305 lines
15 KiB
YAML
305 lines
15 KiB
YAML
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.4.1
|
|
creationTimestamp: null
|
|
name: viziers.px.dev
|
|
spec:
|
|
group: px.dev
|
|
names:
|
|
kind: Vizier
|
|
listKind: VizierList
|
|
plural: viziers
|
|
singular: vizier
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Vizier is the Schema for the viziers API
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation
|
|
of an object. Servers should convert recognized schemas to the latest
|
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this
|
|
object represents. Servers may infer this from the endpoint the client
|
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: VizierSpec defines the desired state of Vizier
|
|
properties:
|
|
autopilot:
|
|
description: Autopilot should be set if running Pixie on GKE Autopilot.
|
|
type: boolean
|
|
clockConverter:
|
|
description: ClockConverter specifies which routine to use for converting
|
|
timestamps to a synced reference time.
|
|
enum:
|
|
- default
|
|
- grpc
|
|
type: string
|
|
cloudAddr:
|
|
description: CloudAddr is the address of the cloud instance that the
|
|
Vizier should be pointing to.
|
|
type: string
|
|
clusterName:
|
|
description: ClusterName is a name for the Vizier instance, usually
|
|
specifying which cluster the Vizier is deployed to. If not specified,
|
|
a random name will be generated.
|
|
type: string
|
|
customDeployKeySecret:
|
|
description: CustomDeployKeySecret is the name of the secret where
|
|
the deploy key is stored.
|
|
type: string
|
|
dataAccess:
|
|
description: DataAccess defines the level of data that may be accesssed
|
|
when executing a script on the cluster. If none specified, assumes
|
|
full data access.
|
|
enum:
|
|
- Full
|
|
- Restricted
|
|
type: string
|
|
dataCollectorParams:
|
|
description: DataCollectorParams specifies the set of params for configuring
|
|
the dataCollector. If no params are specified, defaults are used.
|
|
properties:
|
|
customPEMFlags:
|
|
additionalProperties:
|
|
type: string
|
|
description: This contains custom flags that should be passed
|
|
to the PEM via environment variables.
|
|
type: object
|
|
datastreamBufferSize:
|
|
description: DatastreamBufferSize is the data buffer size per
|
|
connection. Default size is 1 Mbyte. For high-throughput applications,
|
|
try increasing this number if experiencing data loss.
|
|
format: int32
|
|
type: integer
|
|
datastreamBufferSpikeSize:
|
|
description: DatastreamBufferSpikeSize is the maximum temporary
|
|
size of a data stream buffer before processing.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
deployKey:
|
|
description: DeployKey is the deploy key associated with the Vizier
|
|
instance. This is used to link the Vizier to a specific user/org.
|
|
This is required unless specifying a CustomDeployKeySecret.
|
|
type: string
|
|
devCloudNamespace:
|
|
description: 'DevCloudNamespace should be specified only for dev versions
|
|
of Pixie cloud which have no ingress to help redirect traffic to
|
|
the correct service. The DevCloudNamespace is the namespace that
|
|
the dev Pixie cloud is running on, for example: "plc-dev".'
|
|
type: string
|
|
disableAutoUpdate:
|
|
description: DisableAutoUpdate specifies whether auto update should
|
|
be enabled for the Vizier instance.
|
|
type: boolean
|
|
leadershipElectionParams:
|
|
description: LeadershipElectionParams specifies configurable values
|
|
for the K8s leaderships elections which Vizier uses manage pod leadership.
|
|
properties:
|
|
electionPeriodMs:
|
|
description: ElectionPeriodMs defines how frequently Vizier attempts
|
|
to run a K8s leader election, in milliseconds. The period also
|
|
determines how long Vizier waits for a leader election response
|
|
back from the K8s API. If the K8s API is slow to respond, consider
|
|
increasing this number.
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
patches:
|
|
additionalProperties:
|
|
type: string
|
|
description: Patches defines patches that should be applied to Vizier
|
|
resources. The key of the patch should be the name of the resource
|
|
that is patched. The value of the patch is the patch, encoded as
|
|
a string which follow the "strategic merge patch" rules for K8s.
|
|
type: object
|
|
pemMemoryLimit:
|
|
description: PemMemoryLimit is a memory limit applied specifically
|
|
to PEM pods.
|
|
type: string
|
|
pemMemoryRequest:
|
|
description: PemMemoryRequest is a memory request applied specifically
|
|
to PEM pods. It will automatically use the value of pemMemoryLimit
|
|
if not specified.
|
|
type: string
|
|
pod:
|
|
description: Pod defines the policy for creating Vizier pods.
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
description: Annotations specifies the annotations to attach to
|
|
pods the operator creates.
|
|
type: object
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
description: Labels specifies the labels to attach to pods the
|
|
operator creates.
|
|
type: object
|
|
nodeSelector:
|
|
additionalProperties:
|
|
type: string
|
|
description: 'NodeSelector is a selector which must be true for
|
|
the pod to fit on a node. Selector which must match a node''s
|
|
labels for the pod to be scheduled on that node. More info:
|
|
https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
|
|
This field cannot be updated once the cluster is created.'
|
|
type: object
|
|
resources:
|
|
description: Resources is the resource requirements for a container.
|
|
This field cannot be updated once the cluster is created.
|
|
properties:
|
|
claims:
|
|
description: "Claims lists the names of resources, defined
|
|
in spec.resourceClaims, that are used by this container.
|
|
\n This is an alpha field and requires enabling the DynamicResourceAllocation
|
|
feature gate. \n This field is immutable."
|
|
items:
|
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
|
properties:
|
|
name:
|
|
description: Name must match the name of one entry in
|
|
pod.spec.resourceClaims of the Pod where this field
|
|
is used. It makes that resource available inside a
|
|
container.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
x-kubernetes-list-map-keys:
|
|
- name
|
|
x-kubernetes-list-type: map
|
|
limits:
|
|
additionalProperties:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
x-kubernetes-int-or-string: true
|
|
description: 'Limits describes the maximum amount of compute
|
|
resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
type: object
|
|
requests:
|
|
additionalProperties:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
x-kubernetes-int-or-string: true
|
|
description: 'Requests describes the minimum amount of compute
|
|
resources required. If Requests is omitted for a container,
|
|
it defaults to Limits if that is explicitly specified, otherwise
|
|
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
type: object
|
|
type: object
|
|
securityContext:
|
|
description: The securityContext which should be set on non-privileged
|
|
pods. All pods which require privileged permissions will still
|
|
require a privileged securityContext.
|
|
properties:
|
|
enabled:
|
|
description: Whether a securityContext should be set on the
|
|
pod. In cases where no PSPs are applied to the cluster,
|
|
this is not necessary.
|
|
type: boolean
|
|
fsGroup:
|
|
description: A special supplemental group that applies to
|
|
all containers in a pod.
|
|
format: int64
|
|
type: integer
|
|
runAsGroup:
|
|
description: The GID to run the entrypoint of the container
|
|
process.
|
|
format: int64
|
|
type: integer
|
|
runAsUser:
|
|
description: The UID to run the entrypoint of the container
|
|
process.
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
registry:
|
|
description: 'Registry specifies the image registry to use rather
|
|
than Pixie''s default registry (gcr.io). We expect any forward slashes
|
|
in Pixie''s image paths are replaced with a "-". For example: "gcr.io/pixie-oss/pixie-dev/vizier/metadata_server_image:latest"
|
|
should be pushed to "$registry/gcr.io-pixie-oss-pixie-dev-vizier-metadata_server_image:latest".'
|
|
type: string
|
|
useEtcdOperator:
|
|
description: UseEtcdOperator specifies whether the metadata service
|
|
should use etcd for storage.
|
|
type: boolean
|
|
version:
|
|
description: Version is the desired version of the Vizier instance.
|
|
type: string
|
|
type: object
|
|
status:
|
|
description: VizierStatus defines the observed state of Vizier
|
|
properties:
|
|
checksum:
|
|
description: A checksum of the last reconciled Vizier spec. If this
|
|
checksum does not match the checksum of the current vizier spec,
|
|
reconciliation should be performed.
|
|
format: byte
|
|
type: string
|
|
lastReconciliationPhaseTime:
|
|
description: LastReconciliationPhaseTime is the last time that the
|
|
ReconciliationPhase changed.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: Message is a human-readable message with details about
|
|
why the Vizier is in this condition.
|
|
type: string
|
|
operatorVersion:
|
|
description: OperatorVersion is the actual version of the Operator
|
|
instance.
|
|
type: string
|
|
reconciliationPhase:
|
|
description: ReconciliationPhase describes the state the Reconciler
|
|
is in for this Vizier. See the documentation above the ReconciliationPhase
|
|
type for more information.
|
|
type: string
|
|
sentryDSN:
|
|
description: SentryDSN is key for Viziers that is used to send errors
|
|
and stacktraces to Sentry.
|
|
type: string
|
|
version:
|
|
description: Version is the actual version of the Vizier instance.
|
|
type: string
|
|
vizierPhase:
|
|
description: VizierPhase is a high-level summary of where the Vizier
|
|
is in its lifecycle.
|
|
type: string
|
|
vizierReason:
|
|
description: VizierReason is a short, machine understandable string
|
|
that gives the reason for the transition into the Vizier's current
|
|
status.
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
status:
|
|
acceptedNames:
|
|
kind: ""
|
|
plural: ""
|
|
conditions: []
|
|
storedVersions: []
|