// A single application container that you want to run within a pod. // 要在 pod 中运行的单个应用程序容器。 type Container struct { // 指定为 DNS_LABEL 的容器的名称。 Name string `json:"name" protobuf:"bytes,1,opt,name=name"` // 镜像名称 Image string `json:"image,omitempty" protobuf:"bytes,2,opt,name=image"` // 命令 Command []string `json:"command,omitempty" protobuf:"bytes,3,rep,name=command"` // 参数 Args []string `json:"args,omitempty" protobuf:"bytes,4,rep,name=args"` // 工作日目录 WorkingDir string `json:"workingDir,omitempty" protobuf:"bytes,5,opt,name=workingDir"` // 端口号 Ports []ContainerPort `json:"ports,omitempty" patchStrategy:"merge" patchMergeKey:"containerPort" protobuf:"bytes,6,rep,name=ports"` // 环境变量 cofigmap 映射 EnvFrom []EnvFromSource `json:"envFrom,omitempty" protobuf:"bytes,19,rep,name=envFrom"` // 环境变量 Env []EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"` // 资源要求 Resources ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,8,opt,name=resources"` // 要挂载的逻辑卷 VolumeMounts []VolumeMount `json:"volumeMounts,omitempty" patchStrategy:"merge" patchMergeKey:"mountPath" protobuf:"bytes,9,rep,name=volumeMounts"` // 卷设备 VolumeDevices []VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"` // 存活探针 LivenessProbe *Probe `json:"livenessProbe,omitempty" protobuf:"bytes,10,opt,name=livenessProbe"` // 就绪探针 ReadinessProbe *Probe `json:"readinessProbe,omitempty" protobuf:"bytes,11,opt,name=readinessProbe"` // 启动探针 StartupProbe *Probe `json:"startupProbe,omitempty" protobuf:"bytes,22,opt,name=startupProbe"` // 生命周期 Lifecycle *Lifecycle `json:"lifecycle,omitempty" protobuf:"bytes,12,opt,name=lifecycle"` // 文件终止路径 TerminationMessagePath string `json:"terminationMessagePath,omitempty" protobuf:"bytes,13,opt,name=terminationMessagePath"` // 终止消息策略 TerminationMessagePolicy TerminationMessagePolicy `json:"terminationMessagePolicy,omitempty" protobuf:"bytes,20,opt,name=terminationMessagePolicy,casttype=TerminationMessagePolicy"` // 镜像拉取策略 ImagePullPolicy PullPolicy `json:"imagePullPolicy,omitempty" protobuf:"bytes,14,opt,name=imagePullPolicy,casttype=PullPolicy"` // 安全选项 SecurityContext *SecurityContext `json:"securityContext,omitempty" protobuf:"bytes,15,opt,name=securityContext"` // 交互式容器的变量,它们有非常特殊的用例(例如调试) Stdin bool `json:"stdin,omitempty" protobuf:"varint,16,opt,name=stdin"` // 容器运行时是否应该在 stdin 通道被打开后关闭它 StdinOnce bool `json:"stdinOnce,omitempty" protobuf:"varint,17,opt,name=stdinOnce"` // Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. // Default is false. // +optional TTY bool `json:"tty,omitempty" protobuf:"varint,18,opt,name=tty"` }
// PodSpec is a description of a pod. type PodSpec struct { // 逻辑卷 Volumes []Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"` // 初始化 容器 列表 InitContainers []Container `json:"initContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,20,rep,name=initContainers"` // 容器 列表 Containers []Container `json:"containers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=containers"` // 临时容器列表 EphemeralContainers []EphemeralContainer `json:"ephemeralContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,34,rep,name=ephemeralContainers"` // 所有 容器重启 策略 RestartPolicy RestartPolicy `json:"restartPolicy,omitempty" protobuf:"bytes,3,opt,name=restartPolicy,casttype=RestartPolicy"` // pod 终止时间 TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty" protobuf:"varint,4,opt,name=terminationGracePeriodSeconds"` // 可持续时间 ActiveDeadlineSeconds *int64 `json:"activeDeadlineSeconds,omitempty" protobuf:"varint,5,opt,name=activeDeadlineSeconds"` // pod DNS 策略 DNSPolicy DNSPolicy `json:"dnsPolicy,omitempty" protobuf:"bytes,6,opt,name=dnsPolicy,casttype=DNSPolicy"` // 节点 选择器 根据标签选择 NodeSelector map[string]string `json:"nodeSelector,omitempty" protobuf:"bytes,7,rep,name=nodeSelector"` // 服务账号名称 ServiceAccountName string `json:"serviceAccountName,omitempty" protobuf:"bytes,8,opt,name=serviceAccountName"` // 服务账号名称别名(弃用) DeprecatedServiceAccount string `json:"serviceAccount,omitempty" protobuf:"bytes,9,opt,name=serviceAccount"` // 自动挂载账号令牌 AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty" protobuf:"varint,21,opt,name=automountServiceAccountToken"` // 绑定节点的名称 NodeName string `json:"nodeName,omitempty" protobuf:"bytes,10,opt,name=nodeName"` // 主机网络命名空间 HostNetwork bool `json:"hostNetwork,omitempty" protobuf:"varint,11,opt,name=hostNetwork"` // 是否使用主机 pid 的 namespace HostPID bool `json:"hostPID,omitempty" protobuf:"varint,12,opt,name=hostPID"` // 是否使用主机的 ipc namespace。 HostIPC bool `json:"hostIPC,omitempty" protobuf:"varint,13,opt,name=hostIPC"` // 是否在 pod 中的所有容器之间共享一个进程命名空间。 ShareProcessNamespace *bool `json:"shareProcessNamespace,omitempty" protobuf:"varint,27,opt,name=shareProcessNamespace"` // SecurityContext 保存 pod 级别的安全属性和公共容器设置。 SecurityContext *PodSecurityContext `json:"securityContext,omitempty" protobuf:"bytes,14,opt,name=securityContext"` // ImagePullSecrets 是对同一命名空间中秘密的可选引用列表,用于拉取此 PodSpec 使用的任何图像。 ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,15,rep,name=imagePullSecrets"` // 指定 Pod 的主机名 Hostname string `json:"hostname,omitempty" protobuf:"bytes,16,opt,name=hostname"` // 如果指定,完全限定的 Pod 主机名将是“<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>”。 Subdomain string `json:"subdomain,omitempty" protobuf:"bytes,17,opt,name=subdomain"` // 亲和力限制 Affinity *Affinity `json:"affinity,omitempty" protobuf:"bytes,18,opt,name=affinity"` // 绑定调度程序名称 SchedulerName string `json:"schedulerName,omitempty" protobuf:"bytes,19,opt,name=schedulerName"` // pod 容忍度 Tolerations []Toleration `json:"tolerations,omitempty" protobuf:"bytes,22,opt,name=tolerations"` // HostAliases 是一个可选的主机和 IP 列表 HostAliases []HostAlias `json:"hostAliases,omitempty" patchStrategy:"merge" patchMergeKey:"ip" protobuf:"bytes,23,rep,name=hostAliases"` // pod 优先级 PriorityClassName string `json:"priorityClassName,omitempty" protobuf:"bytes,24,opt,name=priorityClassName"` // 优先级值 Priority *int32 `json:"priority,omitempty" protobuf:"bytes,25,opt,name=priority"` // 指定 pod 的 DNS 参数。 DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty" protobuf:"bytes,26,opt,name=dnsConfig"` // 对所有 pod 进行 就绪校验 ReadinessGates []PodReadinessGate `json:"readinessGates,omitempty" protobuf:"bytes,28,opt,name=readinessGates"` // RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an // empty definition that uses the default runtime handler. // More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class // This is a beta feature as of Kubernetes v1.14. // +optional RuntimeClassName *string `json:"runtimeClassName,omitempty" protobuf:"bytes,29,opt,name=runtimeClassName"` // EnableServiceLinks 指示有关服务的信息是否应注入 pod 的 EnableServiceLinks *bool `json:"enableServiceLinks,omitempty" protobuf:"varint,30,opt,name=enableServiceLinks"` // 抢占低优先级 Pod 的策略。 PreemptionPolicy *PreemptionPolicy `json:"preemptionPolicy,omitempty" protobuf:"bytes,31,opt,name=preemptionPolicy"` // Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. // This field will be autopopulated at admission time by the RuntimeClass admission controller. If // the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. // The RuntimeClass admission controller will reject Pod create requests which have the overhead already // set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value // defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. // More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md // This field is beta-level as of Kubernetes v1.18, and is only honored by servers that enable the PodOverhead feature. // +optional Overhead ResourceList `json:"overhead,omitempty" protobuf:"bytes,32,opt,name=overhead"` // TopologySpreadConstraints describes how a group of pods ought to spread across topology // domains. Scheduler will schedule pods in a way which abides by the constraints. // All topologySpreadConstraints are ANDed. // +optional // +patchMergeKey=topologyKey // +patchStrategy=merge // +listType=map // +listMapKey=topologyKey // +listMapKey=whenUnsatisfiable TopologySpreadConstraints []TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty" patchStrategy:"merge" patchMergeKey:"topologyKey" protobuf:"bytes,33,opt,name=topologySpreadConstraints"` // If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). // In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). // In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. // If a pod does not have FQDN, this has no effect. // Default to false. // +optional SetHostnameAsFQDN *bool `json:"setHostnameAsFQDN,omitempty" protobuf:"varint,35,opt,name=setHostnameAsFQDN"` // Specifies the OS of the containers in the pod. OS *PodOS `json:"os,omitempty" protobuf:"bytes,36,opt,name=os"` }