]}]},{"section":"rolebinding-v1-rbac-authorization-k8s-io","subsections":[{"section":"-strong-read-operations-rolebinding-v1-rbac-authorization-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"watch-list-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"watch-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"list-all-namespaces-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"list-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"read-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-rolebinding-v1-rbac-authorization-k8s-io-strong-","subsections":[{"section":"delete-collection-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"delete-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"replace-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"patch-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"create-rolebinding-v1-rbac-authorization-k8s-io","subsections":[]}]}]},{"section":"role-v1-rbac-authorization-k8s-io","subsections":[{"section":"-strong-read-operations-role-v1-rbac-authorization-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"watch-list-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"watch-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"list-all-namespaces-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"list-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"read-role-v1-rbac-authorization-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-role-v1-rbac-authorization-k8s-io-strong-","subsections":[{"section":"delete-collection-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"delete-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"replace-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"patch-role-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"create-role-v1-rbac-authorization-k8s-io","subsections":[]}]}]},{"section":"resourcequota-v1-core","subsections":[{"section":"-strong-status-operations-resourcequota-v1-core-strong-","subsections":[{"section":"replace-status-resourcequota-v1-core","subsections":[]},{"section":"read-status-resourcequota-v1-core","subsections":[]},{"section":"patch-status-resourcequota-v1-core","subsections":[]}]},{"section":"-strong-read-operations-resourcequota-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-resourcequota-v1-core","subsections":[]},{"section":"watch-list-resourcequota-v1-core","subsections":[]},{"section":"watch-resourcequota-v1-core","subsections":[]},{"section":"list-all-namespaces-resourcequota-v1-core","subsections":[]},{"section":"list-resourcequota-v1-core","subsections":[]},{"section":"read-resourcequota-v1-core","subsections":[]}]},{"section":"-strong-write-operations-resourcequota-v1-core-strong-","subsections":[{"section":"delete-collection-resourcequota-v1-core","subsections":[]},{"section":"delete-resourcequota-v1-core","subsections":[]},{"section":"replace-resourcequota-v1-core","subsections":[]},{"section":"patch-resourcequota-v1-core","subsections":[]},{"section":"create-resourcequota-v1-core","subsections":[]}]}]},{"section":"prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[{"section":"-strong-status-operations-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"replace-status-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"read-status-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"patch-status-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"watch-list-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"watch-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"list-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"read-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"delete-collection-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"delete-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"replace-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"patch-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"create-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]}]}]},{"section":"persistentvolume-v1-core","subsections":[{"section":"-strong-status-operations-persistentvolume-v1-core-strong-","subsections":[{"section":"replace-status-persistentvolume-v1-core","subsections":[]},{"section":"read-status-persistentvolume-v1-core","subsections":[]},{"section":"patch-status-persistentvolume-v1-core","subsections":[]}]},{"section":"-strong-read-operations-persistentvolume-v1-core-strong-","subsections":[{"section":"watch-list-persistentvolume-v1-core","subsections":[]},{"section":"watch-persistentvolume-v1-core","subsections":[]},{"section":"list-persistentvolume-v1-core","subsections":[]},{"section":"read-persistentvolume-v1-core","subsections":[]}]},{"section":"-strong-write-operations-persistentvolume-v1-core-strong-","subsections":[{"section":"delete-collection-persistentvolume-v1-core","subsections":[]},{"section":"delete-persistentvolume-v1-core","subsections":[]},{"section":"replace-persistentvolume-v1-core","subsections":[]},{"section":"patch-persistentvolume-v1-core","subsections":[]},{"section":"create-persistentvolume-v1-core","subsections":[]}]}]},{"section":"node-v1-core","subsections":[{"section":"-strong-proxy-operations-node-v1-core-strong-","subsections":[{"section":"replace-connect-proxy-path-node-v1-core","subsections":[]},{"section":"replace-connect-proxy-node-v1-core","subsections":[]},{"section":"head-connect-proxy-path-node-v1-core","subsections":[]},{"section":"head-connect-proxy-node-v1-core","subsections":[]},{"section":"get-connect-proxy-path-node-v1-core","subsections":[]},{"section":"get-connect-proxy-node-v1-core","subsections":[]},{"section":"delete-connect-proxy-path-node-v1-core","subsections":[]},{"section":"delete-connect-proxy-node-v1-core","subsections":[]},{"section":"create-connect-proxy-path-node-v1-core","subsections":[]},{"section":"create-connect-proxy-node-v1-core","subsections":[]}]},{"section":"-strong-status-operations-node-v1-core-strong-","subsections":[{"section":"replace-status-node-v1-core","subsections":[]},{"section":"read-status-node-v1-core","subsections":[]},{"section":"patch-status-node-v1-core","subsections":[]}]},{"section":"-strong-read-operations-node-v1-core-strong-","subsections":[{"section":"watch-list-node-v1-core","subsections":[]},{"section":"watch-node-v1-core","subsections":[]},{"section":"list-node-v1-core","subsections":[]},{"section":"read-node-v1-core","subsections":[]}]},{"section":"-strong-write-operations-node-v1-core-strong-","subsections":[{"section":"delete-collection-node-v1-core","subsections":[]},{"section":"delete-node-v1-core","subsections":[]},{"section":"replace-node-v1-core","subsections":[]},{"section":"patch-node-v1-core","subsections":[]},{"section":"create-node-v1-core","subsections":[]}]}]},{"section":"namespace-v1-core","subsections":[{"section":"-strong-status-operations-namespace-v1-core-strong-","subsections":[{"section":"replace-status-namespace-v1-core","subsections":[]},{"section":"read-status-namespace-v1-core","subsections":[]},{"section":"patch-status-namespace-v1-core","subsections":[]}]},{"section":"-strong-read-operations-namespace-v1-core-strong-","subsections":[{"section":"watch-list-namespace-v1-core","subsections":[]},{"section":"watch-namespace-v1-core","subsections":[]},{"section":"list-namespace-v1-core","subsections":[]},{"section":"read-namespace-v1-core","subsections":[]}]},{"section":"-strong-write-operations-namespace-v1-core-strong-","subsections":[{"section":"delete-namespace-v1-core","subsections":[]},{"section":"replace-namespace-v1-core","subsections":[]},{"section":"patch-namespace-v1-core","subsections":[]},{"section":"create-namespace-v1-core","subsections":[]}]}]},{"section":"localsubjectaccessreview-v1-authorization-k8s-io","subsections":[{"section":"-strong-write-operations-localsubjectaccessreview-v1-authorization-k8s-io-strong-","subsections":[{"section":"create-localsubjectaccessreview-v1-authorization-k8s-io","subsections":[]}]}]},{"section":"lease-v1-coordination-k8s-io","subsections":[{"section":"-strong-read-operations-lease-v1-coordination-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-lease-v1-coordination-k8s-io","subsections":[]},{"section":"watch-list-lease-v1-coordination-k8s-io","subsections":[]},{"section":"watch-lease-v1-coordination-k8s-io","subsections":[]},{"section":"list-all-namespaces-lease-v1-coordination-k8s-io","subsections":[]},{"section":"list-lease-v1-coordination-k8s-io","subsections":[]},{"section":"read-lease-v1-coordination-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-lease-v1-coordination-k8s-io-strong-","subsections":[{"section":"delete-collection-lease-v1-coordination-k8s-io","subsections":[]},{"section":"delete-lease-v1-coordination-k8s-io","subsections":[]},{"section":"replace-lease-v1-coordination-k8s-io","subsections":[]},{"section":"patch-lease-v1-coordination-k8s-io","subsections":[]},{"section":"create-lease-v1-coordination-k8s-io","subsections":[]}]}]},{"section":"ipaddress-v1alpha1-networking-k8s-io","subsections":[{"section":"-strong-read-operations-ipaddress-v1alpha1-networking-k8s-io-strong-","subsections":[{"section":"watch-list-ipaddress-v1alpha1-networking-k8s-io","subsections":[]},{"section":"watch-ipaddress-v1alpha1-networking-k8s-io","subsections":[]},{"section":"list-ipaddress-v1alpha1-networking-k8s-io","subsections":[]},{"section":"read-ipaddress-v1alpha1-networking-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-ipaddress-v1alpha1-networking-k8s-io-strong-","subsections":[{"section":"delete-collection-ipaddress-v1alpha1-networking-k8s-io","subsections":[]},{"section":"delete-ipaddress-v1alpha1-networking-k8s-io","subsections":[]},{"section":"replace-ipaddress-v1alpha1-networking-k8s-io","subsections":[]},{"section":"patch-ipaddress-v1alpha1-networking-k8s-io","subsections":[]},{"section":"create-ipaddress-v1alpha1-networking-k8s-io","subsections":[]}]}]},{"section":"flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[{"section":"-strong-status-operations-flowschema-v1beta3-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"replace-status-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"read-status-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"patch-status-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-flowschema-v1beta3-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"watch-list-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"watch-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"list-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"read-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-flowschema-v1beta3-flowcontrol-apiserver-k8s-io-strong-","subsections":[{"section":"delete-collection-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"delete-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"replace-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"patch-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]},{"section":"create-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","subsections":[]}]}]},{"section":"componentstatus-v1-core","subsections":[{"section":"-strong-read-operations-componentstatus-v1-core-strong-","subsections":[{"section":"list-componentstatus-v1-core","subsections":[]},{"section":"read-componentstatus-v1-core","subsections":[]}]}]},{"section":"clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[{"section":"-strong-read-operations-clusterrolebinding-v1-rbac-authorization-k8s-io-strong-","subsections":[{"section":"watch-list-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"watch-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"list-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"read-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-clusterrolebinding-v1-rbac-authorization-k8s-io-strong-","subsections":[{"section":"delete-collection-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"delete-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"replace-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"patch-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"create-clusterrolebinding-v1-rbac-authorization-k8s-io","subsections":[]}]}]},{"section":"clusterrole-v1-rbac-authorization-k8s-io","subsections":[{"section":"-strong-read-operations-clusterrole-v1-rbac-authorization-k8s-io-strong-","subsections":[{"section":"watch-list-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"watch-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"list-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"read-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-clusterrole-v1-rbac-authorization-k8s-io-strong-","subsections":[{"section":"delete-collection-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"delete-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"replace-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"patch-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]},{"section":"create-clusterrole-v1-rbac-authorization-k8s-io","subsections":[]}]}]},{"section":"certificatesigningrequest-v1-certificates-k8s-io","subsections":[{"section":"-strong-status-operations-certificatesigningrequest-v1-certificates-k8s-io-strong-","subsections":[{"section":"replace-status-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"read-status-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"patch-status-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-certificatesigningrequest-v1-certificates-k8s-io-strong-","subsections":[{"section":"watch-list-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"watch-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"list-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"read-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-certificatesigningrequest-v1-certificates-k8s-io-strong-","subsections":[{"section":"delete-collection-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"delete-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"replace-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"patch-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]},{"section":"create-certificatesigningrequest-v1-certificates-k8s-io","subsections":[]}]}]},{"section":"binding-v1-core","subsections":[{"section":"-strong-write-operations-binding-v1-core-strong-","subsections":[{"section":"create-binding-v1-core","subsections":[]}]}]},{"section":"apiservice-v1-apiregistration-k8s-io","subsections":[{"section":"-strong-status-operations-apiservice-v1-apiregistration-k8s-io-strong-","subsections":[{"section":"replace-status-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"read-status-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"patch-status-apiservice-v1-apiregistration-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-apiservice-v1-apiregistration-k8s-io-strong-","subsections":[{"section":"watch-list-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"watch-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"list-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"read-apiservice-v1-apiregistration-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-apiservice-v1-apiregistration-k8s-io-strong-","subsections":[{"section":"delete-collection-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"delete-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"replace-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"patch-apiservice-v1-apiregistration-k8s-io","subsections":[]},{"section":"create-apiservice-v1-apiregistration-k8s-io","subsections":[]}]}]},{"section":"-strong-cluster-apis-strong-","subsections":[]},{"section":"validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[{"section":"-strong-read-operations-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io-strong-","subsections":[{"section":"watch-list-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"watch-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"list-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"read-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io-strong-","subsections":[{"section":"delete-collection-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"delete-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"replace-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"patch-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"create-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","subsections":[]}]}]},{"section":"validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[{"section":"-strong-status-operations-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io-strong-","subsections":[{"section":"replace-status-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"read-status-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"patch-status-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io-strong-","subsections":[{"section":"watch-list-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"watch-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"list-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"read-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io-strong-","subsections":[{"section":"delete-collection-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"delete-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"replace-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"patch-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]},{"section":"create-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","subsections":[]}]}]},{"section":"resourceclass-v1alpha2-resource-k8s-io","subsections":[{"section":"-strong-read-operations-resourceclass-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"watch-list-resourceclass-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-resourceclass-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-resourceclass-v1alpha2-resource-k8s-io","subsections":[]},{"section":"read-resourceclass-v1alpha2-resource-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-resourceclass-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"delete-collection-resourceclass-v1alpha2-resource-k8s-io","subsections":[]},{"section":"delete-resourceclass-v1alpha2-resource-k8s-io","subsections":[]},{"section":"replace-resourceclass-v1alpha2-resource-k8s-io","subsections":[]},{"section":"patch-resourceclass-v1alpha2-resource-k8s-io","subsections":[]},{"section":"create-resourceclass-v1alpha2-resource-k8s-io","subsections":[]}]}]},{"section":"resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[{"section":"-strong-read-operations-resourceclaimtemplate-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-list-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-all-namespaces-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"read-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-resourceclaimtemplate-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"delete-collection-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"delete-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"replace-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"patch-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]},{"section":"create-resourceclaimtemplate-v1alpha2-resource-k8s-io","subsections":[]}]}]},{"section":"resourceclaim-v1alpha2-resource-k8s-io","subsections":[{"section":"-strong-status-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"replace-status-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"read-status-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"patch-status-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-list-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-all-namespaces-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"read-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"delete-collection-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"delete-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"replace-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"patch-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]},{"section":"create-resourceclaim-v1alpha2-resource-k8s-io","subsections":[]}]}]},{"section":"priorityclass-v1-scheduling-k8s-io","subsections":[{"section":"-strong-read-operations-priorityclass-v1-scheduling-k8s-io-strong-","subsections":[{"section":"watch-list-priorityclass-v1-scheduling-k8s-io","subsections":[]},{"section":"watch-priorityclass-v1-scheduling-k8s-io","subsections":[]},{"section":"list-priorityclass-v1-scheduling-k8s-io","subsections":[]},{"section":"read-priorityclass-v1-scheduling-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-priorityclass-v1-scheduling-k8s-io-strong-","subsections":[{"section":"delete-collection-priorityclass-v1-scheduling-k8s-io","subsections":[]},{"section":"delete-priorityclass-v1-scheduling-k8s-io","subsections":[]},{"section":"replace-priorityclass-v1-scheduling-k8s-io","subsections":[]},{"section":"patch-priorityclass-v1-scheduling-k8s-io","subsections":[]},{"section":"create-priorityclass-v1-scheduling-k8s-io","subsections":[]}]}]},{"section":"poddisruptionbudget-v1-policy","subsections":[{"section":"-strong-status-operations-poddisruptionbudget-v1-policy-strong-","subsections":[{"section":"replace-status-poddisruptionbudget-v1-policy","subsections":[]},{"section":"read-status-poddisruptionbudget-v1-policy","subsections":[]},{"section":"patch-status-poddisruptionbudget-v1-policy","subsections":[]}]},{"section":"-strong-read-operations-poddisruptionbudget-v1-policy-strong-","subsections":[{"section":"watch-list-all-namespaces-poddisruptionbudget-v1-policy","subsections":[]},{"section":"watch-list-poddisruptionbudget-v1-policy","subsections":[]},{"section":"watch-poddisruptionbudget-v1-policy","subsections":[]},{"section":"list-all-namespaces-poddisruptionbudget-v1-policy","subsections":[]},{"section":"list-poddisruptionbudget-v1-policy","subsections":[]},{"section":"read-poddisruptionbudget-v1-policy","subsections":[]}]},{"section":"-strong-write-operations-poddisruptionbudget-v1-policy-strong-","subsections":[{"section":"delete-collection-poddisruptionbudget-v1-policy","subsections":[]},{"section":"delete-poddisruptionbudget-v1-policy","subsections":[]},{"section":"replace-poddisruptionbudget-v1-policy","subsections":[]},{"section":"patch-poddisruptionbudget-v1-policy","subsections":[]},{"section":"create-poddisruptionbudget-v1-policy","subsections":[]}]}]},{"section":"podtemplate-v1-core","subsections":[{"section":"-strong-read-operations-podtemplate-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-podtemplate-v1-core","subsections":[]},{"section":"watch-list-podtemplate-v1-core","subsections":[]},{"section":"watch-podtemplate-v1-core","subsections":[]},{"section":"list-all-namespaces-podtemplate-v1-core","subsections":[]},{"section":"list-podtemplate-v1-core","subsections":[]},{"section":"read-podtemplate-v1-core","subsections":[]}]},{"section":"-strong-write-operations-podtemplate-v1-core-strong-","subsections":[{"section":"delete-collection-podtemplate-v1-core","subsections":[]},{"section":"delete-podtemplate-v1-core","subsections":[]},{"section":"replace-podtemplate-v1-core","subsections":[]},{"section":"patch-podtemplate-v1-core","subsections":[]},{"section":"create-podtemplate-v1-core","subsections":[]}]}]},{"section":"podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[{"section":"-strong-status-operations-podschedulingcontext-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"replace-status-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"read-status-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"patch-status-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-podschedulingcontext-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-list-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"watch-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-all-namespaces-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"list-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"read-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-podschedulingcontext-v1alpha2-resource-k8s-io-strong-","subsections":[{"section":"delete-collection-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"delete-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"replace-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"patch-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]},{"section":"create-podschedulingcontext-v1alpha2-resource-k8s-io","subsections":[]}]}]},{"section":"validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[{"section":"-strong-read-operations-validatingwebhookconfiguration-v1-admissionregistration-k8s-io-strong-","subsections":[{"section":"watch-list-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"watch-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"list-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"read-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-validatingwebhookconfiguration-v1-admissionregistration-k8s-io-strong-","subsections":[{"section":"delete-collection-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"delete-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"replace-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"patch-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"create-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]}]}]},{"section":"mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[{"section":"-strong-read-operations-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io-strong-","subsections":[{"section":"watch-list-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"watch-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"list-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"read-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io-strong-","subsections":[{"section":"delete-collection-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"delete-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"replace-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"patch-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]},{"section":"create-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","subsections":[]}]}]},{"section":"horizontalpodautoscaler-v2-autoscaling","subsections":[{"section":"-strong-status-operations-horizontalpodautoscaler-v2-autoscaling-strong-","subsections":[{"section":"replace-status-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"read-status-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"patch-status-horizontalpodautoscaler-v2-autoscaling","subsections":[]}]},{"section":"-strong-read-operations-horizontalpodautoscaler-v2-autoscaling-strong-","subsections":[{"section":"watch-list-all-namespaces-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"watch-list-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"watch-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"list-all-namespaces-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"list-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"read-horizontalpodautoscaler-v2-autoscaling","subsections":[]}]},{"section":"-strong-write-operations-horizontalpodautoscaler-v2-autoscaling-strong-","subsections":[{"section":"delete-collection-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"delete-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"replace-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"patch-horizontalpodautoscaler-v2-autoscaling","subsections":[]},{"section":"create-horizontalpodautoscaler-v2-autoscaling","subsections":[]}]}]},{"section":"limitrange-v1-core","subsections":[{"section":"-strong-read-operations-limitrange-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-limitrange-v1-core","subsections":[]},{"section":"watch-list-limitrange-v1-core","subsections":[]},{"section":"watch-limitrange-v1-core","subsections":[]},{"section":"list-all-namespaces-limitrange-v1-core","subsections":[]},{"section":"list-limitrange-v1-core","subsections":[]},{"section":"read-limitrange-v1-core","subsections":[]}]},{"section":"-strong-write-operations-limitrange-v1-core-strong-","subsections":[{"section":"delete-collection-limitrange-v1-core","subsections":[]},{"section":"delete-limitrange-v1-core","subsections":[]},{"section":"replace-limitrange-v1-core","subsections":[]},{"section":"patch-limitrange-v1-core","subsections":[]},{"section":"create-limitrange-v1-core","subsections":[]}]}]},{"section":"event-v1-events-k8s-io","subsections":[{"section":"-strong-read-operations-event-v1-events-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-event-v1-events-k8s-io","subsections":[]},{"section":"watch-list-event-v1-events-k8s-io","subsections":[]},{"section":"watch-event-v1-events-k8s-io","subsections":[]},{"section":"list-all-namespaces-event-v1-events-k8s-io","subsections":[]},{"section":"list-event-v1-events-k8s-io","subsections":[]},{"section":"read-event-v1-events-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-event-v1-events-k8s-io-strong-","subsections":[{"section":"delete-collection-event-v1-events-k8s-io","subsections":[]},{"section":"delete-event-v1-events-k8s-io","subsections":[]},{"section":"replace-event-v1-events-k8s-io","subsections":[]},{"section":"patch-event-v1-events-k8s-io","subsections":[]},{"section":"create-event-v1-events-k8s-io","subsections":[]}]}]},{"section":"customresourcedefinition-v1-apiextensions-k8s-io","subsections":[{"section":"-strong-status-operations-customresourcedefinition-v1-apiextensions-k8s-io-strong-","subsections":[{"section":"replace-status-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"read-status-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"patch-status-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-customresourcedefinition-v1-apiextensions-k8s-io-strong-","subsections":[{"section":"watch-list-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"watch-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"list-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"read-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-customresourcedefinition-v1-apiextensions-k8s-io-strong-","subsections":[{"section":"delete-collection-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"delete-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"replace-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"patch-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]},{"section":"create-customresourcedefinition-v1-apiextensions-k8s-io","subsections":[]}]}]},{"section":"controllerrevision-v1-apps","subsections":[{"section":"-strong-read-operations-controllerrevision-v1-apps-strong-","subsections":[{"section":"watch-list-all-namespaces-controllerrevision-v1-apps","subsections":[]},{"section":"watch-list-controllerrevision-v1-apps","subsections":[]},{"section":"watch-controllerrevision-v1-apps","subsections":[]},{"section":"list-all-namespaces-controllerrevision-v1-apps","subsections":[]},{"section":"list-controllerrevision-v1-apps","subsections":[]},{"section":"read-controllerrevision-v1-apps","subsections":[]}]},{"section":"-strong-write-operations-controllerrevision-v1-apps-strong-","subsections":[{"section":"delete-collection-controllerrevision-v1-apps","subsections":[]},{"section":"delete-controllerrevision-v1-apps","subsections":[]},{"section":"replace-controllerrevision-v1-apps","subsections":[]},{"section":"patch-controllerrevision-v1-apps","subsections":[]},{"section":"create-controllerrevision-v1-apps","subsections":[]}]}]},{"section":"clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[{"section":"-strong-read-operations-clustertrustbundle-v1alpha1-certificates-k8s-io-strong-","subsections":[{"section":"watch-list-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]},{"section":"watch-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]},{"section":"list-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]},{"section":"read-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-clustertrustbundle-v1alpha1-certificates-k8s-io-strong-","subsections":[{"section":"delete-collection-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]},{"section":"delete-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]},{"section":"replace-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]},{"section":"patch-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]},{"section":"create-clustertrustbundle-v1alpha1-certificates-k8s-io","subsections":[]}]}]},{"section":"-strong-metadata-apis-strong-","subsections":[]},{"section":"volumeattachment-v1-storage-k8s-io","subsections":[{"section":"-strong-status-operations-volumeattachment-v1-storage-k8s-io-strong-","subsections":[{"section":"replace-status-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"read-status-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"patch-status-volumeattachment-v1-storage-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-volumeattachment-v1-storage-k8s-io-strong-","subsections":[{"section":"watch-list-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"watch-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"list-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"read-volumeattachment-v1-storage-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-volumeattachment-v1-storage-k8s-io-strong-","subsections":[{"section":"delete-collection-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"delete-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"replace-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"patch-volumeattachment-v1-storage-k8s-io","subsections":[]},{"section":"create-volumeattachment-v1-storage-k8s-io","subsections":[]}]}]},{"section":"volume-v1-core","subsections":[]},{"section":"csistoragecapacity-v1-storage-k8s-io","subsections":[{"section":"-strong-read-operations-csistoragecapacity-v1-storage-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"watch-list-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"watch-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"list-all-namespaces-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"list-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"read-csistoragecapacity-v1-storage-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-csistoragecapacity-v1-storage-k8s-io-strong-","subsections":[{"section":"delete-collection-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"delete-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"replace-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"patch-csistoragecapacity-v1-storage-k8s-io","subsections":[]},{"section":"create-csistoragecapacity-v1-storage-k8s-io","subsections":[]}]}]},{"section":"storageclass-v1-storage-k8s-io","subsections":[{"section":"-strong-read-operations-storageclass-v1-storage-k8s-io-strong-","subsections":[{"section":"watch-list-storageclass-v1-storage-k8s-io","subsections":[]},{"section":"watch-storageclass-v1-storage-k8s-io","subsections":[]},{"section":"list-storageclass-v1-storage-k8s-io","subsections":[]},{"section":"read-storageclass-v1-storage-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-storageclass-v1-storage-k8s-io-strong-","subsections":[{"section":"delete-collection-storageclass-v1-storage-k8s-io","subsections":[]},{"section":"delete-storageclass-v1-storage-k8s-io","subsections":[]},{"section":"replace-storageclass-v1-storage-k8s-io","subsections":[]},{"section":"patch-storageclass-v1-storage-k8s-io","subsections":[]},{"section":"create-storageclass-v1-storage-k8s-io","subsections":[]}]}]},{"section":"persistentvolumeclaim-v1-core","subsections":[{"section":"-strong-status-operations-persistentvolumeclaim-v1-core-strong-","subsections":[{"section":"replace-status-persistentvolumeclaim-v1-core","subsections":[]},{"section":"read-status-persistentvolumeclaim-v1-core","subsections":[]},{"section":"patch-status-persistentvolumeclaim-v1-core","subsections":[]}]},{"section":"-strong-read-operations-persistentvolumeclaim-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-persistentvolumeclaim-v1-core","subsections":[]},{"section":"watch-list-persistentvolumeclaim-v1-core","subsections":[]},{"section":"watch-persistentvolumeclaim-v1-core","subsections":[]},{"section":"list-all-namespaces-persistentvolumeclaim-v1-core","subsections":[]},{"section":"list-persistentvolumeclaim-v1-core","subsections":[]},{"section":"read-persistentvolumeclaim-v1-core","subsections":[]}]},{"section":"-strong-write-operations-persistentvolumeclaim-v1-core-strong-","subsections":[{"section":"delete-collection-persistentvolumeclaim-v1-core","subsections":[]},{"section":"delete-persistentvolumeclaim-v1-core","subsections":[]},{"section":"replace-persistentvolumeclaim-v1-core","subsections":[]},{"section":"patch-persistentvolumeclaim-v1-core","subsections":[]},{"section":"create-persistentvolumeclaim-v1-core","subsections":[]}]}]},{"section":"secret-v1-core","subsections":[{"section":"-strong-read-operations-secret-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-secret-v1-core","subsections":[]},{"section":"watch-list-secret-v1-core","subsections":[]},{"section":"watch-secret-v1-core","subsections":[]},{"section":"list-all-namespaces-secret-v1-core","subsections":[]},{"section":"list-secret-v1-core","subsections":[]},{"section":"read-secret-v1-core","subsections":[]}]},{"section":"-strong-write-operations-secret-v1-core-strong-","subsections":[{"section":"delete-collection-secret-v1-core","subsections":[]},{"section":"delete-secret-v1-core","subsections":[]},{"section":"replace-secret-v1-core","subsections":[]},{"section":"patch-secret-v1-core","subsections":[]},{"section":"create-secret-v1-core","subsections":[]}]}]},{"section":"csinode-v1-storage-k8s-io","subsections":[{"section":"-strong-read-operations-csinode-v1-storage-k8s-io-strong-","subsections":[{"section":"watch-list-csinode-v1-storage-k8s-io","subsections":[]},{"section":"watch-csinode-v1-storage-k8s-io","subsections":[]},{"section":"list-csinode-v1-storage-k8s-io","subsections":[]},{"section":"read-csinode-v1-storage-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-csinode-v1-storage-k8s-io-strong-","subsections":[{"section":"delete-collection-csinode-v1-storage-k8s-io","subsections":[]},{"section":"delete-csinode-v1-storage-k8s-io","subsections":[]},{"section":"replace-csinode-v1-storage-k8s-io","subsections":[]},{"section":"patch-csinode-v1-storage-k8s-io","subsections":[]},{"section":"create-csinode-v1-storage-k8s-io","subsections":[]}]}]},{"section":"csidriver-v1-storage-k8s-io","subsections":[{"section":"-strong-read-operations-csidriver-v1-storage-k8s-io-strong-","subsections":[{"section":"watch-list-csidriver-v1-storage-k8s-io","subsections":[]},{"section":"watch-csidriver-v1-storage-k8s-io","subsections":[]},{"section":"list-csidriver-v1-storage-k8s-io","subsections":[]},{"section":"read-csidriver-v1-storage-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-csidriver-v1-storage-k8s-io-strong-","subsections":[{"section":"delete-collection-csidriver-v1-storage-k8s-io","subsections":[]},{"section":"delete-csidriver-v1-storage-k8s-io","subsections":[]},{"section":"replace-csidriver-v1-storage-k8s-io","subsections":[]},{"section":"patch-csidriver-v1-storage-k8s-io","subsections":[]},{"section":"create-csidriver-v1-storage-k8s-io","subsections":[]}]}]},{"section":"configmap-v1-core","subsections":[{"section":"-strong-read-operations-configmap-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-configmap-v1-core","subsections":[]},{"section":"watch-list-configmap-v1-core","subsections":[]},{"section":"watch-configmap-v1-core","subsections":[]},{"section":"list-all-namespaces-configmap-v1-core","subsections":[]},{"section":"list-configmap-v1-core","subsections":[]},{"section":"read-configmap-v1-core","subsections":[]}]},{"section":"-strong-write-operations-configmap-v1-core-strong-","subsections":[{"section":"delete-collection-configmap-v1-core","subsections":[]},{"section":"delete-configmap-v1-core","subsections":[]},{"section":"replace-configmap-v1-core","subsections":[]},{"section":"patch-configmap-v1-core","subsections":[]},{"section":"create-configmap-v1-core","subsections":[]}]}]},{"section":"-strong-config-and-storage-apis-strong-","subsections":[]},{"section":"service-v1-core","subsections":[{"section":"-strong-proxy-operations-service-v1-core-strong-","subsections":[{"section":"replace-connect-proxy-path-service-v1-core","subsections":[]},{"section":"replace-connect-proxy-service-v1-core","subsections":[]},{"section":"head-connect-proxy-path-service-v1-core","subsections":[]},{"section":"head-connect-proxy-service-v1-core","subsections":[]},{"section":"get-connect-proxy-path-service-v1-core","subsections":[]},{"section":"get-connect-proxy-service-v1-core","subsections":[]},{"section":"delete-connect-proxy-path-service-v1-core","subsections":[]},{"section":"delete-connect-proxy-service-v1-core","subsections":[]},{"section":"create-connect-proxy-path-service-v1-core","subsections":[]},{"section":"create-connect-proxy-service-v1-core","subsections":[]}]},{"section":"-strong-status-operations-service-v1-core-strong-","subsections":[{"section":"replace-status-service-v1-core","subsections":[]},{"section":"read-status-service-v1-core","subsections":[]},{"section":"patch-status-service-v1-core","subsections":[]}]},{"section":"-strong-read-operations-service-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-service-v1-core","subsections":[]},{"section":"watch-list-service-v1-core","subsections":[]},{"section":"watch-service-v1-core","subsections":[]},{"section":"list-all-namespaces-service-v1-core","subsections":[]},{"section":"list-service-v1-core","subsections":[]},{"section":"read-service-v1-core","subsections":[]}]},{"section":"-strong-write-operations-service-v1-core-strong-","subsections":[{"section":"delete-collection-service-v1-core","subsections":[]},{"section":"delete-service-v1-core","subsections":[]},{"section":"replace-service-v1-core","subsections":[]},{"section":"patch-service-v1-core","subsections":[]},{"section":"create-service-v1-core","subsections":[]}]}]},{"section":"ingressclass-v1-networking-k8s-io","subsections":[{"section":"-strong-read-operations-ingressclass-v1-networking-k8s-io-strong-","subsections":[{"section":"watch-list-ingressclass-v1-networking-k8s-io","subsections":[]},{"section":"watch-ingressclass-v1-networking-k8s-io","subsections":[]},{"section":"list-ingressclass-v1-networking-k8s-io","subsections":[]},{"section":"read-ingressclass-v1-networking-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-ingressclass-v1-networking-k8s-io-strong-","subsections":[{"section":"delete-collection-ingressclass-v1-networking-k8s-io","subsections":[]},{"section":"delete-ingressclass-v1-networking-k8s-io","subsections":[]},{"section":"replace-ingressclass-v1-networking-k8s-io","subsections":[]},{"section":"patch-ingressclass-v1-networking-k8s-io","subsections":[]},{"section":"create-ingressclass-v1-networking-k8s-io","subsections":[]}]}]},{"section":"ingress-v1-networking-k8s-io","subsections":[{"section":"-strong-status-operations-ingress-v1-networking-k8s-io-strong-","subsections":[{"section":"replace-status-ingress-v1-networking-k8s-io","subsections":[]},{"section":"read-status-ingress-v1-networking-k8s-io","subsections":[]},{"section":"patch-status-ingress-v1-networking-k8s-io","subsections":[]}]},{"section":"-strong-read-operations-ingress-v1-networking-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-ingress-v1-networking-k8s-io","subsections":[]},{"section":"watch-list-ingress-v1-networking-k8s-io","subsections":[]},{"section":"watch-ingress-v1-networking-k8s-io","subsections":[]},{"section":"list-all-namespaces-ingress-v1-networking-k8s-io","subsections":[]},{"section":"list-ingress-v1-networking-k8s-io","subsections":[]},{"section":"read-ingress-v1-networking-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-ingress-v1-networking-k8s-io-strong-","subsections":[{"section":"delete-collection-ingress-v1-networking-k8s-io","subsections":[]},{"section":"delete-ingress-v1-networking-k8s-io","subsections":[]},{"section":"replace-ingress-v1-networking-k8s-io","subsections":[]},{"section":"patch-ingress-v1-networking-k8s-io","subsections":[]},{"section":"create-ingress-v1-networking-k8s-io","subsections":[]}]}]},{"section":"clustercidr-v1alpha1-networking-k8s-io","subsections":[{"section":"-strong-read-operations-clustercidr-v1alpha1-networking-k8s-io-strong-","subsections":[{"section":"watch-list-clustercidr-v1alpha1-networking-k8s-io","subsections":[]},{"section":"watch-clustercidr-v1alpha1-networking-k8s-io","subsections":[]},{"section":"list-clustercidr-v1alpha1-networking-k8s-io","subsections":[]},{"section":"read-clustercidr-v1alpha1-networking-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-clustercidr-v1alpha1-networking-k8s-io-strong-","subsections":[{"section":"delete-collection-clustercidr-v1alpha1-networking-k8s-io","subsections":[]},{"section":"delete-clustercidr-v1alpha1-networking-k8s-io","subsections":[]},{"section":"replace-clustercidr-v1alpha1-networking-k8s-io","subsections":[]},{"section":"patch-clustercidr-v1alpha1-networking-k8s-io","subsections":[]},{"section":"create-clustercidr-v1alpha1-networking-k8s-io","subsections":[]}]}]},{"section":"endpointslice-v1-discovery-k8s-io","subsections":[{"section":"-strong-read-operations-endpointslice-v1-discovery-k8s-io-strong-","subsections":[{"section":"watch-list-all-namespaces-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"watch-list-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"watch-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"list-all-namespaces-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"list-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"read-endpointslice-v1-discovery-k8s-io","subsections":[]}]},{"section":"-strong-write-operations-endpointslice-v1-discovery-k8s-io-strong-","subsections":[{"section":"delete-collection-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"delete-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"replace-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"patch-endpointslice-v1-discovery-k8s-io","subsections":[]},{"section":"create-endpointslice-v1-discovery-k8s-io","subsections":[]}]}]},{"section":"endpoints-v1-core","subsections":[{"section":"-strong-read-operations-endpoints-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-endpoints-v1-core","subsections":[]},{"section":"watch-list-endpoints-v1-core","subsections":[]},{"section":"watch-endpoints-v1-core","subsections":[]},{"section":"list-all-namespaces-endpoints-v1-core","subsections":[]},{"section":"list-endpoints-v1-core","subsections":[]},{"section":"read-endpoints-v1-core","subsections":[]}]},{"section":"-strong-write-operations-endpoints-v1-core-strong-","subsections":[{"section":"delete-collection-endpoints-v1-core","subsections":[]},{"section":"delete-endpoints-v1-core","subsections":[]},{"section":"replace-endpoints-v1-core","subsections":[]},{"section":"patch-endpoints-v1-core","subsections":[]},{"section":"create-endpoints-v1-core","subsections":[]}]}]},{"section":"-strong-service-apis-strong-","subsections":[]},{"section":"statefulset-v1-apps","subsections":[{"section":"-strong-misc-operations-statefulset-v1-apps-strong-","subsections":[{"section":"patch-scale-statefulset-v1-apps","subsections":[]},{"section":"replace-scale-statefulset-v1-apps","subsections":[]},{"section":"read-scale-statefulset-v1-apps","subsections":[]}]},{"section":"-strong-status-operations-statefulset-v1-apps-strong-","subsections":[{"section":"replace-status-statefulset-v1-apps","subsections":[]},{"section":"read-status-statefulset-v1-apps","subsections":[]},{"section":"patch-status-statefulset-v1-apps","subsections":[]}]},{"section":"-strong-read-operations-statefulset-v1-apps-strong-","subsections":[{"section":"watch-list-all-namespaces-statefulset-v1-apps","subsections":[]},{"section":"watch-list-statefulset-v1-apps","subsections":[]},{"section":"watch-statefulset-v1-apps","subsections":[]},{"section":"list-all-namespaces-statefulset-v1-apps","subsections":[]},{"section":"list-statefulset-v1-apps","subsections":[]},{"section":"read-statefulset-v1-apps","subsections":[]}]},{"section":"-strong-write-operations-statefulset-v1-apps-strong-","subsections":[{"section":"delete-collection-statefulset-v1-apps","subsections":[]},{"section":"delete-statefulset-v1-apps","subsections":[]},{"section":"replace-statefulset-v1-apps","subsections":[]},{"section":"patch-statefulset-v1-apps","subsections":[]},{"section":"create-statefulset-v1-apps","subsections":[]}]}]},{"section":"replicationcontroller-v1-core","subsections":[{"section":"-strong-misc-operations-replicationcontroller-v1-core-strong-","subsections":[{"section":"patch-scale-replicationcontroller-v1-core","subsections":[]},{"section":"replace-scale-replicationcontroller-v1-core","subsections":[]},{"section":"read-scale-replicationcontroller-v1-core","subsections":[]}]},{"section":"-strong-status-operations-replicationcontroller-v1-core-strong-","subsections":[{"section":"replace-status-replicationcontroller-v1-core","subsections":[]},{"section":"read-status-replicationcontroller-v1-core","subsections":[]},{"section":"patch-status-replicationcontroller-v1-core","subsections":[]}]},{"section":"-strong-read-operations-replicationcontroller-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-replicationcontroller-v1-core","subsections":[]},{"section":"watch-list-replicationcontroller-v1-core","subsections":[]},{"section":"watch-replicationcontroller-v1-core","subsections":[]},{"section":"list-all-namespaces-replicationcontroller-v1-core","subsections":[]},{"section":"list-replicationcontroller-v1-core","subsections":[]},{"section":"read-replicationcontroller-v1-core","subsections":[]}]},{"section":"-strong-write-operations-replicationcontroller-v1-core-strong-","subsections":[{"section":"delete-collection-replicationcontroller-v1-core","subsections":[]},{"section":"delete-replicationcontroller-v1-core","subsections":[]},{"section":"replace-replicationcontroller-v1-core","subsections":[]},{"section":"patch-replicationcontroller-v1-core","subsections":[]},{"section":"create-replicationcontroller-v1-core","subsections":[]}]}]},{"section":"replicaset-v1-apps","subsections":[{"section":"-strong-misc-operations-replicaset-v1-apps-strong-","subsections":[{"section":"patch-scale-replicaset-v1-apps","subsections":[]},{"section":"replace-scale-replicaset-v1-apps","subsections":[]},{"section":"read-scale-replicaset-v1-apps","subsections":[]}]},{"section":"-strong-status-operations-replicaset-v1-apps-strong-","subsections":[{"section":"replace-status-replicaset-v1-apps","subsections":[]},{"section":"read-status-replicaset-v1-apps","subsections":[]},{"section":"patch-status-replicaset-v1-apps","subsections":[]}]},{"section":"-strong-read-operations-replicaset-v1-apps-strong-","subsections":[{"section":"watch-list-all-namespaces-replicaset-v1-apps","subsections":[]},{"section":"watch-list-replicaset-v1-apps","subsections":[]},{"section":"watch-replicaset-v1-apps","subsections":[]},{"section":"list-all-namespaces-replicaset-v1-apps","subsections":[]},{"section":"list-replicaset-v1-apps","subsections":[]},{"section":"read-replicaset-v1-apps","subsections":[]}]},{"section":"-strong-write-operations-replicaset-v1-apps-strong-","subsections":[{"section":"delete-collection-replicaset-v1-apps","subsections":[]},{"section":"delete-replicaset-v1-apps","subsections":[]},{"section":"replace-replicaset-v1-apps","subsections":[]},{"section":"patch-replicaset-v1-apps","subsections":[]},{"section":"create-replicaset-v1-apps","subsections":[]}]}]},{"section":"pod-v1-core","subsections":[{"section":"-strong-misc-operations-pod-v1-core-strong-","subsections":[{"section":"read-log-pod-v1-core","subsections":[]}]},{"section":"-strong-proxy-operations-pod-v1-core-strong-","subsections":[{"section":"replace-connect-proxy-path-pod-v1-core","subsections":[]},{"section":"replace-connect-proxy-pod-v1-core","subsections":[]},{"section":"head-connect-proxy-path-pod-v1-core","subsections":[]},{"section":"head-connect-proxy-pod-v1-core","subsections":[]},{"section":"get-connect-proxy-path-pod-v1-core","subsections":[]},{"section":"get-connect-proxy-pod-v1-core","subsections":[]},{"section":"get-connect-portforward-pod-v1-core","subsections":[]},{"section":"delete-connect-proxy-path-pod-v1-core","subsections":[]},{"section":"delete-connect-proxy-pod-v1-core","subsections":[]},{"section":"create-connect-proxy-path-pod-v1-core","subsections":[]},{"section":"create-connect-proxy-pod-v1-core","subsections":[]},{"section":"create-connect-portforward-pod-v1-core","subsections":[]}]},{"section":"-strong-ephemeralcontainers-operations-pod-v1-core-strong-","subsections":[{"section":"replace-ephemeralcontainers-pod-v1-core","subsections":[]},{"section":"read-ephemeralcontainers-pod-v1-core","subsections":[]},{"section":"patch-ephemeralcontainers-pod-v1-core","subsections":[]}]},{"section":"-strong-status-operations-pod-v1-core-strong-","subsections":[{"section":"replace-status-pod-v1-core","subsections":[]},{"section":"read-status-pod-v1-core","subsections":[]},{"section":"patch-status-pod-v1-core","subsections":[]}]},{"section":"-strong-read-operations-pod-v1-core-strong-","subsections":[{"section":"watch-list-all-namespaces-pod-v1-core","subsections":[]},{"section":"watch-list-pod-v1-core","subsections":[]},{"section":"watch-pod-v1-core","subsections":[]},{"section":"list-all-namespaces-pod-v1-core","subsections":[]},{"section":"list-pod-v1-core","subsections":[]},{"section":"read-pod-v1-core","subsections":[]}]},{"section":"-strong-write-operations-pod-v1-core-strong-","subsections":[{"section":"delete-collection-pod-v1-core","subsections":[]},{"section":"delete-pod-v1-core","subsections":[]},{"section":"replace-pod-v1-core","subsections":[]},{"section":"patch-pod-v1-core","subsections":[]},{"section":"create-eviction-pod-v1-core","subsections":[]},{"section":"create-pod-v1-core","subsections":[]}]}]},{"section":"job-v1-batch","subsections":[{"section":"-strong-status-operations-job-v1-batch-strong-","subsections":[{"section":"replace-status-job-v1-batch","subsections":[]},{"section":"read-status-job-v1-batch","subsections":[]},{"section":"patch-status-job-v1-batch","subsections":[]}]},{"section":"-strong-read-operations-job-v1-batch-strong-","subsections":[{"section":"watch-list-all-namespaces-job-v1-batch","subsections":[]},{"section":"watch-list-job-v1-batch","subsections":[]},{"section":"watch-job-v1-batch","subsections":[]},{"section":"list-all-namespaces-job-v1-batch","subsections":[]},{"section":"list-job-v1-batch","subsections":[]},{"section":"read-job-v1-batch","subsections":[]}]},{"section":"-strong-write-operations-job-v1-batch-strong-","subsections":[{"section":"delete-collection-job-v1-batch","subsections":[]},{"section":"delete-job-v1-batch","subsections":[]},{"section":"replace-job-v1-batch","subsections":[]},{"section":"patch-job-v1-batch","subsections":[]},{"section":"create-job-v1-batch","subsections":[]}]}]},{"section":"deployment-v1-apps","subsections":[{"section":"-strong-misc-operations-deployment-v1-apps-strong-","subsections":[{"section":"patch-scale-deployment-v1-apps","subsections":[]},{"section":"replace-scale-deployment-v1-apps","subsections":[]},{"section":"read-scale-deployment-v1-apps","subsections":[]}]},{"section":"-strong-status-operations-deployment-v1-apps-strong-","subsections":[{"section":"replace-status-deployment-v1-apps","subsections":[]},{"section":"read-status-deployment-v1-apps","subsections":[]},{"section":"patch-status-deployment-v1-apps","subsections":[]}]},{"section":"-strong-read-operations-deployment-v1-apps-strong-","subsections":[{"section":"watch-list-all-namespaces-deployment-v1-apps","subsections":[]},{"section":"watch-list-deployment-v1-apps","subsections":[]},{"section":"watch-deployment-v1-apps","subsections":[]},{"section":"list-all-namespaces-deployment-v1-apps","subsections":[]},{"section":"list-deployment-v1-apps","subsections":[]},{"section":"read-deployment-v1-apps","subsections":[]}]},{"section":"-strong-write-operations-deployment-v1-apps-strong-","subsections":[{"section":"delete-collection-deployment-v1-apps","subsections":[]},{"section":"delete-deployment-v1-apps","subsections":[]},{"section":"replace-deployment-v1-apps","subsections":[]},{"section":"patch-deployment-v1-apps","subsections":[]},{"section":"create-deployment-v1-apps","subsections":[]}]}]},{"section":"daemonset-v1-apps","subsections":[{"section":"-strong-status-operations-daemonset-v1-apps-strong-","subsections":[{"section":"replace-status-daemonset-v1-apps","subsections":[]},{"section":"read-status-daemonset-v1-apps","subsections":[]},{"section":"patch-status-daemonset-v1-apps","subsections":[]}]},{"section":"-strong-read-operations-daemonset-v1-apps-strong-","subsections":[{"section":"watch-list-all-namespaces-daemonset-v1-apps","subsections":[]},{"section":"watch-list-daemonset-v1-apps","subsections":[]},{"section":"watch-daemonset-v1-apps","subsections":[]},{"section":"list-all-namespaces-daemonset-v1-apps","subsections":[]},{"section":"list-daemonset-v1-apps","subsections":[]},{"section":"read-daemonset-v1-apps","subsections":[]}]},{"section":"-strong-write-operations-daemonset-v1-apps-strong-","subsections":[{"section":"delete-collection-daemonset-v1-apps","subsections":[]},{"section":"delete-daemonset-v1-apps","subsections":[]},{"section":"replace-daemonset-v1-apps","subsections":[]},{"section":"patch-daemonset-v1-apps","subsections":[]},{"section":"create-daemonset-v1-apps","subsections":[]}]}]},{"section":"cronjob-v1-batch","subsections":[{"section":"-strong-status-operations-cronjob-v1-batch-strong-","subsections":[{"section":"replace-status-cronjob-v1-batch","subsections":[]},{"section":"read-status-cronjob-v1-batch","subsections":[]},{"section":"patch-status-cronjob-v1-batch","subsections":[]}]},{"section":"-strong-read-operations-cronjob-v1-batch-strong-","subsections":[{"section":"watch-list-all-namespaces-cronjob-v1-batch","subsections":[]},{"section":"watch-list-cronjob-v1-batch","subsections":[]},{"section":"watch-cronjob-v1-batch","subsections":[]},{"section":"list-all-namespaces-cronjob-v1-batch","subsections":[]},{"section":"list-cronjob-v1-batch","subsections":[]},{"section":"read-cronjob-v1-batch","subsections":[]}]},{"section":"-strong-write-operations-cronjob-v1-batch-strong-","subsections":[{"section":"delete-collection-cronjob-v1-batch","subsections":[]},{"section":"delete-cronjob-v1-batch","subsections":[]},{"section":"replace-cronjob-v1-batch","subsections":[]},{"section":"patch-cronjob-v1-batch","subsections":[]},{"section":"create-cronjob-v1-batch","subsections":[]}]}]},{"section":"container-v1-core","subsections":[]},{"section":"-strong-workloads-apis-strong-","subsections":[]},{"section":"-strong-api-groups-strong-","subsections":[]},{"section":"-strong-api-overview-strong-","subsections":[]}],"flatToc":["webhookclientconfig-v1-apiextensions-k8s-io","usersubject-v1beta2-flowcontrol-apiserver-k8s-io","tokenrequest-v1-storage-k8s-io","subject-v1beta2-flowcontrol-apiserver-k8s-io","subject-v1-rbac-authorization-k8s-io","servicereference-v1-apiregistration-k8s-io","servicereference-v1-apiextensions-k8s-io","serviceaccountsubject-v1beta2-flowcontrol-apiserver-k8s-io","create-selfsubjectreview-v1alpha1-authentication-k8s-io","-strong-write-operations-selfsubjectreview-v1alpha1-authentication-k8s-io-strong-","selfsubjectreview-v1alpha1-authentication-k8s-io","resourcepolicyrule-v1beta2-flowcontrol-apiserver-k8s-io","replace-status-resourceclaim-v1alpha2-resource-k8s-io","read-status-resourceclaim-v1alpha2-resource-k8s-io","patch-status-resourceclaim-v1alpha2-resource-k8s-io","-strong-status-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","watch-list-all-namespaces-resourceclaim-v1alpha2-resource-k8s-io","watch-list-resourceclaim-v1alpha2-resource-k8s-io","watch-resourceclaim-v1alpha2-resource-k8s-io","list-all-namespaces-resourceclaim-v1alpha2-resource-k8s-io","list-resourceclaim-v1alpha2-resource-k8s-io","read-resourceclaim-v1alpha2-resource-k8s-io","-strong-read-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","delete-collection-resourceclaim-v1alpha2-resource-k8s-io","delete-resourceclaim-v1alpha2-resource-k8s-io","replace-resourceclaim-v1alpha2-resource-k8s-io","patch-resourceclaim-v1alpha2-resource-k8s-io","create-resourceclaim-v1alpha2-resource-k8s-io","-strong-write-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","resourceclaim-v1alpha2-resource-k8s-io","queuingconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","prioritylevelconfigurationreference-v1beta2-flowcontrol-apiserver-k8s-io","prioritylevelconfigurationcondition-v1beta2-flowcontrol-apiserver-k8s-io","replace-status-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","read-status-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","patch-status-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","-strong-status-operations-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io-strong-","watch-list-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","watch-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","list-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","read-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","-strong-read-operations-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io-strong-","delete-collection-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","delete-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","replace-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","patch-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","create-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","-strong-write-operations-prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io-strong-","prioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","policyruleswithsubjects-v1beta2-flowcontrol-apiserver-k8s-io","nonresourcepolicyrule-v1beta2-flowcontrol-apiserver-k8s-io","matchcondition-v1alpha1-admissionregistration-k8s-io","limitedprioritylevelconfiguration-v1beta2-flowcontrol-apiserver-k8s-io","limitresponse-v1beta2-flowcontrol-apiserver-k8s-io","replace-status-horizontalpodautoscaler-v1-autoscaling","read-status-horizontalpodautoscaler-v1-autoscaling","patch-status-horizontalpodautoscaler-v1-autoscaling","-strong-status-operations-horizontalpodautoscaler-v1-autoscaling-strong-","watch-list-all-namespaces-horizontalpodautoscaler-v1-autoscaling","watch-list-horizontalpodautoscaler-v1-autoscaling","watch-horizontalpodautoscaler-v1-autoscaling","list-all-namespaces-horizontalpodautoscaler-v1-autoscaling","list-horizontalpodautoscaler-v1-autoscaling","read-horizontalpodautoscaler-v1-autoscaling","-strong-read-operations-horizontalpodautoscaler-v1-autoscaling-strong-","delete-collection-horizontalpodautoscaler-v1-autoscaling","delete-horizontalpodautoscaler-v1-autoscaling","replace-horizontalpodautoscaler-v1-autoscaling","patch-horizontalpodautoscaler-v1-autoscaling","create-horizontalpodautoscaler-v1-autoscaling","-strong-write-operations-horizontalpodautoscaler-v1-autoscaling-strong-","horizontalpodautoscaler-v1-autoscaling","groupsubject-v1beta2-flowcontrol-apiserver-k8s-io","flowschemacondition-v1beta2-flowcontrol-apiserver-k8s-io","replace-status-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","read-status-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","patch-status-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","-strong-status-operations-flowschema-v1beta2-flowcontrol-apiserver-k8s-io-strong-","watch-list-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","watch-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","list-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","read-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","-strong-read-operations-flowschema-v1beta2-flowcontrol-apiserver-k8s-io-strong-","delete-collection-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","delete-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","replace-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","patch-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","create-flowschema-v1beta2-flowcontrol-apiserver-k8s-io","-strong-write-operations-flowschema-v1beta2-flowcontrol-apiserver-k8s-io-strong-","flowschema-v1beta2-flowcontrol-apiserver-k8s-io","flowdistinguishermethod-v1beta2-flowcontrol-apiserver-k8s-io","eventseries-v1-core","watch-list-all-namespaces-event-v1-core","watch-list-event-v1-core","watch-event-v1-core","list-all-namespaces-event-v1-core","list-event-v1-core","read-event-v1-core","-strong-read-operations-event-v1-core-strong-","delete-collection-event-v1-core","delete-event-v1-core","replace-event-v1-core","patch-event-v1-core","create-event-v1-core","-strong-write-operations-event-v1-core-strong-","event-v1-core","endpointport-v1-discovery-k8s-io","crossversionobjectreference-v1-autoscaling","-strong-old-api-versions-strong-","windowssecuritycontextoptions-v1-core","weightedpodaffinityterm-v1-core","webhookconversion-v1-apiextensions-k8s-io","webhookclientconfig-v1-admissionregistration-k8s-io","watchevent-v1-meta","vspherevirtualdiskvolumesource-v1-core","volumeprojection-v1-core","volumenoderesources-v1-storage-k8s-io","volumenodeaffinity-v1-core","volumemount-v1-core","volumeerror-v1-storage-k8s-io","volumedevice-v1-core","volumeattachmentsource-v1-storage-k8s-io","validationrule-v1-apiextensions-k8s-io","validation-v1alpha1-admissionregistration-k8s-io","validatingwebhook-v1-admissionregistration-k8s-io","usersubject-v1beta3-flowcontrol-apiserver-k8s-io","userinfo-v1-authentication-k8s-io","uncountedterminatedpods-v1-batch","typedobjectreference-v1-core","typedlocalobjectreference-v1-core","typechecking-v1alpha1-admissionregistration-k8s-io","topologyspreadconstraint-v1-core","topologyselectorterm-v1-core","topologyselectorlabelrequirement-v1-core","toleration-v1-core","time-v1-meta","taint-v1-core","tcpsocketaction-v1-core","sysctl-v1-core","subjectrulesreviewstatus-v1-authorization-k8s-io","subject-v1beta3-flowcontrol-apiserver-k8s-io","storageversioncondition-v1alpha1-internal-apiserver-k8s-io","storageosvolumesource-v1-core","storageospersistentvolumesource-v1-core","statusdetails-v1-meta","statuscause-v1-meta","status-v1-meta","statefulsetupdatestrategy-v1-apps","statefulsetpersistentvolumeclaimretentionpolicy-v1-apps","statefulsetordinals-v1-apps","statefulsetcondition-v1-apps","sessionaffinityconfig-v1-core","servicereference-v1-admissionregistration-k8s-io","serviceport-v1-core","servicebackendport-v1-networking-k8s-io","serviceaccounttokenprojection-v1-core","serviceaccountsubject-v1beta3-flowcontrol-apiserver-k8s-io","serverstorageversion-v1alpha1-internal-apiserver-k8s-io","serveraddressbyclientcidr-v1-meta","securitycontext-v1-core","secretvolumesource-v1-core","secretreference-v1-core","secretprojection-v1-core","secretkeyselector-v1-core","secretenvsource-v1-core","seccompprofile-v1-core","scopedresourceselectorrequirement-v1-core","scopeselector-v1-core","scheduling-v1-node-k8s-io","scaleiovolumesource-v1-core","scaleiopersistentvolumesource-v1-core","scale-v1-autoscaling","selinuxoptions-v1-core","rulewithoperations-v1-admissionregistration-k8s-io","rollingupdatestatefulsetstrategy-v1-apps","roleref-v1-rbac-authorization-k8s-io","resourcerule-v1-authorization-k8s-io","resourcerequirements-v1-core","resourcepolicyrule-v1beta3-flowcontrol-apiserver-k8s-io","resourcemetricstatus-v2-autoscaling","resourcemetricsource-v2-autoscaling","resourcehandle-v1alpha2-resource-k8s-io","resourcefieldselector-v1-core","resourceclassparametersreference-v1alpha2-resource-k8s-io","resourceclaimschedulingstatus-v1alpha2-resource-k8s-io","resourceclaimparametersreference-v1alpha2-resource-k8s-io","resourceclaimconsumerreference-v1alpha2-resource-k8s-io","resourceclaim-v1-core","resourceattributes-v1-authorization-k8s-io","replicationcontrollercondition-v1-core","replicasetcondition-v1-apps","rbdvolumesource-v1-core","rbdpersistentvolumesource-v1-core","quobytevolumesource-v1-core","queuingconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","quantity-resource-core","projectedvolumesource-v1-core","probe-v1-core","prioritylevelconfigurationreference-v1beta3-flowcontrol-apiserver-k8s-io","prioritylevelconfigurationcondition-v1beta3-flowcontrol-apiserver-k8s-io","preferredschedulingterm-v1-core","preconditions-v1-meta","portworxvolumesource-v1-core","portstatus-v1-core","policyruleswithsubjects-v1beta3-flowcontrol-apiserver-k8s-io","policyrule-v1-rbac-authorization-k8s-io","podsmetricstatus-v2-autoscaling","podsmetricsource-v2-autoscaling","podsecuritycontext-v1-core","podschedulinggate-v1-core","podresourceclaim-v1-core","podreadinessgate-v1-core","podos-v1-core","podip-v1-core","podfailurepolicyrule-v1-batch","podfailurepolicyonpodconditionspattern-v1-batch","podfailurepolicyonexitcodesrequirement-v1-batch","podfailurepolicy-v1-batch","poddnsconfigoption-v1-core","poddnsconfig-v1-core","podcondition-v1-core","podantiaffinity-v1-core","podaffinityterm-v1-core","podaffinity-v1-core","photonpersistentdiskvolumesource-v1-core","persistentvolumeclaimvolumesource-v1-core","persistentvolumeclaimtemplate-v1-core","persistentvolumeclaimcondition-v1-core","patch-v1-meta","parentreference-v1alpha1-networking-k8s-io","paramref-v1alpha1-admissionregistration-k8s-io","paramkind-v1alpha1-admissionregistration-k8s-io","ownerreference-v1-meta","overhead-v1-node-k8s-io","objectreference-v1-core","objectmetricstatus-v2-autoscaling","objectmetricsource-v2-autoscaling","objectmeta-v1-meta","objectfieldselector-v1-core","nonresourcerule-v1-authorization-k8s-io","nonresourcepolicyrule-v1beta3-flowcontrol-apiserver-k8s-io","nonresourceattributes-v1-authorization-k8s-io","nodesysteminfo-v1-core","nodeselectorterm-v1-core","nodeselectorrequirement-v1-core","nodeselector-v1-core","nodedaemonendpoints-v1-core","nodeconfigstatus-v1-core","nodeconfigsource-v1-core","nodecondition-v1-core","nodeaffinity-v1-core","nodeaddress-v1-core","networkpolicyport-v1-networking-k8s-io","networkpolicypeer-v1-networking-k8s-io","networkpolicyingressrule-v1-networking-k8s-io","networkpolicyegressrule-v1-networking-k8s-io","namespacecondition-v1-core","namedrulewithoperations-v1alpha1-admissionregistration-k8s-io","nfsvolumesource-v1-core","mutatingwebhook-v1-admissionregistration-k8s-io","microtime-v1-meta","metricvaluestatus-v2-autoscaling","metrictarget-v2-autoscaling","metricstatus-v2-autoscaling","metricspec-v2-autoscaling","metricidentifier-v2-autoscaling","matchresources-v1alpha1-admissionregistration-k8s-io","matchcondition-v1-admissionregistration-k8s-io","managedfieldsentry-v1-meta","localvolumesource-v1-core","localobjectreference-v1-core","loadbalancerstatus-v1-core","loadbalanceringress-v1-core","listmeta-v1-meta","limitedprioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","limitresponse-v1beta3-flowcontrol-apiserver-k8s-io","limitrangeitem-v1-core","lifecyclehandler-v1-core","lifecycle-v1-core","labelselectorrequirement-v1-meta","labelselector-v1-meta","keytopath-v1-core","jobtemplatespec-v1-batch","jobcondition-v1-batch","jsonschemapropsorbool-v1-apiextensions-k8s-io","jsonschemapropsorarray-v1-apiextensions-k8s-io","jsonschemaprops-v1-apiextensions-k8s-io","json-v1-apiextensions-k8s-io","ingresstls-v1-networking-k8s-io","ingressservicebackend-v1-networking-k8s-io","ingressrule-v1-networking-k8s-io","ingressportstatus-v1-networking-k8s-io","ingressloadbalancerstatus-v1-networking-k8s-io","ingressloadbalanceringress-v1-networking-k8s-io","ingressclassparametersreference-v1-networking-k8s-io","ingressbackend-v1-networking-k8s-io","iscsivolumesource-v1-core","iscsipersistentvolumesource-v1-core","ipblock-v1-networking-k8s-io","hostpathvolumesource-v1-core","hostalias-v1-core","horizontalpodautoscalercondition-v2-autoscaling","horizontalpodautoscalerbehavior-v2-autoscaling","httpingressrulevalue-v1-networking-k8s-io","httpingresspath-v1-networking-k8s-io","httpheader-v1-core","httpgetaction-v1-core","hpascalingrules-v2-autoscaling","hpascalingpolicy-v2-autoscaling","groupversionfordiscovery-v1-meta","groupsubject-v1beta3-flowcontrol-apiserver-k8s-io","glusterfsvolumesource-v1-core","glusterfspersistentvolumesource-v1-core","gitrepovolumesource-v1-core","grpcaction-v1-core","gcepersistentdiskvolumesource-v1-core","forzone-v1-discovery-k8s-io","flowschemacondition-v1beta3-flowcontrol-apiserver-k8s-io","flowdistinguishermethod-v1beta3-flowcontrol-apiserver-k8s-io","flockervolumesource-v1-core","flexvolumesource-v1-core","flexpersistentvolumesource-v1-core","fieldsv1-v1-meta","fcvolumesource-v1-core","externalmetricstatus-v2-autoscaling","externalmetricsource-v2-autoscaling","externaldocumentation-v1-apiextensions-k8s-io","expressionwarning-v1alpha1-admissionregistration-k8s-io","execaction-v1-core","eviction-v1-policy","eventsource-v1-core","eventseries-v1-events-k8s-io","ephemeralvolumesource-v1-core","ephemeralcontainer-v1-core","envvarsource-v1-core","envvar-v1-core","envfromsource-v1-core","endpointsubset-v1-core","endpointport-v1-core","endpointhints-v1-discovery-k8s-io","endpointconditions-v1-discovery-k8s-io","endpointaddress-v1-core","endpoint-v1-discovery-k8s-io","emptydirvolumesource-v1-core","downwardapivolumesource-v1-core","downwardapivolumefile-v1-core","downwardapiprojection-v1-core","deploymentcondition-v1-apps","deleteoptions-v1-meta","daemonsetupdatestrategy-v1-apps","daemonsetcondition-v1-apps","daemonendpoint-v1-core","customresourcevalidation-v1-apiextensions-k8s-io","customresourcesubresources-v1-apiextensions-k8s-io","customresourcesubresourcestatus-v1-apiextensions-k8s-io","customresourcesubresourcescale-v1-apiextensions-k8s-io","customresourcedefinitionversion-v1-apiextensions-k8s-io","customresourcedefinitionnames-v1-apiextensions-k8s-io","customresourcedefinitioncondition-v1-apiextensions-k8s-io","customresourceconversion-v1-apiextensions-k8s-io","customresourcecolumndefinition-v1-apiextensions-k8s-io","crossversionobjectreference-v2-autoscaling","containerstatewaiting-v1-core","containerstateterminated-v1-core","containerstaterunning-v1-core","containerstate-v1-core","containerresourcemetricstatus-v2-autoscaling","containerresourcemetricsource-v2-autoscaling","containerresizepolicy-v1-core","containerport-v1-core","containerimage-v1-core","configmapvolumesource-v1-core","configmapprojection-v1-core","configmapnodeconfigsource-v1-core","configmapkeyselector-v1-core","configmapenvsource-v1-core","condition-v1-meta","componentcondition-v1-core","clientipconfig-v1-core","claimsource-v1-core","cindervolumesource-v1-core","cinderpersistentvolumesource-v1-core","certificatesigningrequestcondition-v1-certificates-k8s-io","cephfsvolumesource-v1-core","cephfspersistentvolumesource-v1-core","capabilities-v1-core","csivolumesource-v1-core","csipersistentvolumesource-v1-core","csinodedriver-v1-storage-k8s-io","boundobjectreference-v1-authentication-k8s-io","azurefilevolumesource-v1-core","azurefilepersistentvolumesource-v1-core","azurediskvolumesource-v1-core","auditannotation-v1alpha1-admissionregistration-k8s-io","attachedvolume-v1-core","allocationresult-v1alpha2-resource-k8s-io","aggregationrule-v1-rbac-authorization-k8s-io","affinity-v1-core","awselasticblockstorevolumesource-v1-core","apiversions-v1-meta","apiservicecondition-v1-apiregistration-k8s-io","apiresource-v1-meta","apigroup-v1-meta","-strong-definitions-strong-","replace-status-networkpolicy-v1-networking-k8s-io","read-status-networkpolicy-v1-networking-k8s-io","patch-status-networkpolicy-v1-networking-k8s-io","-strong-status-operations-networkpolicy-v1-networking-k8s-io-strong-","watch-list-all-namespaces-networkpolicy-v1-networking-k8s-io","watch-list-networkpolicy-v1-networking-k8s-io","watch-networkpolicy-v1-networking-k8s-io","list-all-namespaces-networkpolicy-v1-networking-k8s-io","list-networkpolicy-v1-networking-k8s-io","read-networkpolicy-v1-networking-k8s-io","-strong-read-operations-networkpolicy-v1-networking-k8s-io-strong-","delete-collection-networkpolicy-v1-networking-k8s-io","delete-networkpolicy-v1-networking-k8s-io","replace-networkpolicy-v1-networking-k8s-io","patch-networkpolicy-v1-networking-k8s-io","create-networkpolicy-v1-networking-k8s-io","-strong-write-operations-networkpolicy-v1-networking-k8s-io-strong-","networkpolicy-v1-networking-k8s-io","create-tokenreview-v1-authentication-k8s-io","-strong-write-operations-tokenreview-v1-authentication-k8s-io-strong-","tokenreview-v1-authentication-k8s-io","tokenrequest-v1-authentication-k8s-io","create-subjectaccessreview-v1-authorization-k8s-io","-strong-write-operations-subjectaccessreview-v1-authorization-k8s-io-strong-","subjectaccessreview-v1-authorization-k8s-io","replace-status-storageversion-v1alpha1-internal-apiserver-k8s-io","read-status-storageversion-v1alpha1-internal-apiserver-k8s-io","patch-status-storageversion-v1alpha1-internal-apiserver-k8s-io","-strong-status-operations-storageversion-v1alpha1-internal-apiserver-k8s-io-strong-","watch-list-storageversion-v1alpha1-internal-apiserver-k8s-io","watch-storageversion-v1alpha1-internal-apiserver-k8s-io","list-storageversion-v1alpha1-internal-apiserver-k8s-io","read-storageversion-v1alpha1-internal-apiserver-k8s-io","-strong-read-operations-storageversion-v1alpha1-internal-apiserver-k8s-io-strong-","delete-collection-storageversion-v1alpha1-internal-apiserver-k8s-io","delete-storageversion-v1alpha1-internal-apiserver-k8s-io","replace-storageversion-v1alpha1-internal-apiserver-k8s-io","patch-storageversion-v1alpha1-internal-apiserver-k8s-io","create-storageversion-v1alpha1-internal-apiserver-k8s-io","-strong-write-operations-storageversion-v1alpha1-internal-apiserver-k8s-io-strong-","storageversion-v1alpha1-internal-apiserver-k8s-io","watch-list-all-namespaces-serviceaccount-v1-core","watch-list-serviceaccount-v1-core","watch-serviceaccount-v1-core","list-all-namespaces-serviceaccount-v1-core","list-serviceaccount-v1-core","read-serviceaccount-v1-core","-strong-read-operations-serviceaccount-v1-core-strong-","delete-collection-serviceaccount-v1-core","delete-serviceaccount-v1-core","replace-serviceaccount-v1-core","patch-serviceaccount-v1-core","create-serviceaccount-v1-core","-strong-write-operations-serviceaccount-v1-core-strong-","serviceaccount-v1-core","create-selfsubjectrulesreview-v1-authorization-k8s-io","-strong-write-operations-selfsubjectrulesreview-v1-authorization-k8s-io-strong-","selfsubjectrulesreview-v1-authorization-k8s-io","create-selfsubjectreview-v1beta1-authentication-k8s-io","-strong-write-operations-selfsubjectreview-v1beta1-authentication-k8s-io-strong-","selfsubjectreview-v1beta1-authentication-k8s-io","create-selfsubjectaccessreview-v1-authorization-k8s-io","-strong-write-operations-selfsubjectaccessreview-v1-authorization-k8s-io-strong-","selfsubjectaccessreview-v1-authorization-k8s-io","watch-list-runtimeclass-v1-node-k8s-io","watch-runtimeclass-v1-node-k8s-io","list-runtimeclass-v1-node-k8s-io","read-runtimeclass-v1-node-k8s-io","-strong-read-operations-runtimeclass-v1-node-k8s-io-strong-","delete-collection-runtimeclass-v1-node-k8s-io","delete-runtimeclass-v1-node-k8s-io","replace-runtimeclass-v1-node-k8s-io","patch-runtimeclass-v1-node-k8s-io","create-runtimeclass-v1-node-k8s-io","-strong-write-operations-runtimeclass-v1-node-k8s-io-strong-","runtimeclass-v1-node-k8s-io","watch-list-all-namespaces-rolebinding-v1-rbac-authorization-k8s-io","watch-list-rolebinding-v1-rbac-authorization-k8s-io","watch-rolebinding-v1-rbac-authorization-k8s-io","list-all-namespaces-rolebinding-v1-rbac-authorization-k8s-io","list-rolebinding-v1-rbac-authorization-k8s-io","read-rolebinding-v1-rbac-authorization-k8s-io","-strong-read-operations-rolebinding-v1-rbac-authorization-k8s-io-strong-","delete-collection-rolebinding-v1-rbac-authorization-k8s-io","delete-rolebinding-v1-rbac-authorization-k8s-io","replace-rolebinding-v1-rbac-authorization-k8s-io","patch-rolebinding-v1-rbac-authorization-k8s-io","create-rolebinding-v1-rbac-authorization-k8s-io","-strong-write-operations-rolebinding-v1-rbac-authorization-k8s-io-strong-","rolebinding-v1-rbac-authorization-k8s-io","watch-list-all-namespaces-role-v1-rbac-authorization-k8s-io","watch-list-role-v1-rbac-authorization-k8s-io","watch-role-v1-rbac-authorization-k8s-io","list-all-namespaces-role-v1-rbac-authorization-k8s-io","list-role-v1-rbac-authorization-k8s-io","read-role-v1-rbac-authorization-k8s-io","-strong-read-operations-role-v1-rbac-authorization-k8s-io-strong-","delete-collection-role-v1-rbac-authorization-k8s-io","delete-role-v1-rbac-authorization-k8s-io","replace-role-v1-rbac-authorization-k8s-io","patch-role-v1-rbac-authorization-k8s-io","create-role-v1-rbac-authorization-k8s-io","-strong-write-operations-role-v1-rbac-authorization-k8s-io-strong-","role-v1-rbac-authorization-k8s-io","replace-status-resourcequota-v1-core","read-status-resourcequota-v1-core","patch-status-resourcequota-v1-core","-strong-status-operations-resourcequota-v1-core-strong-","watch-list-all-namespaces-resourcequota-v1-core","watch-list-resourcequota-v1-core","watch-resourcequota-v1-core","list-all-namespaces-resourcequota-v1-core","list-resourcequota-v1-core","read-resourcequota-v1-core","-strong-read-operations-resourcequota-v1-core-strong-","delete-collection-resourcequota-v1-core","delete-resourcequota-v1-core","replace-resourcequota-v1-core","patch-resourcequota-v1-core","create-resourcequota-v1-core","-strong-write-operations-resourcequota-v1-core-strong-","resourcequota-v1-core","replace-status-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","read-status-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","patch-status-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","-strong-status-operations-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io-strong-","watch-list-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","watch-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","list-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","read-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","-strong-read-operations-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io-strong-","delete-collection-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","delete-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","replace-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","patch-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","create-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","-strong-write-operations-prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io-strong-","prioritylevelconfiguration-v1beta3-flowcontrol-apiserver-k8s-io","replace-status-persistentvolume-v1-core","read-status-persistentvolume-v1-core","patch-status-persistentvolume-v1-core","-strong-status-operations-persistentvolume-v1-core-strong-","watch-list-persistentvolume-v1-core","watch-persistentvolume-v1-core","list-persistentvolume-v1-core","read-persistentvolume-v1-core","-strong-read-operations-persistentvolume-v1-core-strong-","delete-collection-persistentvolume-v1-core","delete-persistentvolume-v1-core","replace-persistentvolume-v1-core","patch-persistentvolume-v1-core","create-persistentvolume-v1-core","-strong-write-operations-persistentvolume-v1-core-strong-","persistentvolume-v1-core","replace-connect-proxy-path-node-v1-core","replace-connect-proxy-node-v1-core","head-connect-proxy-path-node-v1-core","head-connect-proxy-node-v1-core","get-connect-proxy-path-node-v1-core","get-connect-proxy-node-v1-core","delete-connect-proxy-path-node-v1-core","delete-connect-proxy-node-v1-core","create-connect-proxy-path-node-v1-core","create-connect-proxy-node-v1-core","-strong-proxy-operations-node-v1-core-strong-","replace-status-node-v1-core","read-status-node-v1-core","patch-status-node-v1-core","-strong-status-operations-node-v1-core-strong-","watch-list-node-v1-core","watch-node-v1-core","list-node-v1-core","read-node-v1-core","-strong-read-operations-node-v1-core-strong-","delete-collection-node-v1-core","delete-node-v1-core","replace-node-v1-core","patch-node-v1-core","create-node-v1-core","-strong-write-operations-node-v1-core-strong-","node-v1-core","replace-status-namespace-v1-core","read-status-namespace-v1-core","patch-status-namespace-v1-core","-strong-status-operations-namespace-v1-core-strong-","watch-list-namespace-v1-core","watch-namespace-v1-core","list-namespace-v1-core","read-namespace-v1-core","-strong-read-operations-namespace-v1-core-strong-","delete-namespace-v1-core","replace-namespace-v1-core","patch-namespace-v1-core","create-namespace-v1-core","-strong-write-operations-namespace-v1-core-strong-","namespace-v1-core","create-localsubjectaccessreview-v1-authorization-k8s-io","-strong-write-operations-localsubjectaccessreview-v1-authorization-k8s-io-strong-","localsubjectaccessreview-v1-authorization-k8s-io","watch-list-all-namespaces-lease-v1-coordination-k8s-io","watch-list-lease-v1-coordination-k8s-io","watch-lease-v1-coordination-k8s-io","list-all-namespaces-lease-v1-coordination-k8s-io","list-lease-v1-coordination-k8s-io","read-lease-v1-coordination-k8s-io","-strong-read-operations-lease-v1-coordination-k8s-io-strong-","delete-collection-lease-v1-coordination-k8s-io","delete-lease-v1-coordination-k8s-io","replace-lease-v1-coordination-k8s-io","patch-lease-v1-coordination-k8s-io","create-lease-v1-coordination-k8s-io","-strong-write-operations-lease-v1-coordination-k8s-io-strong-","lease-v1-coordination-k8s-io","watch-list-ipaddress-v1alpha1-networking-k8s-io","watch-ipaddress-v1alpha1-networking-k8s-io","list-ipaddress-v1alpha1-networking-k8s-io","read-ipaddress-v1alpha1-networking-k8s-io","-strong-read-operations-ipaddress-v1alpha1-networking-k8s-io-strong-","delete-collection-ipaddress-v1alpha1-networking-k8s-io","delete-ipaddress-v1alpha1-networking-k8s-io","replace-ipaddress-v1alpha1-networking-k8s-io","patch-ipaddress-v1alpha1-networking-k8s-io","create-ipaddress-v1alpha1-networking-k8s-io","-strong-write-operations-ipaddress-v1alpha1-networking-k8s-io-strong-","ipaddress-v1alpha1-networking-k8s-io","replace-status-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","read-status-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","patch-status-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","-strong-status-operations-flowschema-v1beta3-flowcontrol-apiserver-k8s-io-strong-","watch-list-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","watch-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","list-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","read-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","-strong-read-operations-flowschema-v1beta3-flowcontrol-apiserver-k8s-io-strong-","delete-collection-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","delete-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","replace-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","patch-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","create-flowschema-v1beta3-flowcontrol-apiserver-k8s-io","-strong-write-operations-flowschema-v1beta3-flowcontrol-apiserver-k8s-io-strong-","flowschema-v1beta3-flowcontrol-apiserver-k8s-io","list-componentstatus-v1-core","read-componentstatus-v1-core","-strong-read-operations-componentstatus-v1-core-strong-","componentstatus-v1-core","watch-list-clusterrolebinding-v1-rbac-authorization-k8s-io","watch-clusterrolebinding-v1-rbac-authorization-k8s-io","list-clusterrolebinding-v1-rbac-authorization-k8s-io","read-clusterrolebinding-v1-rbac-authorization-k8s-io","-strong-read-operations-clusterrolebinding-v1-rbac-authorization-k8s-io-strong-","delete-collection-clusterrolebinding-v1-rbac-authorization-k8s-io","delete-clusterrolebinding-v1-rbac-authorization-k8s-io","replace-clusterrolebinding-v1-rbac-authorization-k8s-io","patch-clusterrolebinding-v1-rbac-authorization-k8s-io","create-clusterrolebinding-v1-rbac-authorization-k8s-io","-strong-write-operations-clusterrolebinding-v1-rbac-authorization-k8s-io-strong-","clusterrolebinding-v1-rbac-authorization-k8s-io","watch-list-clusterrole-v1-rbac-authorization-k8s-io","watch-clusterrole-v1-rbac-authorization-k8s-io","list-clusterrole-v1-rbac-authorization-k8s-io","read-clusterrole-v1-rbac-authorization-k8s-io","-strong-read-operations-clusterrole-v1-rbac-authorization-k8s-io-strong-","delete-collection-clusterrole-v1-rbac-authorization-k8s-io","delete-clusterrole-v1-rbac-authorization-k8s-io","replace-clusterrole-v1-rbac-authorization-k8s-io","patch-clusterrole-v1-rbac-authorization-k8s-io","create-clusterrole-v1-rbac-authorization-k8s-io","-strong-write-operations-clusterrole-v1-rbac-authorization-k8s-io-strong-","clusterrole-v1-rbac-authorization-k8s-io","replace-status-certificatesigningrequest-v1-certificates-k8s-io","read-status-certificatesigningrequest-v1-certificates-k8s-io","patch-status-certificatesigningrequest-v1-certificates-k8s-io","-strong-status-operations-certificatesigningrequest-v1-certificates-k8s-io-strong-","watch-list-certificatesigningrequest-v1-certificates-k8s-io","watch-certificatesigningrequest-v1-certificates-k8s-io","list-certificatesigningrequest-v1-certificates-k8s-io","read-certificatesigningrequest-v1-certificates-k8s-io","-strong-read-operations-certificatesigningrequest-v1-certificates-k8s-io-strong-","delete-collection-certificatesigningrequest-v1-certificates-k8s-io","delete-certificatesigningrequest-v1-certificates-k8s-io","replace-certificatesigningrequest-v1-certificates-k8s-io","patch-certificatesigningrequest-v1-certificates-k8s-io","create-certificatesigningrequest-v1-certificates-k8s-io","-strong-write-operations-certificatesigningrequest-v1-certificates-k8s-io-strong-","certificatesigningrequest-v1-certificates-k8s-io","create-binding-v1-core","-strong-write-operations-binding-v1-core-strong-","binding-v1-core","replace-status-apiservice-v1-apiregistration-k8s-io","read-status-apiservice-v1-apiregistration-k8s-io","patch-status-apiservice-v1-apiregistration-k8s-io","-strong-status-operations-apiservice-v1-apiregistration-k8s-io-strong-","watch-list-apiservice-v1-apiregistration-k8s-io","watch-apiservice-v1-apiregistration-k8s-io","list-apiservice-v1-apiregistration-k8s-io","read-apiservice-v1-apiregistration-k8s-io","-strong-read-operations-apiservice-v1-apiregistration-k8s-io-strong-","delete-collection-apiservice-v1-apiregistration-k8s-io","delete-apiservice-v1-apiregistration-k8s-io","replace-apiservice-v1-apiregistration-k8s-io","patch-apiservice-v1-apiregistration-k8s-io","create-apiservice-v1-apiregistration-k8s-io","-strong-write-operations-apiservice-v1-apiregistration-k8s-io-strong-","apiservice-v1-apiregistration-k8s-io","-strong-cluster-apis-strong-","watch-list-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","watch-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","list-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","read-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","-strong-read-operations-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io-strong-","delete-collection-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","delete-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","replace-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","patch-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","create-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","-strong-write-operations-validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io-strong-","validatingadmissionpolicybinding-v1alpha1-admissionregistration-k8s-io","replace-status-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","read-status-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","patch-status-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","-strong-status-operations-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io-strong-","watch-list-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","watch-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","list-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","read-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","-strong-read-operations-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io-strong-","delete-collection-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","delete-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","replace-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","patch-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","create-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","-strong-write-operations-validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io-strong-","validatingadmissionpolicy-v1alpha1-admissionregistration-k8s-io","watch-list-resourceclass-v1alpha2-resource-k8s-io","watch-resourceclass-v1alpha2-resource-k8s-io","list-resourceclass-v1alpha2-resource-k8s-io","read-resourceclass-v1alpha2-resource-k8s-io","-strong-read-operations-resourceclass-v1alpha2-resource-k8s-io-strong-","delete-collection-resourceclass-v1alpha2-resource-k8s-io","delete-resourceclass-v1alpha2-resource-k8s-io","replace-resourceclass-v1alpha2-resource-k8s-io","patch-resourceclass-v1alpha2-resource-k8s-io","create-resourceclass-v1alpha2-resource-k8s-io","-strong-write-operations-resourceclass-v1alpha2-resource-k8s-io-strong-","resourceclass-v1alpha2-resource-k8s-io","watch-list-all-namespaces-resourceclaimtemplate-v1alpha2-resource-k8s-io","watch-list-resourceclaimtemplate-v1alpha2-resource-k8s-io","watch-resourceclaimtemplate-v1alpha2-resource-k8s-io","list-all-namespaces-resourceclaimtemplate-v1alpha2-resource-k8s-io","list-resourceclaimtemplate-v1alpha2-resource-k8s-io","read-resourceclaimtemplate-v1alpha2-resource-k8s-io","-strong-read-operations-resourceclaimtemplate-v1alpha2-resource-k8s-io-strong-","delete-collection-resourceclaimtemplate-v1alpha2-resource-k8s-io","delete-resourceclaimtemplate-v1alpha2-resource-k8s-io","replace-resourceclaimtemplate-v1alpha2-resource-k8s-io","patch-resourceclaimtemplate-v1alpha2-resource-k8s-io","create-resourceclaimtemplate-v1alpha2-resource-k8s-io","-strong-write-operations-resourceclaimtemplate-v1alpha2-resource-k8s-io-strong-","resourceclaimtemplate-v1alpha2-resource-k8s-io","replace-status-resourceclaim-v1alpha2-resource-k8s-io","read-status-resourceclaim-v1alpha2-resource-k8s-io","patch-status-resourceclaim-v1alpha2-resource-k8s-io","-strong-status-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","watch-list-all-namespaces-resourceclaim-v1alpha2-resource-k8s-io","watch-list-resourceclaim-v1alpha2-resource-k8s-io","watch-resourceclaim-v1alpha2-resource-k8s-io","list-all-namespaces-resourceclaim-v1alpha2-resource-k8s-io","list-resourceclaim-v1alpha2-resource-k8s-io","read-resourceclaim-v1alpha2-resource-k8s-io","-strong-read-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","delete-collection-resourceclaim-v1alpha2-resource-k8s-io","delete-resourceclaim-v1alpha2-resource-k8s-io","replace-resourceclaim-v1alpha2-resource-k8s-io","patch-resourceclaim-v1alpha2-resource-k8s-io","create-resourceclaim-v1alpha2-resource-k8s-io","-strong-write-operations-resourceclaim-v1alpha2-resource-k8s-io-strong-","resourceclaim-v1alpha2-resource-k8s-io","watch-list-priorityclass-v1-scheduling-k8s-io","watch-priorityclass-v1-scheduling-k8s-io","list-priorityclass-v1-scheduling-k8s-io","read-priorityclass-v1-scheduling-k8s-io","-strong-read-operations-priorityclass-v1-scheduling-k8s-io-strong-","delete-collection-priorityclass-v1-scheduling-k8s-io","delete-priorityclass-v1-scheduling-k8s-io","replace-priorityclass-v1-scheduling-k8s-io","patch-priorityclass-v1-scheduling-k8s-io","create-priorityclass-v1-scheduling-k8s-io","-strong-write-operations-priorityclass-v1-scheduling-k8s-io-strong-","priorityclass-v1-scheduling-k8s-io","replace-status-poddisruptionbudget-v1-policy","read-status-poddisruptionbudget-v1-policy","patch-status-poddisruptionbudget-v1-policy","-strong-status-operations-poddisruptionbudget-v1-policy-strong-","watch-list-all-namespaces-poddisruptionbudget-v1-policy","watch-list-poddisruptionbudget-v1-policy","watch-poddisruptionbudget-v1-policy","list-all-namespaces-poddisruptionbudget-v1-policy","list-poddisruptionbudget-v1-policy","read-poddisruptionbudget-v1-policy","-strong-read-operations-poddisruptionbudget-v1-policy-strong-","delete-collection-poddisruptionbudget-v1-policy","delete-poddisruptionbudget-v1-policy","replace-poddisruptionbudget-v1-policy","patch-poddisruptionbudget-v1-policy","create-poddisruptionbudget-v1-policy","-strong-write-operations-poddisruptionbudget-v1-policy-strong-","poddisruptionbudget-v1-policy","watch-list-all-namespaces-podtemplate-v1-core","watch-list-podtemplate-v1-core","watch-podtemplate-v1-core","list-all-namespaces-podtemplate-v1-core","list-podtemplate-v1-core","read-podtemplate-v1-core","-strong-read-operations-podtemplate-v1-core-strong-","delete-collection-podtemplate-v1-core","delete-podtemplate-v1-core","replace-podtemplate-v1-core","patch-podtemplate-v1-core","create-podtemplate-v1-core","-strong-write-operations-podtemplate-v1-core-strong-","podtemplate-v1-core","replace-status-podschedulingcontext-v1alpha2-resource-k8s-io","read-status-podschedulingcontext-v1alpha2-resource-k8s-io","patch-status-podschedulingcontext-v1alpha2-resource-k8s-io","-strong-status-operations-podschedulingcontext-v1alpha2-resource-k8s-io-strong-","watch-list-all-namespaces-podschedulingcontext-v1alpha2-resource-k8s-io","watch-list-podschedulingcontext-v1alpha2-resource-k8s-io","watch-podschedulingcontext-v1alpha2-resource-k8s-io","list-all-namespaces-podschedulingcontext-v1alpha2-resource-k8s-io","list-podschedulingcontext-v1alpha2-resource-k8s-io","read-podschedulingcontext-v1alpha2-resource-k8s-io","-strong-read-operations-podschedulingcontext-v1alpha2-resource-k8s-io-strong-","delete-collection-podschedulingcontext-v1alpha2-resource-k8s-io","delete-podschedulingcontext-v1alpha2-resource-k8s-io","replace-podschedulingcontext-v1alpha2-resource-k8s-io","patch-podschedulingcontext-v1alpha2-resource-k8s-io","create-podschedulingcontext-v1alpha2-resource-k8s-io","-strong-write-operations-podschedulingcontext-v1alpha2-resource-k8s-io-strong-","podschedulingcontext-v1alpha2-resource-k8s-io","watch-list-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","watch-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","list-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","read-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","-strong-read-operations-validatingwebhookconfiguration-v1-admissionregistration-k8s-io-strong-","delete-collection-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","delete-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","replace-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","patch-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","create-validatingwebhookconfiguration-v1-admissionregistration-k8s-io","-strong-write-operations-validatingwebhookconfiguration-v1-admissionregistration-k8s-io-strong-","validatingwebhookconfiguration-v1-admissionregistration-k8s-io","watch-list-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","watch-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","list-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","read-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","-strong-read-operations-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io-strong-","delete-collection-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","delete-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","replace-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","patch-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","create-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","-strong-write-operations-mutatingwebhookconfiguration-v1-admissionregistration-k8s-io-strong-","mutatingwebhookconfiguration-v1-admissionregistration-k8s-io","replace-status-horizontalpodautoscaler-v2-autoscaling","read-status-horizontalpodautoscaler-v2-autoscaling","patch-status-horizontalpodautoscaler-v2-autoscaling","-strong-status-operations-horizontalpodautoscaler-v2-autoscaling-strong-","watch-list-all-namespaces-horizontalpodautoscaler-v2-autoscaling","watch-list-horizontalpodautoscaler-v2-autoscaling","watch-horizontalpodautoscaler-v2-autoscaling","list-all-namespaces-horizontalpodautoscaler-v2-autoscaling","list-horizontalpodautoscaler-v2-autoscaling","read-horizontalpodautoscaler-v2-autoscaling","-strong-read-operations-horizontalpodautoscaler-v2-autoscaling-strong-","delete-collection-horizontalpodautoscaler-v2-autoscaling","delete-horizontalpodautoscaler-v2-autoscaling","replace-horizontalpodautoscaler-v2-autoscaling","patch-horizontalpodautoscaler-v2-autoscaling","create-horizontalpodautoscaler-v2-autoscaling","-strong-write-operations-horizontalpodautoscaler-v2-autoscaling-strong-","horizontalpodautoscaler-v2-autoscaling","watch-list-all-namespaces-limitrange-v1-core","watch-list-limitrange-v1-core","watch-limitrange-v1-core","list-all-namespaces-limitrange-v1-core","list-limitrange-v1-core","read-limitrange-v1-core","-strong-read-operations-limitrange-v1-core-strong-","delete-collection-limitrange-v1-core","delete-limitrange-v1-core","replace-limitrange-v1-core","patch-limitrange-v1-core","create-limitrange-v1-core","-strong-write-operations-limitrange-v1-core-strong-","limitrange-v1-core","watch-list-all-namespaces-event-v1-events-k8s-io","watch-list-event-v1-events-k8s-io","watch-event-v1-events-k8s-io","list-all-namespaces-event-v1-events-k8s-io","list-event-v1-events-k8s-io","read-event-v1-events-k8s-io","-strong-read-operations-event-v1-events-k8s-io-strong-","delete-collection-event-v1-events-k8s-io","delete-event-v1-events-k8s-io","replace-event-v1-events-k8s-io","patch-event-v1-events-k8s-io","create-event-v1-events-k8s-io","-strong-write-operations-event-v1-events-k8s-io-strong-","event-v1-events-k8s-io","replace-status-customresourcedefinition-v1-apiextensions-k8s-io","read-status-customresourcedefinition-v1-apiextensions-k8s-io","patch-status-customresourcedefinition-v1-apiextensions-k8s-io","-strong-status-operations-customresourcedefinition-v1-apiextensions-k8s-io-strong-","watch-list-customresourcedefinition-v1-apiextensions-k8s-io","watch-customresourcedefinition-v1-apiextensions-k8s-io","list-customresourcedefinition-v1-apiextensions-k8s-io","read-customresourcedefinition-v1-apiextensions-k8s-io","-strong-read-operations-customresourcedefinition-v1-apiextensions-k8s-io-strong-","delete-collection-customresourcedefinition-v1-apiextensions-k8s-io","delete-customresourcedefinition-v1-apiextensions-k8s-io","replace-customresourcedefinition-v1-apiextensions-k8s-io","patch-customresourcedefinition-v1-apiextensions-k8s-io","create-customresourcedefinition-v1-apiextensions-k8s-io","-strong-write-operations-customresourcedefinition-v1-apiextensions-k8s-io-strong-","customresourcedefinition-v1-apiextensions-k8s-io","watch-list-all-namespaces-controllerrevision-v1-apps","watch-list-controllerrevision-v1-apps","watch-controllerrevision-v1-apps","list-all-namespaces-controllerrevision-v1-apps","list-controllerrevision-v1-apps","read-controllerrevision-v1-apps","-strong-read-operations-controllerrevision-v1-apps-strong-","delete-collection-controllerrevision-v1-apps","delete-controllerrevision-v1-apps","replace-controllerrevision-v1-apps","patch-controllerrevision-v1-apps","create-controllerrevision-v1-apps","-strong-write-operations-controllerrevision-v1-apps-strong-","controllerrevision-v1-apps","watch-list-clustertrustbundle-v1alpha1-certificates-k8s-io","watch-clustertrustbundle-v1alpha1-certificates-k8s-io","list-clustertrustbundle-v1alpha1-certificates-k8s-io","read-clustertrustbundle-v1alpha1-certificates-k8s-io","-strong-read-operations-clustertrustbundle-v1alpha1-certificates-k8s-io-strong-","delete-collection-clustertrustbundle-v1alpha1-certificates-k8s-io","delete-clustertrustbundle-v1alpha1-certificates-k8s-io","replace-clustertrustbundle-v1alpha1-certificates-k8s-io","patch-clustertrustbundle-v1alpha1-certificates-k8s-io","create-clustertrustbundle-v1alpha1-certificates-k8s-io","-strong-write-operations-clustertrustbundle-v1alpha1-certificates-k8s-io-strong-","clustertrustbundle-v1alpha1-certificates-k8s-io","-strong-metadata-apis-strong-","replace-status-volumeattachment-v1-storage-k8s-io","read-status-volumeattachment-v1-storage-k8s-io","patch-status-volumeattachment-v1-storage-k8s-io","-strong-status-operations-volumeattachment-v1-storage-k8s-io-strong-","watch-list-volumeattachment-v1-storage-k8s-io","watch-volumeattachment-v1-storage-k8s-io","list-volumeattachment-v1-storage-k8s-io","read-volumeattachment-v1-storage-k8s-io","-strong-read-operations-volumeattachment-v1-storage-k8s-io-strong-","delete-collection-volumeattachment-v1-storage-k8s-io","delete-volumeattachment-v1-storage-k8s-io","replace-volumeattachment-v1-storage-k8s-io","patch-volumeattachment-v1-storage-k8s-io","create-volumeattachment-v1-storage-k8s-io","-strong-write-operations-volumeattachment-v1-storage-k8s-io-strong-","volumeattachment-v1-storage-k8s-io","volume-v1-core","watch-list-all-namespaces-csistoragecapacity-v1-storage-k8s-io","watch-list-csistoragecapacity-v1-storage-k8s-io","watch-csistoragecapacity-v1-storage-k8s-io","list-all-namespaces-csistoragecapacity-v1-storage-k8s-io","list-csistoragecapacity-v1-storage-k8s-io","read-csistoragecapacity-v1-storage-k8s-io","-strong-read-operations-csistoragecapacity-v1-storage-k8s-io-strong-","delete-collection-csistoragecapacity-v1-storage-k8s-io","delete-csistoragecapacity-v1-storage-k8s-io","replace-csistoragecapacity-v1-storage-k8s-io","patch-csistoragecapacity-v1-storage-k8s-io","create-csistoragecapacity-v1-storage-k8s-io","-strong-write-operations-csistoragecapacity-v1-storage-k8s-io-strong-","csistoragecapacity-v1-storage-k8s-io","watch-list-storageclass-v1-storage-k8s-io","watch-storageclass-v1-storage-k8s-io","list-storageclass-v1-storage-k8s-io","read-storageclass-v1-storage-k8s-io","-strong-read-operations-storageclass-v1-storage-k8s-io-strong-","delete-collection-storageclass-v1-storage-k8s-io","delete-storageclass-v1-storage-k8s-io","replace-storageclass-v1-storage-k8s-io","patch-storageclass-v1-storage-k8s-io","create-storageclass-v1-storage-k8s-io","-strong-write-operations-storageclass-v1-storage-k8s-io-strong-","storageclass-v1-storage-k8s-io","replace-status-persistentvolumeclaim-v1-core","read-status-persistentvolumeclaim-v1-core","patch-status-persistentvolumeclaim-v1-core","-strong-status-operations-persistentvolumeclaim-v1-core-strong-","watch-list-all-namespaces-persistentvolumeclaim-v1-core","watch-list-persistentvolumeclaim-v1-core","watch-persistentvolumeclaim-v1-core","list-all-namespaces-persistentvolumeclaim-v1-core","list-persistentvolumeclaim-v1-core","read-persistentvolumeclaim-v1-core","-strong-read-operations-persistentvolumeclaim-v1-core-strong-","delete-collection-persistentvolumeclaim-v1-core","delete-persistentvolumeclaim-v1-core","replace-persistentvolumeclaim-v1-core","patch-persistentvolumeclaim-v1-core","create-persistentvolumeclaim-v1-core","-strong-write-operations-persistentvolumeclaim-v1-core-strong-","persistentvolumeclaim-v1-core","watch-list-all-namespaces-secret-v1-core","watch-list-secret-v1-core","watch-secret-v1-core","list-all-namespaces-secret-v1-core","list-secret-v1-core","read-secret-v1-core","-strong-read-operations-secret-v1-core-strong-","delete-collection-secret-v1-core","delete-secret-v1-core","replace-secret-v1-core","patch-secret-v1-core","create-secret-v1-core","-strong-write-operations-secret-v1-core-strong-","secret-v1-core","watch-list-csinode-v1-storage-k8s-io","watch-csinode-v1-storage-k8s-io","list-csinode-v1-storage-k8s-io","read-csinode-v1-storage-k8s-io","-strong-read-operations-csinode-v1-storage-k8s-io-strong-","delete-collection-csinode-v1-storage-k8s-io","delete-csinode-v1-storage-k8s-io","replace-csinode-v1-storage-k8s-io","patch-csinode-v1-storage-k8s-io","create-csinode-v1-storage-k8s-io","-strong-write-operations-csinode-v1-storage-k8s-io-strong-","csinode-v1-storage-k8s-io","watch-list-csidriver-v1-storage-k8s-io","watch-csidriver-v1-storage-k8s-io","list-csidriver-v1-storage-k8s-io","read-csidriver-v1-storage-k8s-io","-strong-read-operations-csidriver-v1-storage-k8s-io-strong-","delete-collection-csidriver-v1-storage-k8s-io","delete-csidriver-v1-storage-k8s-io","replace-csidriver-v1-storage-k8s-io","patch-csidriver-v1-storage-k8s-io","create-csidriver-v1-storage-k8s-io","-strong-write-operations-csidriver-v1-storage-k8s-io-strong-","csidriver-v1-storage-k8s-io","watch-list-all-namespaces-configmap-v1-core","watch-list-configmap-v1-core","watch-configmap-v1-core","list-all-namespaces-configmap-v1-core","list-configmap-v1-core","read-configmap-v1-core","-strong-read-operations-configmap-v1-core-strong-","delete-collection-configmap-v1-core","delete-configmap-v1-core","replace-configmap-v1-core","patch-configmap-v1-core","create-configmap-v1-core","-strong-write-operations-configmap-v1-core-strong-","configmap-v1-core","-strong-config-and-storage-apis-strong-","replace-connect-proxy-path-service-v1-core","replace-connect-proxy-service-v1-core","head-connect-proxy-path-service-v1-core","head-connect-proxy-service-v1-core","get-connect-proxy-path-service-v1-core","get-connect-proxy-service-v1-core","delete-connect-proxy-path-service-v1-core","delete-connect-proxy-service-v1-core","create-connect-proxy-path-service-v1-core","create-connect-proxy-service-v1-core","-strong-proxy-operations-service-v1-core-strong-","replace-status-service-v1-core","read-status-service-v1-core","patch-status-service-v1-core","-strong-status-operations-service-v1-core-strong-","watch-list-all-namespaces-service-v1-core","watch-list-service-v1-core","watch-service-v1-core","list-all-namespaces-service-v1-core","list-service-v1-core","read-service-v1-core","-strong-read-operations-service-v1-core-strong-","delete-collection-service-v1-core","delete-service-v1-core","replace-service-v1-core","patch-service-v1-core","create-service-v1-core","-strong-write-operations-service-v1-core-strong-","service-v1-core","watch-list-ingressclass-v1-networking-k8s-io","watch-ingressclass-v1-networking-k8s-io","list-ingressclass-v1-networking-k8s-io","read-ingressclass-v1-networking-k8s-io","-strong-read-operations-ingressclass-v1-networking-k8s-io-strong-","delete-collection-ingressclass-v1-networking-k8s-io","delete-ingressclass-v1-networking-k8s-io","replace-ingressclass-v1-networking-k8s-io","patch-ingressclass-v1-networking-k8s-io","create-ingressclass-v1-networking-k8s-io","-strong-write-operations-ingressclass-v1-networking-k8s-io-strong-","ingressclass-v1-networking-k8s-io","replace-status-ingress-v1-networking-k8s-io","read-status-ingress-v1-networking-k8s-io","patch-status-ingress-v1-networking-k8s-io","-strong-status-operations-ingress-v1-networking-k8s-io-strong-","watch-list-all-namespaces-ingress-v1-networking-k8s-io","watch-list-ingress-v1-networking-k8s-io","watch-ingress-v1-networking-k8s-io","list-all-namespaces-ingress-v1-networking-k8s-io","list-ingress-v1-networking-k8s-io","read-ingress-v1-networking-k8s-io","-strong-read-operations-ingress-v1-networking-k8s-io-strong-","delete-collection-ingress-v1-networking-k8s-io","delete-ingress-v1-networking-k8s-io","replace-ingress-v1-networking-k8s-io","patch-ingress-v1-networking-k8s-io","create-ingress-v1-networking-k8s-io","-strong-write-operations-ingress-v1-networking-k8s-io-strong-","ingress-v1-networking-k8s-io","watch-list-clustercidr-v1alpha1-networking-k8s-io","watch-clustercidr-v1alpha1-networking-k8s-io","list-clustercidr-v1alpha1-networking-k8s-io","read-clustercidr-v1alpha1-networking-k8s-io","-strong-read-operations-clustercidr-v1alpha1-networking-k8s-io-strong-","delete-collection-clustercidr-v1alpha1-networking-k8s-io","delete-clustercidr-v1alpha1-networking-k8s-io","replace-clustercidr-v1alpha1-networking-k8s-io","patch-clustercidr-v1alpha1-networking-k8s-io","create-clustercidr-v1alpha1-networking-k8s-io","-strong-write-operations-clustercidr-v1alpha1-networking-k8s-io-strong-","clustercidr-v1alpha1-networking-k8s-io","watch-list-all-namespaces-endpointslice-v1-discovery-k8s-io","watch-list-endpointslice-v1-discovery-k8s-io","watch-endpointslice-v1-discovery-k8s-io","list-all-namespaces-endpointslice-v1-discovery-k8s-io","list-endpointslice-v1-discovery-k8s-io","read-endpointslice-v1-discovery-k8s-io","-strong-read-operations-endpointslice-v1-discovery-k8s-io-strong-","delete-collection-endpointslice-v1-discovery-k8s-io","delete-endpointslice-v1-discovery-k8s-io","replace-endpointslice-v1-discovery-k8s-io","patch-endpointslice-v1-discovery-k8s-io","create-endpointslice-v1-discovery-k8s-io","-strong-write-operations-endpointslice-v1-discovery-k8s-io-strong-","endpointslice-v1-discovery-k8s-io","watch-list-all-namespaces-endpoints-v1-core","watch-list-endpoints-v1-core","watch-endpoints-v1-core","list-all-namespaces-endpoints-v1-core","list-endpoints-v1-core","read-endpoints-v1-core","-strong-read-operations-endpoints-v1-core-strong-","delete-collection-endpoints-v1-core","delete-endpoints-v1-core","replace-endpoints-v1-core","patch-endpoints-v1-core","create-endpoints-v1-core","-strong-write-operations-endpoints-v1-core-strong-","endpoints-v1-core","-strong-service-apis-strong-","patch-scale-statefulset-v1-apps","replace-scale-statefulset-v1-apps","read-scale-statefulset-v1-apps","-strong-misc-operations-statefulset-v1-apps-strong-","replace-status-statefulset-v1-apps","read-status-statefulset-v1-apps","patch-status-statefulset-v1-apps","-strong-status-operations-statefulset-v1-apps-strong-","watch-list-all-namespaces-statefulset-v1-apps","watch-list-statefulset-v1-apps","watch-statefulset-v1-apps","list-all-namespaces-statefulset-v1-apps","list-statefulset-v1-apps","read-statefulset-v1-apps","-strong-read-operations-statefulset-v1-apps-strong-","delete-collection-statefulset-v1-apps","delete-statefulset-v1-apps","replace-statefulset-v1-apps","patch-statefulset-v1-apps","create-statefulset-v1-apps","-strong-write-operations-statefulset-v1-apps-strong-","statefulset-v1-apps","patch-scale-replicationcontroller-v1-core","replace-scale-replicationcontroller-v1-core","read-scale-replicationcontroller-v1-core","-strong-misc-operations-replicationcontroller-v1-core-strong-","replace-status-replicationcontroller-v1-core","read-status-replicationcontroller-v1-core","patch-status-replicationcontroller-v1-core","-strong-status-operations-replicationcontroller-v1-core-strong-","watch-list-all-namespaces-replicationcontroller-v1-core","watch-list-replicationcontroller-v1-core","watch-replicationcontroller-v1-core","list-all-namespaces-replicationcontroller-v1-core","list-replicationcontroller-v1-core","read-replicationcontroller-v1-core","-strong-read-operations-replicationcontroller-v1-core-strong-","delete-collection-replicationcontroller-v1-core","delete-replicationcontroller-v1-core","replace-replicationcontroller-v1-core","patch-replicationcontroller-v1-core","create-replicationcontroller-v1-core","-strong-write-operations-replicationcontroller-v1-core-strong-","replicationcontroller-v1-core","patch-scale-replicaset-v1-apps","replace-scale-replicaset-v1-apps","read-scale-replicaset-v1-apps","-strong-misc-operations-replicaset-v1-apps-strong-","replace-status-replicaset-v1-apps","read-status-replicaset-v1-apps","patch-status-replicaset-v1-apps","-strong-status-operations-replicaset-v1-apps-strong-","watch-list-all-namespaces-replicaset-v1-apps","watch-list-replicaset-v1-apps","watch-replicaset-v1-apps","list-all-namespaces-replicaset-v1-apps","list-replicaset-v1-apps","read-replicaset-v1-apps","-strong-read-operations-replicaset-v1-apps-strong-","delete-collection-replicaset-v1-apps","delete-replicaset-v1-apps","replace-replicaset-v1-apps","patch-replicaset-v1-apps","create-replicaset-v1-apps","-strong-write-operations-replicaset-v1-apps-strong-","replicaset-v1-apps","read-log-pod-v1-core","-strong-misc-operations-pod-v1-core-strong-","replace-connect-proxy-path-pod-v1-core","replace-connect-proxy-pod-v1-core","head-connect-proxy-path-pod-v1-core","head-connect-proxy-pod-v1-core","get-connect-proxy-path-pod-v1-core","get-connect-proxy-pod-v1-core","get-connect-portforward-pod-v1-core","delete-connect-proxy-path-pod-v1-core","delete-connect-proxy-pod-v1-core","create-connect-proxy-path-pod-v1-core","create-connect-proxy-pod-v1-core","create-connect-portforward-pod-v1-core","-strong-proxy-operations-pod-v1-core-strong-","replace-ephemeralcontainers-pod-v1-core","read-ephemeralcontainers-pod-v1-core","patch-ephemeralcontainers-pod-v1-core","-strong-ephemeralcontainers-operations-pod-v1-core-strong-","replace-status-pod-v1-core","read-status-pod-v1-core","patch-status-pod-v1-core","-strong-status-operations-pod-v1-core-strong-","watch-list-all-namespaces-pod-v1-core","watch-list-pod-v1-core","watch-pod-v1-core","list-all-namespaces-pod-v1-core","list-pod-v1-core","read-pod-v1-core","-strong-read-operations-pod-v1-core-strong-","delete-collection-pod-v1-core","delete-pod-v1-core","replace-pod-v1-core","patch-pod-v1-core","create-eviction-pod-v1-core","create-pod-v1-core","-strong-write-operations-pod-v1-core-strong-","pod-v1-core","replace-status-job-v1-batch","read-status-job-v1-batch","patch-status-job-v1-batch","-strong-status-operations-job-v1-batch-strong-","watch-list-all-namespaces-job-v1-batch","watch-list-job-v1-batch","watch-job-v1-batch","list-all-namespaces-job-v1-batch","list-job-v1-batch","read-job-v1-batch","-strong-read-operations-job-v1-batch-strong-","delete-collection-job-v1-batch","delete-job-v1-batch","replace-job-v1-batch","patch-job-v1-batch","create-job-v1-batch","-strong-write-operations-job-v1-batch-strong-","job-v1-batch","patch-scale-deployment-v1-apps","replace-scale-deployment-v1-apps","read-scale-deployment-v1-apps","-strong-misc-operations-deployment-v1-apps-strong-","replace-status-deployment-v1-apps","read-status-deployment-v1-apps","patch-status-deployment-v1-apps","-strong-status-operations-deployment-v1-apps-strong-","watch-list-all-namespaces-deployment-v1-apps","watch-list-deployment-v1-apps","watch-deployment-v1-apps","list-all-namespaces-deployment-v1-apps","list-deployment-v1-apps","read-deployment-v1-apps","-strong-read-operations-deployment-v1-apps-strong-","delete-collection-deployment-v1-apps","delete-deployment-v1-apps","replace-deployment-v1-apps","patch-deployment-v1-apps","create-deployment-v1-apps","-strong-write-operations-deployment-v1-apps-strong-","deployment-v1-apps","replace-status-daemonset-v1-apps","read-status-daemonset-v1-apps","patch-status-daemonset-v1-apps","-strong-status-operations-daemonset-v1-apps-strong-","watch-list-all-namespaces-daemonset-v1-apps","watch-list-daemonset-v1-apps","watch-daemonset-v1-apps","list-all-namespaces-daemonset-v1-apps","list-daemonset-v1-apps","read-daemonset-v1-apps","-strong-read-operations-daemonset-v1-apps-strong-","delete-collection-daemonset-v1-apps","delete-daemonset-v1-apps","replace-daemonset-v1-apps","patch-daemonset-v1-apps","create-daemonset-v1-apps","-strong-write-operations-daemonset-v1-apps-strong-","daemonset-v1-apps","replace-status-cronjob-v1-batch","read-status-cronjob-v1-batch","patch-status-cronjob-v1-batch","-strong-status-operations-cronjob-v1-batch-strong-","watch-list-all-namespaces-cronjob-v1-batch","watch-list-cronjob-v1-batch","watch-cronjob-v1-batch","list-all-namespaces-cronjob-v1-batch","list-cronjob-v1-batch","read-cronjob-v1-batch","-strong-read-operations-cronjob-v1-batch-strong-","delete-collection-cronjob-v1-batch","delete-cronjob-v1-batch","replace-cronjob-v1-batch","patch-cronjob-v1-batch","create-cronjob-v1-batch","-strong-write-operations-cronjob-v1-batch-strong-","cronjob-v1-batch","container-v1-core","-strong-workloads-apis-strong-","-strong-api-groups-strong-","-strong-api-overview-strong-"]};})();
\ No newline at end of file
diff --git a/static/images/announcements/kccnc-eu-2023-white.svg b/static/images/announcements/kccnc-eu-2023-white.svg
new file mode 100644
index 00000000000..69c664329bc
--- /dev/null
+++ b/static/images/announcements/kccnc-eu-2023-white.svg
@@ -0,0 +1 @@
+kccnc-eu-2023-logos-white.svg
\ No newline at end of file
diff --git a/static/images/blog/2023-04-11-kubernetes-1.27-blog/kubernetes-1.27.png b/static/images/blog/2023-04-11-kubernetes-1.27-blog/kubernetes-1.27.png
new file mode 100644
index 00000000000..cbfceda4b8b
Binary files /dev/null and b/static/images/blog/2023-04-11-kubernetes-1.27-blog/kubernetes-1.27.png differ
diff --git a/static/images/docs/scheduling-framework-extensions.png b/static/images/docs/scheduling-framework-extensions.png
index d27f89abc49..43fe0f233e1 100644
Binary files a/static/images/docs/scheduling-framework-extensions.png and b/static/images/docs/scheduling-framework-extensions.png differ