Roland.Ma
76
vendor/k8s.io/api/extensions/v1beta1/generated.proto
generated
vendored
76
vendor/k8s.io/api/extensions/v1beta1/generated.proto
generated
vendored
@@ -17,7 +17,7 @@ limitations under the License.
|
||||
|
||||
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
|
||||
|
||||
syntax = 'proto2';
|
||||
syntax = "proto2";
|
||||
|
||||
package k8s.io.api.extensions.v1beta1;
|
||||
|
||||
@@ -316,7 +316,7 @@ message DeploymentSpec {
|
||||
// The number of old ReplicaSets to retain to allow rollback.
|
||||
// This is a pointer to distinguish between explicit zero and not specified.
|
||||
// This is set to the max value of int32 (i.e. 2147483647) by default, which
|
||||
// means "retaining all old RelicaSets".
|
||||
// means "retaining all old ReplicaSets".
|
||||
// +optional
|
||||
optional int32 revisionHistoryLimit = 6;
|
||||
|
||||
@@ -745,13 +745,21 @@ message NetworkPolicyPort {
|
||||
// +optional
|
||||
optional string protocol = 1;
|
||||
|
||||
// If specified, the port on the given protocol. This can
|
||||
// either be a numerical or named port on a pod. If this field is not provided,
|
||||
// this matches all port names and numbers.
|
||||
// If present, only traffic on the specified protocol AND port
|
||||
// will be matched.
|
||||
// The port on the given protocol. This can either be a numerical or named
|
||||
// port on a pod. If this field is not provided, this matches all port names and
|
||||
// numbers.
|
||||
// If present, only traffic on the specified protocol AND port will be matched.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString port = 2;
|
||||
|
||||
// If set, indicates that the range of ports from port to endPort, inclusive,
|
||||
// should be allowed by the policy. This field cannot be defined if the port field
|
||||
// is not defined or if the port field is defined as a named (string) port.
|
||||
// The endPort must be equal or greater than port.
|
||||
// This feature is in Alpha state and should be enabled using the Feature Gate
|
||||
// "NetworkPolicyEndPort".
|
||||
// +optional
|
||||
optional int32 endPort = 3;
|
||||
}
|
||||
|
||||
// DEPRECATED 1.9 - This group version of NetworkPolicySpec is deprecated by networking/v1/NetworkPolicySpec.
|
||||
@@ -784,7 +792,7 @@ message NetworkPolicySpec {
|
||||
repeated NetworkPolicyEgressRule egress = 3;
|
||||
|
||||
// List of rule types that the NetworkPolicy relates to.
|
||||
// Valid options are "Ingress", "Egress", or "Ingress,Egress".
|
||||
// Valid options are ["Ingress"], ["Egress"], or ["Ingress", "Egress"].
|
||||
// If this field is not specified, it will default based on the existence of Ingress or Egress rules;
|
||||
// policies that contain an Egress section are assumed to affect Egress, and all policies
|
||||
// (whether or not they contain an Ingress section) are assumed to affect Ingress.
|
||||
@@ -848,7 +856,7 @@ message PodSecurityPolicySpec {
|
||||
// +optional
|
||||
repeated string allowedCapabilities = 4;
|
||||
|
||||
// volumes is a white list of allowed volume plugins. Empty indicates that
|
||||
// volumes is an allowlist of volume plugins. Empty indicates that
|
||||
// no volumes may be used. To allow all volumes you may use '*'.
|
||||
// +optional
|
||||
repeated string volumes = 5;
|
||||
@@ -905,18 +913,18 @@ message PodSecurityPolicySpec {
|
||||
// +optional
|
||||
optional bool allowPrivilegeEscalation = 16;
|
||||
|
||||
// allowedHostPaths is a white list of allowed host paths. Empty indicates
|
||||
// allowedHostPaths is an allowlist of host paths. Empty indicates
|
||||
// that all host paths may be used.
|
||||
// +optional
|
||||
repeated AllowedHostPath allowedHostPaths = 17;
|
||||
|
||||
// allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all
|
||||
// allowedFlexVolumes is an allowlist of Flexvolumes. Empty or nil indicates that all
|
||||
// Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes
|
||||
// is allowed in the "volumes" field.
|
||||
// +optional
|
||||
repeated AllowedFlexVolume allowedFlexVolumes = 18;
|
||||
|
||||
// AllowedCSIDrivers is a whitelist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
||||
// AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
||||
// An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
|
||||
// +optional
|
||||
repeated AllowedCSIDriver allowedCSIDrivers = 23;
|
||||
@@ -924,7 +932,7 @@ message PodSecurityPolicySpec {
|
||||
// allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
|
||||
// Each entry is either a plain sysctl name or ends in "*" in which case it is considered
|
||||
// as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
|
||||
// Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
|
||||
// Kubelet has to allowlist all unsafe sysctls explicitly to avoid rejection.
|
||||
//
|
||||
// Examples:
|
||||
// e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
|
||||
@@ -942,7 +950,7 @@ message PodSecurityPolicySpec {
|
||||
// +optional
|
||||
repeated string forbiddenSysctls = 20;
|
||||
|
||||
// AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
|
||||
// AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
|
||||
// Empty or nil indicates that only the DefaultProcMountType may be used.
|
||||
// This requires the ProcMountType feature flag to be enabled.
|
||||
// +optional
|
||||
@@ -1082,19 +1090,41 @@ message RollingUpdateDaemonSet {
|
||||
// The maximum number of DaemonSet pods that can be unavailable during the
|
||||
// update. Value can be an absolute number (ex: 5) or a percentage of total
|
||||
// number of DaemonSet pods at the start of the update (ex: 10%). Absolute
|
||||
// number is calculated from percentage by rounding up.
|
||||
// This cannot be 0.
|
||||
// number is calculated from percentage by rounding down to a minimum of one.
|
||||
// This cannot be 0 if MaxSurge is 0
|
||||
// Default value is 1.
|
||||
// Example: when this is set to 30%, at most 30% of the total number of nodes
|
||||
// that should be running the daemon pod (i.e. status.desiredNumberScheduled)
|
||||
// can have their pods stopped for an update at any given
|
||||
// time. The update starts by stopping at most 30% of those DaemonSet pods
|
||||
// and then brings up new DaemonSet pods in their place. Once the new pods
|
||||
// are available, it then proceeds onto other DaemonSet pods, thus ensuring
|
||||
// that at least 70% of original number of DaemonSet pods are available at
|
||||
// all times during the update.
|
||||
// can have their pods stopped for an update at any given time. The update
|
||||
// starts by stopping at most 30% of those DaemonSet pods and then brings
|
||||
// up new DaemonSet pods in their place. Once the new pods are available,
|
||||
// it then proceeds onto other DaemonSet pods, thus ensuring that at least
|
||||
// 70% of original number of DaemonSet pods are available at all times during
|
||||
// the update.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxUnavailable = 1;
|
||||
|
||||
// The maximum number of nodes with an existing available DaemonSet pod that
|
||||
// can have an updated DaemonSet pod during during an update.
|
||||
// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
|
||||
// This can not be 0 if MaxUnavailable is 0.
|
||||
// Absolute number is calculated from percentage by rounding up to a minimum of 1.
|
||||
// Default value is 0.
|
||||
// Example: when this is set to 30%, at most 30% of the total number of nodes
|
||||
// that should be running the daemon pod (i.e. status.desiredNumberScheduled)
|
||||
// can have their a new pod created before the old pod is marked as deleted.
|
||||
// The update starts by launching new pods on 30% of nodes. Once an updated
|
||||
// pod is available (Ready for at least minReadySeconds) the old DaemonSet pod
|
||||
// on that node is marked deleted. If the old pod becomes unavailable for any
|
||||
// reason (Ready transitions to false, is evicted, or is drained) an updated
|
||||
// pod is immediatedly created on that node without considering surge limits.
|
||||
// Allowing surge implies the possibility that the resources consumed by the
|
||||
// daemonset on any given node can double if the readiness check fails, and
|
||||
// so resource intensive daemonsets should take into account that they may
|
||||
// cause evictions during disruption.
|
||||
// This is an alpha field and requires enabling DaemonSetUpdateSurge feature gate.
|
||||
// +optional
|
||||
optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2;
|
||||
}
|
||||
|
||||
// Spec to control the desired behavior of rolling update.
|
||||
@@ -1154,7 +1184,7 @@ message RunAsUserStrategyOptions {
|
||||
// RuntimeClassStrategyOptions define the strategy that will dictate the allowable RuntimeClasses
|
||||
// for a pod.
|
||||
message RuntimeClassStrategyOptions {
|
||||
// allowedRuntimeClassNames is a whitelist of RuntimeClass names that may be specified on a pod.
|
||||
// allowedRuntimeClassNames is an allowlist of RuntimeClass names that may be specified on a pod.
|
||||
// A value of "*" means that any RuntimeClass name is allowed, and must be the only item in the
|
||||
// list. An empty list requires the RuntimeClassName field to be unset.
|
||||
repeated string allowedRuntimeClassNames = 1;
|
||||
|
||||
Reference in New Issue
Block a user