Packages:
Package v1beta1 is a version of the API.
Resource Types:- BackupBucket
- BackupEntry
- CloudProfile
- ControllerDeployment
- ControllerInstallation
- ControllerRegistration
- Plant
- Project
- Quota
- SecretBinding
- Seed
- Shoot
BackupBucket holds details about backup bucket
| Field | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||||||
kindstring |
BackupBucket |
||||||||
metadataKubernetes meta/v1.ObjectMeta |
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||
specBackupBucketSpec |
Specification of the Backup Bucket.
|
||||||||
statusBackupBucketStatus |
Most recently observed status of the Backup Bucket. |
BackupEntry holds details about shoot backup.
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||
kindstring |
BackupEntry |
||||
metadataKubernetes meta/v1.ObjectMeta |
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||
specBackupEntrySpec |
(Optional)
Spec contains the specification of the Backup Entry.
|
||||
statusBackupEntryStatus |
(Optional)
Status contains the most recently observed status of the Backup Entry. |
CloudProfile represents certain properties about a provider environment.
| Field | Description | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||||||||||||||||
kindstring |
CloudProfile |
||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
(Optional)
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||||||||
specCloudProfileSpec |
(Optional)
Spec defines the provider environment properties.
|
ControllerDeployment contains information about how this controller is deployed.
| Field | Description |
|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
kindstring |
ControllerDeployment |
metadataKubernetes meta/v1.ObjectMeta |
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
typestring |
Type is the deployment type. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
ProviderConfig contains type-specific configuration. It contains assets that deploy the controller. |
ControllerInstallation represents an installation request for an external controller.
| Field | Description | ||||||
|---|---|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||||
kindstring |
ControllerInstallation |
||||||
metadataKubernetes meta/v1.ObjectMeta |
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||
specControllerInstallationSpec |
Spec contains the specification of this installation. If the object’s deletion timestamp is set, this field is immutable.
|
||||||
statusControllerInstallationStatus |
Status contains the status of this installation. |
ControllerRegistration represents a registration of an external controller.
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||
kindstring |
ControllerRegistration |
||||
metadataKubernetes meta/v1.ObjectMeta |
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||
specControllerRegistrationSpec |
Spec contains the specification of this registration. If the object’s deletion timestamp is set, this field is immutable.
|
Plant represents an external kubernetes cluster.
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||
kindstring |
Plant |
||||
metadataKubernetes meta/v1.ObjectMeta |
(Optional)
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||
specPlantSpec |
Spec contains the specification of this Plant. If the object’s deletion timestamp is set, this field is immutable.
|
||||
statusPlantStatus |
Status contains the status of this Plant. |
Project holds certain properties about a Gardener project.
| Field | Description | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||||||||||||
kindstring |
Project |
||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
(Optional)
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||||
specProjectSpec |
(Optional)
Spec defines the project properties.
|
||||||||||||||
statusProjectStatus |
(Optional)
Most recently observed status of the Project. |
Quota represents a quota on resources consumed by shoot clusters either per project or per provider secret.
| Field | Description | ||||||
|---|---|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||||
kindstring |
Quota |
||||||
metadataKubernetes meta/v1.ObjectMeta |
(Optional)
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||
specQuotaSpec |
(Optional)
Spec defines the Quota constraints.
|
SecretBinding represents a binding to a secret in the same or another namespace.
| Field | Description |
|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
kindstring |
SecretBinding |
metadataKubernetes meta/v1.ObjectMeta |
(Optional)
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
secretRefKubernetes core/v1.SecretReference |
SecretRef is a reference to a secret object in the same or another namespace. This field is immutable. |
quotas[]Kubernetes core/v1.ObjectReference |
(Optional)
Quotas is a list of references to Quota objects in the same or another namespace. This field is immutable. |
providerSecretBindingProvider |
(Optional)
Provider defines the provider type of the SecretBinding. This field is immutable when the SecretBindingProviderValidation feature gate is enabled. |
Seed represents an installation request for an external controller.
| Field | Description | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||||||||||||||||
kindstring |
Seed |
||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||||||||
specSeedSpec |
Spec contains the specification of this installation.
|
||||||||||||||||||
statusSeedStatus |
Status contains the status of this installation. |
Shoot represents a Shoot cluster created and managed by Gardener.
| Field | Description | ||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
core.gardener.cloud/v1beta1
|
||||||||||||||||||||||||||||||||||||||
kindstring |
Shoot |
||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
(Optional)
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||||||||||||||||||||||||||||
specShootSpec |
(Optional)
Specification of the Shoot cluster. If the object’s deletion timestamp is set, this field is immutable.
|
||||||||||||||||||||||||||||||||||||||
statusShootStatus |
(Optional)
Most recently observed status of the Shoot cluster. |
(Appears on: KubernetesDashboard, NginxIngress)
Addon allows enabling or disabling a specific addon and is used to derive from.
| Field | Description |
|---|---|
enabledbool |
Enabled indicates whether the addon is enabled or not. |
(Appears on: ShootSpec)
Addons is a collection of configuration for specific addons which are managed by the Gardener.
| Field | Description |
|---|---|
kubernetesDashboardKubernetesDashboard |
(Optional)
KubernetesDashboard holds configuration settings for the kubernetes dashboard addon. |
nginxIngressNginxIngress |
(Optional)
NginxIngress holds configuration settings for the nginx-ingress addon. |
(Appears on: KubeAPIServerConfig)
AdmissionPlugin contains information about a specific admission plugin and its corresponding configuration.
| Field | Description |
|---|---|
namestring |
Name is the name of the plugin. |
configk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
Config is the configuration of the plugin. |
(Appears on: Monitoring)
Alerting contains information about how alerting will be done (i.e. who will receive alerts and how).
| Field | Description |
|---|---|
emailReceivers[]string |
(Optional)
MonitoringEmailReceivers is a list of recipients for alerts |
(Appears on: KubeAPIServerConfig)
AuditConfig contains settings for audit of the api server
| Field | Description |
|---|---|
auditPolicyAuditPolicy |
(Optional)
AuditPolicy contains configuration settings for audit policy of the kube-apiserver. |
(Appears on: AuditConfig)
AuditPolicy contains audit policy for kube-apiserver
| Field | Description |
|---|---|
configMapRefKubernetes core/v1.ObjectReference |
(Optional)
ConfigMapRef is a reference to a ConfigMap object in the same namespace, which contains the audit policy for the kube-apiserver. |
(Appears on: Region)
AvailabilityZone is an availability zone.
| Field | Description |
|---|---|
namestring |
Name is an an availability zone name. |
unavailableMachineTypes[]string |
(Optional)
UnavailableMachineTypes is a list of machine type names that are not availability in this zone. |
unavailableVolumeTypes[]string |
(Optional)
UnavailableVolumeTypes is a list of volume type names that are not availability in this zone. |
(Appears on: BackupBucketSpec)
BackupBucketProvider holds the details of cloud provider of the object store.
| Field | Description |
|---|---|
typestring |
Type is the type of provider. |
regionstring |
Region is the region of the bucket. |
(Appears on: BackupBucket)
BackupBucketSpec is the specification of a Backup Bucket.
| Field | Description |
|---|---|
providerBackupBucketProvider |
Provider holds the details of cloud provider of the object store. This field is immutable. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig is the configuration passed to BackupBucket resource. |
secretRefKubernetes core/v1.SecretReference |
SecretRef is a reference to a secret that contains the credentials to access object store. |
seedNamestring |
(Optional)
SeedName holds the name of the seed allocated to BackupBucket for running controller. This field is immutable. |
(Appears on: BackupBucket)
BackupBucketStatus holds the most recently observed status of the Backup Bucket.
| Field | Description |
|---|---|
providerStatusk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderStatus is the configuration passed to BackupBucket resource. |
lastOperationLastOperation |
(Optional)
LastOperation holds information about the last operation on the BackupBucket. |
lastErrorLastError |
(Optional)
LastError holds information about the last occurred error during an operation. |
observedGenerationint64 |
(Optional)
ObservedGeneration is the most recent generation observed for this BackupBucket. It corresponds to the BackupBucket’s generation, which is updated on mutation by the API Server. |
generatedSecretRefKubernetes core/v1.SecretReference |
(Optional)
GeneratedSecretRef is reference to the secret generated by backup bucket, which will have object store specific credentials. |
(Appears on: BackupEntry)
BackupEntrySpec is the specification of a Backup Entry.
| Field | Description |
|---|---|
bucketNamestring |
BucketName is the name of backup bucket for this Backup Entry. |
seedNamestring |
(Optional)
SeedName holds the name of the seed to which this BackupEntry is scheduled |
(Appears on: BackupEntry)
BackupEntryStatus holds the most recently observed status of the Backup Entry.
| Field | Description |
|---|---|
lastOperationLastOperation |
(Optional)
LastOperation holds information about the last operation on the BackupEntry. |
lastErrorLastError |
(Optional)
LastError holds information about the last occurred error during an operation. |
observedGenerationint64 |
(Optional)
ObservedGeneration is the most recent generation observed for this BackupEntry. It corresponds to the BackupEntry’s generation, which is updated on mutation by the API Server. |
seedNamestring |
(Optional)
SeedName is the name of the seed to which this BackupEntry is currently scheduled. This field is populated at the beginning of a create/reconcile operation. It is used when moving the BackupEntry between seeds. |
migrationStartTimeKubernetes meta/v1.Time |
(Optional)
MigrationStartTime is the time when a migration to a different seed was initiated. |
(Appears on: MachineImageVersion, Worker)
CRI contains information about the Container Runtimes.
| Field | Description |
|---|---|
nameCRIName |
The name of the CRI library. Supported values are |
containerRuntimes[]ContainerRuntime |
(Optional)
ContainerRuntimes is the list of the required container runtimes supported for a worker pool. |
(Appears on: CRI)
CRIName is a type alias for the CRI name string.
(Appears on: ClusterInfo)
CloudInfo contains information about the cloud
| Field | Description |
|---|---|
typestring |
Type is the cloud type |
regionstring |
Region is the cloud region |
(Appears on: CloudProfile)
CloudProfileSpec is the specification of a CloudProfile. It must contain exactly one of its defined keys.
| Field | Description |
|---|---|
caBundlestring |
(Optional)
CABundle is a certificate bundle which will be installed onto every host machine of shoot cluster targeting this profile. |
kubernetesKubernetesSettings |
Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification. |
machineImages[]MachineImage |
MachineImages contains constraints regarding allowed values for machine images in the Shoot specification. |
machineTypes[]MachineType |
MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig contains provider-specific configuration for the profile. |
regions[]Region |
Regions contains constraints regarding allowed values for regions and zones. |
seedSelectorSeedSelector |
(Optional)
SeedSelector contains an optional list of labels on |
typestring |
Type is the name of the provider. |
volumeTypes[]VolumeType |
(Optional)
VolumeTypes contains constraints regarding allowed values for volume types in the ‘workers’ block in the Shoot specification. |
(Appears on: Kubernetes)
ClusterAutoscaler contains the configuration flags for the Kubernetes cluster autoscaler.
| Field | Description |
|---|---|
scaleDownDelayAfterAddKubernetes meta/v1.Duration |
(Optional)
ScaleDownDelayAfterAdd defines how long after scale up that scale down evaluation resumes (default: 1 hour). |
scaleDownDelayAfterDeleteKubernetes meta/v1.Duration |
(Optional)
ScaleDownDelayAfterDelete how long after node deletion that scale down evaluation resumes, defaults to scanInterval (default: 0 secs). |
scaleDownDelayAfterFailureKubernetes meta/v1.Duration |
(Optional)
ScaleDownDelayAfterFailure how long after scale down failure that scale down evaluation resumes (default: 3 mins). |
scaleDownUnneededTimeKubernetes meta/v1.Duration |
(Optional)
ScaleDownUnneededTime defines how long a node should be unneeded before it is eligible for scale down (default: 30 mins). |
scaleDownUtilizationThresholdfloat64 |
(Optional)
ScaleDownUtilizationThreshold defines the threshold in fraction (0.0 - 1.0) under which a node is being removed (default: 0.5). |
scanIntervalKubernetes meta/v1.Duration |
(Optional)
ScanInterval how often cluster is reevaluated for scale up or down (default: 10 secs). |
expanderExpanderMode |
(Optional)
Expander defines the algorithm to use during scale up (default: least-waste). See: https://github.com/gardener/autoscaler/blob/machine-controller-manager-provider/cluster-autoscaler/FAQ.md#what-are-expanders. |
maxNodeProvisionTimeKubernetes meta/v1.Duration |
(Optional)
MaxNodeProvisionTime defines how long CA waits for node to be provisioned (default: 20 mins). |
maxGracefulTerminationSecondsint32 |
(Optional)
MaxGracefulTerminationSeconds is the number of seconds CA waits for pod termination when trying to scale down a node (default: 600). |
ignoreTaints[]string |
(Optional)
IgnoreTaints specifies a list of taint keys to ignore in node templates when considering to scale a node group. |
(Appears on: PlantStatus)
ClusterInfo contains information about the Plant cluster
| Field | Description |
|---|---|
cloudCloudInfo |
Cloud describes the cloud information |
kubernetesKubernetesInfo |
Kubernetes describes kubernetes meta information (e.g., version) |
(Appears on: ControllerInstallationStatus, PlantStatus, SeedStatus, ShootStatus)
Condition holds the information about the state of a resource.
| Field | Description |
|---|---|
typeConditionType |
Type of the condition. |
statusConditionStatus |
Status of the condition, one of True, False, Unknown. |
lastTransitionTimeKubernetes meta/v1.Time |
Last time the condition transitioned from one status to another. |
lastUpdateTimeKubernetes meta/v1.Time |
Last time the condition was updated. |
reasonstring |
The reason for the condition’s last transition. |
messagestring |
A human readable message indicating details about the transition. |
codes[]ErrorCode |
(Optional)
Well-defined error codes in case the condition reports a problem. |
(Appears on: Condition)
ConditionStatus is the status of a condition.
(Appears on: Condition)
ConditionType is a string alias.
(Appears on: CRI)
ContainerRuntime contains information about worker’s available container runtime
| Field | Description |
|---|---|
typestring |
Type is the type of the Container Runtime. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig is the configuration passed to container runtime resource. |
(Appears on: ControllerRegistrationDeployment)
ControllerDeploymentPolicy is a string alias.
(Appears on: ControllerInstallation)
ControllerInstallationSpec is the specification of a ControllerInstallation.
| Field | Description |
|---|---|
registrationRefKubernetes core/v1.ObjectReference |
RegistrationRef is used to reference a ControllerRegistration resource. The name field of the RegistrationRef is immutable. |
seedRefKubernetes core/v1.ObjectReference |
SeedRef is used to reference a Seed resource. The name field of the SeedRef is immutable. |
deploymentRefKubernetes core/v1.ObjectReference |
(Optional)
DeploymentRef is used to reference a ControllerDeployment resource. |
(Appears on: ControllerInstallation)
ControllerInstallationStatus is the status of a ControllerInstallation.
| Field | Description |
|---|---|
conditions[]Condition |
(Optional)
Conditions represents the latest available observations of a ControllerInstallations’s current state. |
providerStatusk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderStatus contains type-specific status. |
(Appears on: ControllerRegistrationSpec)
ControllerRegistrationDeployment contains information for how this controller is deployed.
| Field | Description |
|---|---|
policyControllerDeploymentPolicy |
(Optional)
Policy controls how the controller is deployed. It defaults to ‘OnDemand’. |
seedSelectorKubernetes meta/v1.LabelSelector |
(Optional)
SeedSelector contains an optional label selector for seeds. Only if the labels match then this controller will be considered for a deployment. An empty list means that all seeds are selected. |
deploymentRefs[]DeploymentRef |
(Optional)
DeploymentRefs holds references to |
(Appears on: ControllerRegistration)
ControllerRegistrationSpec is the specification of a ControllerRegistration.
| Field | Description |
|---|---|
resources[]ControllerResource |
(Optional)
Resources is a list of combinations of kinds (DNSProvider, Infrastructure, Generic, …) and their actual types (aws-route53, gcp, auditlog, …). |
deploymentControllerRegistrationDeployment |
(Optional)
Deployment contains information for how this controller is deployed. |
(Appears on: ControllerRegistrationSpec)
ControllerResource is a combination of a kind (DNSProvider, Infrastructure, Generic, …) and the actual type for this kind (aws-route53, gcp, auditlog, …).
| Field | Description |
|---|---|
kindstring |
Kind is the resource kind, for example “OperatingSystemConfig”. |
typestring |
Type is the resource type, for example “coreos” or “ubuntu”. |
globallyEnabledbool |
(Optional)
GloballyEnabled determines if this ControllerResource is required by all Shoot clusters. |
reconcileTimeoutKubernetes meta/v1.Duration |
(Optional)
ReconcileTimeout defines how long Gardener should wait for the resource reconciliation. |
primarybool |
(Optional)
Primary determines if the controller backed by this ControllerRegistration is responsible for the extension resource’s lifecycle. This field defaults to true. There must be exactly one primary controller for this kind/type combination. This field is immutable. |
(Appears on: SystemComponents)
CoreDNS contains the settings of the Core DNS components running in the data plane of the Shoot cluster.
| Field | Description |
|---|---|
autoscalingCoreDNSAutoscaling |
Autoscaling contains the settings related to autoscaling of the Core DNS components running in the data plane of the Shoot cluster. |
(Appears on: CoreDNS)
CoreDNSAutoscaling contains the settings related to autoscaling of the Core DNS components running in the data plane of the Shoot cluster.
| Field | Description |
|---|---|
modeCoreDNSAutoscalingMode |
The mode of the autoscaling to be used for the Core DNS components running in the data plane of the Shoot cluster.
Supported values are |
(Appears on: CoreDNSAutoscaling)
CoreDNSAutoscalingMode is a type alias for the Core DNS autoscaling mode string.
(Appears on: ShootSpec)
DNS holds information about the provider, the hosted zone id and the domain.
| Field | Description |
|---|---|
domainstring |
(Optional)
Domain is the external available domain of the Shoot cluster. This domain will be written into the kubeconfig that is handed out to end-users. This field is immutable. |
providers[]DNSProvider |
(Optional)
Providers is a list of DNS providers that shall be enabled for this shoot cluster. Only relevant if not a default domain is used. |
(Appears on: DNSProvider, SeedDNSProvider)
DNSIncludeExclude contains information about which domains shall be included/excluded.
| Field | Description |
|---|---|
include[]string |
(Optional)
Include is a list of domains that shall be included. |
exclude[]string |
(Optional)
Exclude is a list of domains that shall be excluded. |
(Appears on: DNS)
DNSProvider contains information about a DNS provider.
| Field | Description |
|---|---|
domainsDNSIncludeExclude |
(Optional)
Domains contains information about which domains shall be included/excluded for this provider. |
primarybool |
(Optional)
Primary indicates that this DNSProvider is used for shoot related domains. |
secretNamestring |
(Optional)
SecretName is a name of a secret containing credentials for the stated domain and the provider. When not specified, the Gardener will use the cloud provider credentials referenced by the Shoot and try to find respective credentials there (primary provider only). Specifying this field may override this behavior, i.e. forcing the Gardener to only look into the given secret. |
typestring |
(Optional)
Type is the DNS provider type. |
zonesDNSIncludeExclude |
(Optional)
Zones contains information about which hosted zones shall be included/excluded for this provider. |
(Appears on: Worker)
DataVolume contains information about a data volume.
| Field | Description |
|---|---|
namestring |
Name of the volume to make it referencable. |
typestring |
(Optional)
Type is the type of the volume. |
sizestring |
VolumeSize is the size of the volume. |
encryptedbool |
(Optional)
Encrypted determines if the volume should be encrypted. |
(Appears on: ControllerRegistrationDeployment)
DeploymentRef contains information about ControllerDeployment references.
| Field | Description |
|---|---|
namestring |
Name is the name of the |
(Appears on: PlantSpec)
Endpoint is an endpoint for monitoring, logging and other services around the plant.
| Field | Description |
|---|---|
namestring |
Name is the name of the endpoint |
urlstring |
URL is the url of the endpoint |
purposestring |
Purpose is the purpose of the endpoint |
(Appears on: Condition, LastError)
ErrorCode is a string alias.
(Appears on: ClusterAutoscaler)
ExpanderMode is type used for Expander values
(Appears on: KubernetesSettings, MachineImageVersion)
ExpirableVersion contains a version and an expiration date.
| Field | Description |
|---|---|
versionstring |
Version is the version identifier. |
expirationDateKubernetes meta/v1.Time |
(Optional)
ExpirationDate defines the time at which this version expires. |
classificationVersionClassification |
(Optional)
Classification defines the state of a version (preview, supported, deprecated) |
(Appears on: ShootSpec)
Extension contains type and provider information for Shoot extensions.
| Field | Description |
|---|---|
typestring |
Type is the type of the extension resource. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig is the configuration passed to extension resource. |
disabledbool |
(Optional)
Disabled allows to disable extensions that were marked as ‘globally enabled’ by Gardener administrators. |
(Appears on: SeedStatus, ShootStatus)
Gardener holds the information about the Gardener version that operated a resource.
| Field | Description |
|---|---|
idstring |
ID is the Docker container id of the Gardener which last acted on a resource. |
namestring |
Name is the hostname (pod name) of the Gardener which last acted on a resource. |
versionstring |
Version is the version of the Gardener which last acted on a resource. |
(Appears on: ShootSpec)
Hibernation contains information whether the Shoot is suspended or not.
| Field | Description |
|---|---|
enabledbool |
(Optional)
Enabled specifies whether the Shoot needs to be hibernated or not. If it is true, the Shoot’s desired state is to be hibernated. If it is false or nil, the Shoot’s desired state is to be awakened. |
schedules[]HibernationSchedule |
(Optional)
Schedules determine the hibernation schedules. |
(Appears on: Hibernation)
HibernationSchedule determines the hibernation schedule of a Shoot. A Shoot will be regularly hibernated at each start time and will be woken up at each end time. Start or End can be omitted, though at least one of each has to be specified.
| Field | Description |
|---|---|
startstring |
(Optional)
Start is a Cron spec at which time a Shoot will be hibernated. |
endstring |
(Optional)
End is a Cron spec at which time a Shoot will be woken up. |
locationstring |
(Optional)
Location is the time location in which both start and and shall be evaluated. |
(Appears on: KubeControllerManagerConfig)
HorizontalPodAutoscalerConfig contains horizontal pod autoscaler configuration settings for the kube-controller-manager. Note: Descriptions were taken from the Kubernetes documentation.
| Field | Description |
|---|---|
cpuInitializationPeriodKubernetes meta/v1.Duration |
(Optional)
The period after which a ready pod transition is considered to be the first. |
downscaleStabilizationKubernetes meta/v1.Duration |
(Optional)
The configurable window at which the controller will choose the highest recommendation for autoscaling. |
initialReadinessDelayKubernetes meta/v1.Duration |
(Optional)
The configurable period at which the horizontal pod autoscaler considers a Pod “not yet ready” given that it’s unready and it has transitioned to unready during that time. |
syncPeriodKubernetes meta/v1.Duration |
(Optional)
The period for syncing the number of pods in horizontal pod autoscaler. |
tolerancefloat64 |
(Optional)
The minimum change (from 1.0) in the desired-to-actual metrics ratio for the horizontal pod autoscaler to consider scaling. |
(Appears on: SeedSpec)
Ingress configures the Ingress specific settings of the Seed cluster
| Field | Description |
|---|---|
domainstring |
Domain specifies the IngressDomain of the Seed cluster pointing to the ingress controller endpoint. It will be used to construct ingress URLs for system applications running in Shoot clusters. Once set this field is immutable. |
controllerIngressController |
Controller configures a Gardener managed Ingress Controller listening on the ingressDomain |
(Appears on: Ingress)
IngressController enables a Gardener managed Ingress Controller listening on the ingressDomain
| Field | Description |
|---|---|
kindstring |
Kind defines which kind of IngressController to use, for example |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig specifies infrastructure specific configuration for the ingressController |
(Appears on: Kubernetes)
KubeAPIServerConfig contains configuration settings for the kube-apiserver.
| Field | Description |
|---|---|
KubernetesConfigKubernetesConfig |
(Members of |
admissionPlugins[]AdmissionPlugin |
(Optional)
AdmissionPlugins contains the list of user-defined admission plugins (additional to those managed by Gardener), and, if desired, the corresponding configuration. |
apiAudiences[]string |
(Optional)
APIAudiences are the identifiers of the API. The service account token authenticator will validate that tokens used against the API are bound to at least one of these audiences. Defaults to [“kubernetes”]. |
auditConfigAuditConfig |
(Optional)
AuditConfig contains configuration settings for the audit of the kube-apiserver. |
enableBasicAuthenticationbool |
(Optional)
EnableBasicAuthentication defines whether basic authentication should be enabled for this cluster or not. |
oidcConfigOIDCConfig |
(Optional)
OIDCConfig contains configuration settings for the OIDC provider. |
runtimeConfigmap[string]bool |
(Optional)
RuntimeConfig contains information about enabled or disabled APIs. |
serviceAccountConfigServiceAccountConfig |
(Optional)
ServiceAccountConfig contains configuration settings for the service account handling of the kube-apiserver. |
watchCacheSizesWatchCacheSizes |
(Optional)
WatchCacheSizes contains configuration of the API server’s watch cache sizes.
Configuring these flags might be useful for large-scale Shoot clusters with a lot of parallel update requests
and a lot of watching controllers (e.g. large shooted Seed clusters). When the API server’s watch cache’s
capacity is too small to cope with the amount of update requests and watchers for a particular resource, it
might happen that controller watches are permanently stopped with |
requestsKubeAPIServerRequests |
(Optional)
Requests contains configuration for request-specific settings for the kube-apiserver. |
enableAnonymousAuthenticationbool |
(Optional)
EnableAnonymousAuthentication defines whether anonymous requests to the secure port
of the API server should be allowed (flag |
eventTTLKubernetes meta/v1.Duration |
(Optional)
EventTTL controls the amount of time to retain events. Defaults to 1h. |
(Appears on: KubeAPIServerConfig)
KubeAPIServerRequests contains configuration for request-specific settings for the kube-apiserver.
| Field | Description |
|---|---|
maxNonMutatingInflightint32 |
(Optional)
MaxNonMutatingInflight is the maximum number of non-mutating requests in flight at a given time. When the server exceeds this, it rejects requests. |
maxMutatingInflightint32 |
(Optional)
MaxMutatingInflight is the maximum number of mutating requests in flight at a given time. When the server exceeds this, it rejects requests. |
(Appears on: Kubernetes)
KubeControllerManagerConfig contains configuration settings for the kube-controller-manager.
| Field | Description |
|---|---|
KubernetesConfigKubernetesConfig |
(Members of |
horizontalPodAutoscalerHorizontalPodAutoscalerConfig |
(Optional)
HorizontalPodAutoscalerConfig contains horizontal pod autoscaler configuration settings for the kube-controller-manager. |
nodeCIDRMaskSizeint32 |
(Optional)
NodeCIDRMaskSize defines the mask size for node cidr in cluster (default is 24). This field is immutable. |
podEvictionTimeoutKubernetes meta/v1.Duration |
(Optional)
PodEvictionTimeout defines the grace period for deleting pods on failed nodes. Defaults to 2m. |
nodeMonitorGracePeriodKubernetes meta/v1.Duration |
(Optional)
NodeMonitorGracePeriod defines the grace period before an unresponsive node is marked unhealthy. |
(Appears on: Kubernetes)
KubeProxyConfig contains configuration settings for the kube-proxy.
| Field | Description |
|---|---|
KubernetesConfigKubernetesConfig |
(Members of |
modeProxyMode |
(Optional)
Mode specifies which proxy mode to use. defaults to IPTables. |
enabledbool |
(Optional)
Enabled indicates whether kube-proxy should be deployed or not. Depending on the networking extensions switching kube-proxy off might be rejected. Consulting the respective documentation of the used networking extension is recommended before using this field. defaults to true if not specified. |
(Appears on: Kubernetes)
KubeSchedulerConfig contains configuration settings for the kube-scheduler.
| Field | Description |
|---|---|
KubernetesConfigKubernetesConfig |
(Members of |
kubeMaxPDVolsstring |
(Optional)
KubeMaxPDVols allows to configure the |
(Appears on: Kubernetes, WorkerKubernetes)
KubeletConfig contains configuration settings for the kubelet.
| Field | Description |
|---|---|
KubernetesConfigKubernetesConfig |
(Members of |
cpuCFSQuotabool |
(Optional)
CPUCFSQuota allows you to disable/enable CPU throttling for Pods. |
cpuManagerPolicystring |
(Optional)
CPUManagerPolicy allows to set alternative CPU management policies (default: none). |
evictionHardKubeletConfigEviction |
(Optional)
EvictionHard describes a set of eviction thresholds (e.g. memory.available<1Gi) that if met would trigger a Pod eviction. Default: memory.available: “100Mi/1Gi/5%” nodefs.available: “5%” nodefs.inodesFree: “5%” imagefs.available: “5%” imagefs.inodesFree: “5%” |
evictionMaxPodGracePeriodint32 |
(Optional)
EvictionMaxPodGracePeriod describes the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. Default: 90 |
evictionMinimumReclaimKubeletConfigEvictionMinimumReclaim |
(Optional)
EvictionMinimumReclaim configures the amount of resources below the configured eviction threshold that the kubelet attempts to reclaim whenever the kubelet observes resource pressure. Default: 0 for each resource |
evictionPressureTransitionPeriodKubernetes meta/v1.Duration |
(Optional)
EvictionPressureTransitionPeriod is the duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. Default: 4m0s |
evictionSoftKubeletConfigEviction |
(Optional)
EvictionSoft describes a set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a Pod eviction. Default: memory.available: “200Mi/1.5Gi/10%” nodefs.available: “10%” nodefs.inodesFree: “10%” imagefs.available: “10%” imagefs.inodesFree: “10%” |
evictionSoftGracePeriodKubeletConfigEvictionSoftGracePeriod |
(Optional)
EvictionSoftGracePeriod describes a set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a Pod eviction. Default: memory.available: 1m30s nodefs.available: 1m30s nodefs.inodesFree: 1m30s imagefs.available: 1m30s imagefs.inodesFree: 1m30s |
maxPodsint32 |
(Optional)
MaxPods is the maximum number of Pods that are allowed by the Kubelet. Default: 110 |
podPidsLimitint64 |
(Optional)
PodPIDsLimit is the maximum number of process IDs per pod allowed by the kubelet. |
imagePullProgressDeadlineKubernetes meta/v1.Duration |
(Optional)
ImagePullProgressDeadline describes the time limit under which if no pulling progress is made, the image pulling will be cancelled. Default: 1m |
failSwapOnbool |
(Optional)
FailSwapOn makes the Kubelet fail to start if swap is enabled on the node. (default true). |
kubeReservedKubeletConfigReserved |
(Optional)
KubeReserved is the configuration for resources reserved for kubernetes node components (mainly kubelet and container runtime). When updating these values, be aware that cgroup resizes may not succeed on active worker nodes. Look for the NodeAllocatableEnforced event to determine if the configuration was applied. Default: cpu=80m,memory=1Gi,pid=20k |
systemReservedKubeletConfigReserved |
(Optional)
SystemReserved is the configuration for resources reserved for system processes not managed by kubernetes (e.g. journald). When updating these values, be aware that cgroup resizes may not succeed on active worker nodes. Look for the NodeAllocatableEnforced event to determine if the configuration was applied. |
imageGCHighThresholdPercentint32 |
(Optional)
ImageGCHighThresholdPercent describes the percent of the disk usage which triggers image garbage collection. Default: 50 |
imageGCLowThresholdPercentint32 |
(Optional)
ImageGCLowThresholdPercent describes the percent of the disk to which garbage collection attempts to free. Default: 40 |
serializeImagePullsbool |
(Optional)
SerializeImagePulls describes whether the images are pulled one at a time. Default: true |
(Appears on: KubeletConfig)
KubeletConfigEviction contains kubelet eviction thresholds supporting either a resource.Quantity or a percentage based value.
| Field | Description |
|---|---|
memoryAvailablestring |
(Optional)
MemoryAvailable is the threshold for the free memory on the host server. |
imageFSAvailablestring |
(Optional)
ImageFSAvailable is the threshold for the free disk space in the imagefs filesystem (docker images and container writable layers). |
imageFSInodesFreestring |
(Optional)
ImageFSInodesFree is the threshold for the available inodes in the imagefs filesystem. |
nodeFSAvailablestring |
(Optional)
NodeFSAvailable is the threshold for the free disk space in the nodefs filesystem (docker volumes, logs, etc). |
nodeFSInodesFreestring |
(Optional)
NodeFSInodesFree is the threshold for the available inodes in the nodefs filesystem. |
(Appears on: KubeletConfig)
KubeletConfigEvictionMinimumReclaim contains configuration for the kubelet eviction minimum reclaim.
| Field | Description |
|---|---|
memoryAvailablek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
MemoryAvailable is the threshold for the memory reclaim on the host server. |
imageFSAvailablek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
ImageFSAvailable is the threshold for the disk space reclaim in the imagefs filesystem (docker images and container writable layers). |
imageFSInodesFreek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
ImageFSInodesFree is the threshold for the inodes reclaim in the imagefs filesystem. |
nodeFSAvailablek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
NodeFSAvailable is the threshold for the disk space reclaim in the nodefs filesystem (docker volumes, logs, etc). |
nodeFSInodesFreek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
NodeFSInodesFree is the threshold for the inodes reclaim in the nodefs filesystem. |
(Appears on: KubeletConfig)
KubeletConfigEvictionSoftGracePeriod contains grace periods for kubelet eviction thresholds.
| Field | Description |
|---|---|
memoryAvailableKubernetes meta/v1.Duration |
(Optional)
MemoryAvailable is the grace period for the MemoryAvailable eviction threshold. |
imageFSAvailableKubernetes meta/v1.Duration |
(Optional)
ImageFSAvailable is the grace period for the ImageFSAvailable eviction threshold. |
imageFSInodesFreeKubernetes meta/v1.Duration |
(Optional)
ImageFSInodesFree is the grace period for the ImageFSInodesFree eviction threshold. |
nodeFSAvailableKubernetes meta/v1.Duration |
(Optional)
NodeFSAvailable is the grace period for the NodeFSAvailable eviction threshold. |
nodeFSInodesFreeKubernetes meta/v1.Duration |
(Optional)
NodeFSInodesFree is the grace period for the NodeFSInodesFree eviction threshold. |
(Appears on: KubeletConfig)
KubeletConfigReserved contains reserved resources for daemons
| Field | Description |
|---|---|
cpuk8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
CPU is the reserved cpu. |
memoryk8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
Memory is the reserved memory. |
ephemeralStoragek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
EphemeralStorage is the reserved ephemeral-storage. |
pidk8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
PID is the reserved process-ids. |
(Appears on: ShootSpec)
Kubernetes contains the version and configuration variables for the Shoot control plane.
| Field | Description |
|---|---|
allowPrivilegedContainersbool |
(Optional)
AllowPrivilegedContainers indicates whether privileged containers are allowed in the Shoot (default: true). |
clusterAutoscalerClusterAutoscaler |
(Optional)
ClusterAutoscaler contains the configuration flags for the Kubernetes cluster autoscaler. |
kubeAPIServerKubeAPIServerConfig |
(Optional)
KubeAPIServer contains configuration settings for the kube-apiserver. |
kubeControllerManagerKubeControllerManagerConfig |
(Optional)
KubeControllerManager contains configuration settings for the kube-controller-manager. |
kubeSchedulerKubeSchedulerConfig |
(Optional)
KubeScheduler contains configuration settings for the kube-scheduler. |
kubeProxyKubeProxyConfig |
(Optional)
KubeProxy contains configuration settings for the kube-proxy. |
kubeletKubeletConfig |
(Optional)
Kubelet contains configuration settings for the kubelet. |
versionstring |
Version is the semantic Kubernetes version to use for the Shoot cluster. |
verticalPodAutoscalerVerticalPodAutoscaler |
(Optional)
VerticalPodAutoscaler contains the configuration flags for the Kubernetes vertical pod autoscaler. |
enableStaticTokenKubeconfigbool |
(Optional)
EnableStaticTokenKubeconfig indicates whether static token kubeconfig secret should be present in garden cluster (default: true). |
(Appears on: KubeAPIServerConfig, KubeControllerManagerConfig, KubeProxyConfig, KubeSchedulerConfig, KubeletConfig)
KubernetesConfig contains common configuration fields for the control plane components.
| Field | Description |
|---|---|
featureGatesmap[string]bool |
(Optional)
FeatureGates contains information about enabled feature gates. |
(Appears on: Addons)
KubernetesDashboard describes configuration values for the kubernetes-dashboard addon.
| Field | Description |
|---|---|
AddonAddon |
(Members of |
authenticationModestring |
(Optional)
AuthenticationMode defines the authentication mode for the kubernetes-dashboard. |
(Appears on: ClusterInfo)
KubernetesInfo contains the version and configuration variables for the Plant cluster.
| Field | Description |
|---|---|
versionstring |
Version is the semantic Kubernetes version to use for the Plant cluster. |
(Appears on: CloudProfileSpec)
KubernetesSettings contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.
| Field | Description |
|---|---|
versions[]ExpirableVersion |
(Optional)
Versions is the list of allowed Kubernetes versions with optional expiration dates for Shoot clusters. |
(Appears on: BackupBucketStatus, BackupEntryStatus, ShootStatus)
LastError indicates the last occurred error for an operation on a resource.
| Field | Description |
|---|---|
descriptionstring |
A human readable message indicating details about the last error. |
taskIDstring |
(Optional)
ID of the task which caused this last error |
codes[]ErrorCode |
(Optional)
Well-defined error codes of the last error(s). |
lastUpdateTimeKubernetes meta/v1.Time |
(Optional)
Last time the error was reported |
(Appears on: BackupBucketStatus, BackupEntryStatus, ShootStatus)
LastOperation indicates the type and the state of the last operation, along with a description message and a progress indicator.
| Field | Description |
|---|---|
descriptionstring |
A human readable message indicating details about the last operation. |
lastUpdateTimeKubernetes meta/v1.Time |
Last time the operation state transitioned from one to another. |
progressint32 |
The progress in percentage (0-100) of the last operation. |
stateLastOperationState |
Status of the last operation, one of Aborted, Processing, Succeeded, Error, Failed. |
typeLastOperationType |
Type of the last operation, one of Create, Reconcile, Delete. |
(Appears on: LastOperation)
LastOperationState is a string alias.
(Appears on: LastOperation)
LastOperationType is a string alias.
(Appears on: Worker)
Machine contains information about the machine type and image.
| Field | Description |
|---|---|
typestring |
Type is the machine type of the worker group. |
imageShootMachineImage |
(Optional)
Image holds information about the machine image to use for all nodes of this pool. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided. |
(Appears on: Worker)
MachineControllerManagerSettings contains configurations for different worker-pools. Eg. MachineDrainTimeout, MachineHealthTimeout.
| Field | Description |
|---|---|
machineDrainTimeoutKubernetes meta/v1.Duration |
(Optional)
MachineDrainTimeout is the period after which machine is forcefully deleted. |
machineHealthTimeoutKubernetes meta/v1.Duration |
(Optional)
MachineHealthTimeout is the period after which machine is declared failed. |
machineCreationTimeoutKubernetes meta/v1.Duration |
(Optional)
MachineCreationTimeout is the period after which creation of the machine is declared failed. |
maxEvictRetriesint32 |
(Optional)
MaxEvictRetries are the number of eviction retries on a pod after which drain is declared failed, and forceful deletion is triggered. |
nodeConditions[]string |
(Optional)
NodeConditions are the set of conditions if set to true for the period of MachineHealthTimeout, machine will be declared failed. |
(Appears on: CloudProfileSpec)
MachineImage defines the name and multiple versions of the machine image in any environment.
| Field | Description |
|---|---|
namestring |
Name is the name of the image. |
versions[]MachineImageVersion |
Versions contains versions, expiration dates and container runtimes of the machine image |
(Appears on: MachineImage)
MachineImageVersion is an expirable version with list of supported container runtimes and interfaces
| Field | Description |
|---|---|
ExpirableVersionExpirableVersion |
(Members of |
cri[]CRI |
(Optional)
CRI list of supported container runtime and interfaces supported by this version |
(Appears on: CloudProfileSpec)
MachineType contains certain properties of a machine type.
| Field | Description |
|---|---|
cpuk8s.io/apimachinery/pkg/api/resource.Quantity |
CPU is the number of CPUs for this machine type. |
gpuk8s.io/apimachinery/pkg/api/resource.Quantity |
GPU is the number of GPUs for this machine type. |
memoryk8s.io/apimachinery/pkg/api/resource.Quantity |
Memory is the amount of memory for this machine type. |
namestring |
Name is the name of the machine type. |
storageMachineTypeStorage |
(Optional)
Storage is the amount of storage associated with the root volume of this machine type. |
usablebool |
(Optional)
Usable defines if the machine type can be used for shoot clusters. |
(Appears on: MachineType)
MachineTypeStorage is the amount of storage associated with the root volume of this machine type.
| Field | Description |
|---|---|
classstring |
Class is the class of the storage type. |
sizek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
StorageSize is the storage size. |
typestring |
Type is the type of the storage. |
minSizek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
MinSize is the minimal supported storage size.
This overrides any other common minimum size configuration from |
(Appears on: ShootSpec)
Maintenance contains information about the time window for maintenance operations and which operations should be performed.
| Field | Description |
|---|---|
autoUpdateMaintenanceAutoUpdate |
(Optional)
AutoUpdate contains information about which constraints should be automatically updated. |
timeWindowMaintenanceTimeWindow |
(Optional)
TimeWindow contains information about the time window for maintenance operations. |
confineSpecUpdateRolloutbool |
(Optional)
ConfineSpecUpdateRollout prevents that changes/updates to the shoot specification will be rolled out immediately. Instead, they are rolled out during the shoot’s maintenance time window. There is one exception that will trigger an immediate roll out which is changes to the Spec.Hibernation.Enabled field. |
(Appears on: Maintenance)
MaintenanceAutoUpdate contains information about which constraints should be automatically updated.
| Field | Description |
|---|---|
kubernetesVersionbool |
KubernetesVersion indicates whether the patch Kubernetes version may be automatically updated (default: true). |
machineImageVersionbool |
MachineImageVersion indicates whether the machine image version may be automatically updated (default: true). |
(Appears on: Maintenance)
MaintenanceTimeWindow contains information about the time window for maintenance operations.
| Field | Description |
|---|---|
beginstring |
Begin is the beginning of the time window in the format HHMMSS+ZONE, e.g. “220000+0100”. If not present, a random value will be computed. |
endstring |
End is the end of the time window in the format HHMMSS+ZONE, e.g. “220000+0100”. If not present, the value will be computed based on the “Begin” value. |
(Appears on: ShootSpec)
Monitoring contains information about the monitoring configuration for the shoot.
| Field | Description |
|---|---|
alertingAlerting |
(Optional)
Alerting contains information about the alerting configuration for the shoot cluster. |
(Appears on: ShootSpec)
NamedResourceReference is a named reference to a resource.
| Field | Description |
|---|---|
namestring |
Name of the resource reference. |
resourceRefKubernetes autoscaling/v1.CrossVersionObjectReference |
ResourceRef is a reference to a resource. |
(Appears on: ShootSpec)
Networking defines networking parameters for the shoot cluster.
| Field | Description |
|---|---|
typestring |
Type identifies the type of the networking plugin. This field is immutable. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig is the configuration passed to network resource. |
podsstring |
(Optional)
Pods is the CIDR of the pod network. This field is immutable. |
nodesstring |
(Optional)
Nodes is the CIDR of the entire node network. This field is immutable. |
servicesstring |
(Optional)
Services is the CIDR of the service network. This field is immutable. |
(Appears on: Addons)
NginxIngress describes configuration values for the nginx-ingress addon.
| Field | Description |
|---|---|
AddonAddon |
(Members of |
loadBalancerSourceRanges[]string |
(Optional)
LoadBalancerSourceRanges is list of allowed IP sources for NginxIngress |
configmap[string]string |
(Optional)
Config contains custom configuration for the nginx-ingress-controller configuration. See https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/configmap.md#configuration-options |
externalTrafficPolicyKubernetes core/v1.ServiceExternalTrafficPolicyType |
(Optional)
ExternalTrafficPolicy controls the |
(Appears on: KubeAPIServerConfig)
OIDCConfig contains configuration settings for the OIDC provider. Note: Descriptions were taken from the Kubernetes documentation.
| Field | Description |
|---|---|
caBundlestring |
(Optional)
If set, the OpenID server’s certificate will be verified by one of the authorities in the oidc-ca-file, otherwise the host’s root CA set will be used. |
clientAuthenticationOpenIDConnectClientAuthentication |
(Optional)
ClientAuthentication can optionally contain client configuration used for kubeconfig generation. |
clientIDstring |
(Optional)
The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set. |
groupsClaimstring |
(Optional)
If provided, the name of a custom OpenID Connect claim for specifying user groups. The claim value is expected to be a string or array of strings. This flag is experimental, please see the authentication documentation for further details. |
groupsPrefixstring |
(Optional)
If provided, all groups will be prefixed with this value to prevent conflicts with other authentication strategies. |
issuerURLstring |
(Optional)
The URL of the OpenID issuer, only HTTPS scheme will be accepted. If set, it will be used to verify the OIDC JSON Web Token (JWT). |
requiredClaimsmap[string]string |
(Optional)
key=value pairs that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value. |
signingAlgs[]string |
(Optional)
List of allowed JOSE asymmetric signing algorithms. JWTs with a ‘alg’ header value not in this list will be rejected. Values are defined by RFC 7518 https://tools.ietf.org/html/rfc7518#section-3.1 |
usernameClaimstring |
(Optional)
The OpenID claim to use as the user name. Note that claims other than the default (‘sub’) is not guaranteed to be unique and immutable. This flag is experimental, please see the authentication documentation for further details. (default “sub”) |
usernamePrefixstring |
(Optional)
If provided, all usernames will be prefixed with this value. If not provided, username claims other than ‘email’ are prefixed by the issuer URL to avoid clashes. To skip any prefixing, provide the value ‘-’. |
(Appears on: OIDCConfig)
OpenIDConnectClientAuthentication contains configuration for OIDC clients.
| Field | Description |
|---|---|
extraConfigmap[string]string |
(Optional)
Extra configuration added to kubeconfig’s auth-provider. Must not be any of idp-issuer-url, client-id, client-secret, idp-certificate-authority, idp-certificate-authority-data, id-token or refresh-token |
secretstring |
(Optional)
The client Secret for the OpenID Connect client. |
(Appears on: Plant)
PlantSpec is the specification of a Plant.
| Field | Description |
|---|---|
secretRefKubernetes core/v1.LocalObjectReference |
SecretRef is a reference to a Secret object containing the Kubeconfig of the external kubernetes clusters to be added to Gardener. |
endpoints[]Endpoint |
(Optional)
Endpoints is the configuration plant endpoints |
(Appears on: Plant)
PlantStatus is the status of a Plant.
| Field | Description |
|---|---|
conditions[]Condition |
(Optional)
Conditions represents the latest available observations of a Plant’s current state. |
observedGenerationint64 |
(Optional)
ObservedGeneration is the most recent generation observed for this Plant. It corresponds to the Plant’s generation, which is updated on mutation by the API Server. |
clusterInfoClusterInfo |
ClusterInfo is additional computed information about the newly added cluster (Plant) |
(Appears on: ProjectSpec)
ProjectMember is a member of a project.
| Field | Description |
|---|---|
SubjectKubernetes rbac/v1.Subject |
(Members of Subject is representing a user name, an email address, or any other identifier of a user, group, or service account that has a certain role. |
rolestring |
Role represents the role of this member.
IMPORTANT: Be aware that this field will be removed in the |
roles[]string |
(Optional)
Roles represents the list of roles of this member. |
(Appears on: ProjectStatus)
ProjectPhase is a label for the condition of a project at the current time.
(Appears on: Project)
ProjectSpec is the specification of a Project.
| Field | Description |
|---|---|
createdByKubernetes rbac/v1.Subject |
(Optional)
CreatedBy is a subject representing a user name, an email address, or any other identifier of a user who created the project. This field is immutable. |
descriptionstring |
(Optional)
Description is a human-readable description of what the project is used for. |
ownerKubernetes rbac/v1.Subject |
(Optional)
Owner is a subject representing a user name, an email address, or any other identifier of a user owning
the project.
IMPORTANT: Be aware that this field will be removed in the |
purposestring |
(Optional)
Purpose is a human-readable explanation of the project’s purpose. |
members[]ProjectMember |
(Optional)
Members is a list of subjects representing a user name, an email address, or any other identifier of a user, group, or service account that has a certain role. |
namespacestring |
(Optional)
Namespace is the name of the namespace that has been created for the Project object. A nil value means that Gardener will determine the name of the namespace. This field is immutable. |
tolerationsProjectTolerations |
(Optional)
Tolerations contains the tolerations for taints on seed clusters. |
(Appears on: Project)
ProjectStatus holds the most recently observed status of the project.
| Field | Description |
|---|---|
observedGenerationint64 |
(Optional)
ObservedGeneration is the most recent generation observed for this project. |
phaseProjectPhase |
Phase is the current phase of the project. |
staleSinceTimestampKubernetes meta/v1.Time |
(Optional)
StaleSinceTimestamp contains the timestamp when the project was first discovered to be stale/unused. |
staleAutoDeleteTimestampKubernetes meta/v1.Time |
(Optional)
StaleAutoDeleteTimestamp contains the timestamp when the project will be garbage-collected/automatically deleted because it’s stale/unused. |
lastActivityTimestampKubernetes meta/v1.Time |
(Optional)
LastActivityTimestamp contains the timestamp from the last activity performed in this project. |
(Appears on: ProjectSpec)
ProjectTolerations contains the tolerations for taints on seed clusters.
| Field | Description |
|---|---|
defaults[]Toleration |
(Optional)
Defaults contains a list of tolerations that are added to the shoots in this project by default. |
whitelist[]Toleration |
(Optional)
Whitelist contains a list of tolerations that are allowed to be added to the shoots in this project. Please note
that this list may only be added by users having the |
(Appears on: ShootSpec)
Provider contains provider-specific information that are handed-over to the provider-specific extension controller.
| Field | Description |
|---|---|
typestring |
Type is the type of the provider. This field is immutable. |
controlPlaneConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ControlPlaneConfig contains the provider-specific control plane config blob. Please look up the concrete definition in the documentation of your provider extension. |
infrastructureConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
InfrastructureConfig contains the provider-specific infrastructure config blob. Please look up the concrete definition in the documentation of your provider extension. |
workers[]Worker |
Workers is a list of worker groups. |
(Appears on: KubeProxyConfig)
ProxyMode available in Linux platform: ‘userspace’ (older, going to be EOL), ‘iptables’ (newer, faster), ‘ipvs’ (newest, better in performance and scalability). As of now only ‘iptables’ and ‘ipvs’ is supported by Gardener. In Linux platform, if the iptables proxy is selected, regardless of how, but the system’s kernel or iptables versions are insufficient, this always falls back to the userspace proxy. IPVS mode will be enabled when proxy mode is set to ‘ipvs’, and the fall back path is firstly iptables and then userspace.
(Appears on: Quota)
QuotaSpec is the specification of a Quota.
| Field | Description |
|---|---|
clusterLifetimeDaysint32 |
(Optional)
ClusterLifetimeDays is the lifetime of a Shoot cluster in days before it will be terminated automatically. |
metricsKubernetes core/v1.ResourceList |
Metrics is a list of resources which will be put under constraints. |
scopeKubernetes core/v1.ObjectReference |
Scope is the scope of the Quota object, either ‘project’ or ‘secret’. This field is immutable. |
(Appears on: CloudProfileSpec)
Region contains certain properties of a region.
| Field | Description |
|---|---|
namestring |
Name is a region name. |
zones[]AvailabilityZone |
(Optional)
Zones is a list of availability zones in this region. |
labelsmap[string]string |
(Optional)
Labels is an optional set of key-value pairs that contain certain administrator-controlled labels for this region. It can be used by Gardener administrators/operators to provide additional information about a region, e.g. wrt quality, reliability, access restrictions, etc. |
(Appears on: WatchCacheSizes)
ResourceWatchCacheSize contains configuration of the API server’s watch cache size for one specific resource.
| Field | Description |
|---|---|
apiGroupstring |
(Optional)
APIGroup is the API group of the resource for which the watch cache size should be configured.
An unset value is used to specify the legacy core API (e.g. for |
resourcestring |
Resource is the name of the resource for which the watch cache size should be configured
(in lowercase plural form, e.g. |
sizeint32 |
CacheSize specifies the watch cache size that should be configured for the specified resource. |
(Appears on: SecretBinding)
SecretBindingProvider defines the provider type of the SecretBinding.
| Field | Description |
|---|---|
typestring |
Type is the type of the provider. For backwards compatibility, the field can contain multiple providers separated by a comma. However the usage of single SecretBinding (hence Secret) for different cloud providers is strongly discouraged. |
(Appears on: SeedSpec)
SeedBackup contains the object store configuration for backups for shoot (currently only etcd).
| Field | Description |
|---|---|
providerstring |
Provider is a provider name. This field is immutable. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig is the configuration passed to BackupBucket resource. |
regionstring |
(Optional)
Region is a region name. This field is immutable. |
secretRefKubernetes core/v1.SecretReference |
SecretRef is a reference to a Secret object containing the cloud provider credentials for the object store where backups should be stored. It should have enough privileges to manipulate the objects as well as buckets. |
(Appears on: SeedSpec)
SeedDNS contains DNS-relevant information about this seed cluster.
| Field | Description |
|---|---|
ingressDomainstring |
(Optional)
IngressDomain is the domain of the Seed cluster pointing to the ingress controller endpoint. It will be used to construct ingress URLs for system applications running in Shoot clusters. This field is immutable. This will be removed in the next API version and replaced by spec.ingress.domain. |
providerSeedDNSProvider |
(Optional)
Provider configures a DNSProvider |
(Appears on: SeedDNS)
SeedDNSProvider configures a DNSProvider for Seeds
| Field | Description |
|---|---|
typestring |
Type describes the type of the dns-provider, for example |
secretRefKubernetes core/v1.SecretReference |
SecretRef is a reference to a Secret object containing cloud provider credentials used for registering external domains. |
domainsDNSIncludeExclude |
(Optional)
Domains contains information about which domains shall be included/excluded for this provider. |
zonesDNSIncludeExclude |
(Optional)
Zones contains information about which hosted zones shall be included/excluded for this provider. |
(Appears on: SeedSpec)
SeedNetworks contains CIDRs for the pod, service and node networks of a Kubernetes cluster.
| Field | Description |
|---|---|
nodesstring |
(Optional)
Nodes is the CIDR of the node network. This field is immutable. |
podsstring |
Pods is the CIDR of the pod network. This field is immutable. |
servicesstring |
Services is the CIDR of the service network. This field is immutable. |
shootDefaultsShootNetworks |
(Optional)
ShootDefaults contains the default networks CIDRs for shoots. |
blockCIDRs[]string |
(Optional)
BlockCIDRs is a list of network addresses that should be blocked for shoot control plane components running in the seed cluster. |
(Appears on: SeedSpec)
SeedProvider defines the provider type and region for this Seed cluster.
| Field | Description |
|---|---|
typestring |
Type is the name of the provider. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig is the configuration passed to Seed resource. |
regionstring |
Region is a name of a region. |
(Appears on: CloudProfileSpec, ShootSpec)
SeedSelector contains constraints for selecting seed to be usable for shoots using a profile
| Field | Description |
|---|---|
LabelSelectorKubernetes meta/v1.LabelSelector |
(Members of LabelSelector is optional and can be used to select seeds by their label settings |
providerTypes[]string |
(Optional)
Providers is optional and can be used by restricting seeds by their provider type. ‘*’ can be used to enable seeds regardless of their provider type. |
(Appears on: SeedSettings)
SeedSettingDependencyWatchdog controls the dependency-watchdog settings for the seed.
| Field | Description |
|---|---|
endpointSeedSettingDependencyWatchdogEndpoint |
(Optional)
Endpoint controls the endpoint settings for the dependency-watchdog for the seed. |
probeSeedSettingDependencyWatchdogProbe |
(Optional)
Probe controls the probe settings for the dependency-watchdog for the seed. |
(Appears on: SeedSettingDependencyWatchdog)
SeedSettingDependencyWatchdogEndpoint controls the endpoint settings for the dependency-watchdog for the seed.
| Field | Description |
|---|---|
enabledbool |
Enabled controls whether the endpoint controller of the dependency-watchdog should be enabled. This controller helps to alleviate the delay where control plane components remain unavailable by finding the respective pods in CrashLoopBackoff status and restarting them once their dependants become ready and available again. |
(Appears on: SeedSettingDependencyWatchdog)
SeedSettingDependencyWatchdogProbe controls the probe settings for the dependency-watchdog for the seed.
| Field | Description |
|---|---|
enabledbool |
Enabled controls whether the probe controller of the dependency-watchdog should be enabled. This controller scales down the kube-controller-manager of shoot clusters in case their respective kube-apiserver is not reachable via its external ingress in order to avoid melt-down situations. |
(Appears on: SeedSettings)
SeedSettingExcessCapacityReservation controls the excess capacity reservation for shoot control planes in the seed.
| Field | Description |
|---|---|
enabledbool |
Enabled controls whether the excess capacity reservation should be enabled. |
(Appears on: SeedSettings)
SeedSettingLoadBalancerServices controls certain settings for services of type load balancer that are created in the seed.
| Field | Description |
|---|---|
annotationsmap[string]string |
(Optional)
Annotations is a map of annotations that will be injected/merged into every load balancer service object. |
(Appears on: SeedSettings)
SeedSettingOwnerChecks controls certain owner checks settings for shoots scheduled on this seed.
| Field | Description |
|---|---|
enabledbool |
Enabled controls whether owner checks are enabled for shoots scheduled on this seed. It is enabled by default because it is a prerequisite for control plane migration. |
(Appears on: SeedSettings)
SeedSettingScheduling controls settings for scheduling decisions for the seed.
| Field | Description |
|---|---|
visiblebool |
Visible controls whether the gardener-scheduler shall consider this seed when scheduling shoots. Invisible seeds are not considered by the scheduler. |
(Appears on: SeedSettings)
SeedSettingShootDNS controls the shoot DNS settings for the seed.
| Field | Description |
|---|---|
enabledbool |
Enabled controls whether the DNS for shoot clusters should be enabled. When disabled then all shoots using the seed won’t get any DNS providers, DNS records, and no DNS extension controller is required to be installed here. This is useful for environments where DNS is not required. |
(Appears on: SeedSettings)
SeedSettingVerticalPodAutoscaler controls certain settings for the vertical pod autoscaler components deployed in the seed.
| Field | Description |
|---|---|
enabledbool |
Enabled controls whether the VPA components shall be deployed into the garden namespace in the seed cluster. It is enabled by default because Gardener heavily relies on a VPA being deployed. You should only disable this if your seed cluster already has another, manually/custom managed VPA deployment. |
(Appears on: SeedSpec)
SeedSettings contains certain settings for this seed cluster.
| Field | Description |
|---|---|
excessCapacityReservationSeedSettingExcessCapacityReservation |
(Optional)
ExcessCapacityReservation controls the excess capacity reservation for shoot control planes in the seed. |
schedulingSeedSettingScheduling |
(Optional)
Scheduling controls settings for scheduling decisions for the seed. |
shootDNSSeedSettingShootDNS |
(Optional)
ShootDNS controls the shoot DNS settings for the seed. |
loadBalancerServicesSeedSettingLoadBalancerServices |
(Optional)
LoadBalancerServices controls certain settings for services of type load balancer that are created in the seed. |
verticalPodAutoscalerSeedSettingVerticalPodAutoscaler |
(Optional)
VerticalPodAutoscaler controls certain settings for the vertical pod autoscaler components deployed in the seed. |
ownerChecksSeedSettingOwnerChecks |
(Optional)
SeedSettingOwnerChecks controls certain owner checks settings for shoots scheduled on this seed. |
dependencyWatchdogSeedSettingDependencyWatchdog |
(Optional)
DependencyWatchdog controls certain settings for the dependency-watchdog components deployed in the seed. |
(Appears on: Seed, SeedTemplate)
SeedSpec is the specification of a Seed.
| Field | Description |
|---|---|
backupSeedBackup |
(Optional)
Backup holds the object store configuration for the backups of shoot (currently only etcd). If it is not specified, then there won’t be any backups taken for shoots associated with this seed. If backup field is present in seed, then backups of the etcd from shoot control plane will be stored under the configured object store. |
dnsSeedDNS |
DNS contains DNS-relevant information about this seed cluster. |
networksSeedNetworks |
Networks defines the pod, service and worker network of the Seed cluster. |
providerSeedProvider |
Provider defines the provider type and region for this Seed cluster. |
secretRefKubernetes core/v1.SecretReference |
(Optional)
SecretRef is a reference to a Secret object containing the Kubeconfig of the Kubernetes cluster to be registered as Seed. |
taints[]SeedTaint |
(Optional)
Taints describes taints on the seed. |
volumeSeedVolume |
(Optional)
Volume contains settings for persistentvolumes created in the seed cluster. |
settingsSeedSettings |
(Optional)
Settings contains certain settings for this seed cluster. |
ingressIngress |
(Optional)
Ingress configures Ingress specific settings of the Seed cluster. This field is immutable. |
(Appears on: Seed)
SeedStatus is the status of a Seed.
| Field | Description |
|---|---|
gardenerGardener |
(Optional)
Gardener holds information about the Gardener which last acted on the Shoot. |
kubernetesVersionstring |
(Optional)
KubernetesVersion is the Kubernetes version of the seed cluster. |
conditions[]Condition |
(Optional)
Conditions represents the latest available observations of a Seed’s current state. |
observedGenerationint64 |
(Optional)
ObservedGeneration is the most recent generation observed for this Seed. It corresponds to the Seed’s generation, which is updated on mutation by the API Server. |
clusterIdentitystring |
(Optional)
ClusterIdentity is the identity of the Seed cluster. This field is immutable. |
capacityKubernetes core/v1.ResourceList |
(Optional)
Capacity represents the total resources of a seed. |
allocatableKubernetes core/v1.ResourceList |
(Optional)
Allocatable represents the resources of a seed that are available for scheduling. Defaults to Capacity. |
clientCertificateExpirationTimestampKubernetes meta/v1.Time |
(Optional)
ClientCertificateExpirationTimestamp is the timestamp at which gardenlet’s client certificate expires. |
(Appears on: SeedSpec)
SeedTaint describes a taint on a seed.
| Field | Description |
|---|---|
keystring |
Key is the taint key to be applied to a seed. |
valuestring |
(Optional)
Value is the taint value corresponding to the taint key. |
SeedTemplate is a template for creating a Seed object.
| Field | Description | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
metadataKubernetes meta/v1.ObjectMeta |
(Optional)
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||||||||
specSeedSpec |
(Optional)
Specification of the desired behavior of the Seed.
|
(Appears on: SeedSpec)
SeedVolume contains settings for persistentvolumes created in the seed cluster.
| Field | Description |
|---|---|
minimumSizek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
MinimumSize defines the minimum size that should be used for PVCs in the seed. |
providers[]SeedVolumeProvider |
(Optional)
Providers is a list of storage class provisioner types for the seed. |
(Appears on: SeedVolume)
SeedVolumeProvider is a storage class provisioner type.
| Field | Description |
|---|---|
purposestring |
Purpose is the purpose of this provider. |
namestring |
Name is the name of the storage class provisioner type. |
(Appears on: KubeAPIServerConfig)
ServiceAccountConfig is the kube-apiserver configuration for service accounts.
| Field | Description |
|---|---|
issuerstring |
(Optional)
Issuer is the identifier of the service account token issuer. The issuer will assert this identifier in “iss” claim of issued tokens. This value is used to generate new service account tokens. This value is a string or URI. Defaults to URI of the API server. |
signingKeySecretNameKubernetes core/v1.LocalObjectReference |
(Optional)
SigningKeySecret is a reference to a secret that contains an optional private key of the service account token issuer. The issuer will sign issued ID tokens with this private key. Only useful if service account tokens are also issued by another external system. |
extendTokenExpirationbool |
(Optional)
ExtendTokenExpiration turns on projected service account expiration extension during token generation, which helps safe transition from legacy token to bound service account token feature. If this flag is enabled, admission injected tokens would be extended up to 1 year to prevent unexpected failure during transition, ignoring value of service-account-max-token-expiration. |
maxTokenExpirationKubernetes meta/v1.Duration |
(Optional)
MaxTokenExpiration is the maximum validity duration of a token created by the service account token issuer. If an otherwise valid TokenRequest with a validity duration larger than this value is requested, a token will be issued with a validity duration of this value. This field must be within [30d,90d] when the ShootMaxTokenExpirationValidation feature gate is enabled. This field will be overwritten to be within [30d,90d] when the ShootMaxTokenExpirationOverwrite feature gate is enabled. |
acceptedIssuers[]string |
(Optional)
AcceptedIssuers is an additional set of issuers that are used to determine which service account tokens are accepted. These values are not used to generate new service account tokens. Only useful when service account tokens are also issued by another external system or a change of the current issuer that is used for generating tokens is being performed. This field is only available for Kubernetes v1.22 or later. |
(Appears on: ShootStatus)
ShootAdvertisedAddress contains information for the shoot’s Kube API server.
| Field | Description |
|---|---|
namestring |
Name of the advertised address. e.g. external |
urlstring |
The URL of the API Server. e.g. https://api.foo.bar or https://1.2.3.4 |
(Appears on: ShootCredentialsRotation)
ShootCARotation contains information about the certificate authority credential rotation.
| Field | Description |
|---|---|
phaseShootCredentialsRotationPhase |
Phase describes the phase of the certificate authority credential rotation. |
lastInitiationTimeKubernetes meta/v1.Time |
(Optional)
LastInitiationTime is the most recent time when the certificate authority credential rotation was initiated. |
lastCompletionTimeKubernetes meta/v1.Time |
(Optional)
LastCompletionTime is the most recent time when the certificate authority credential rotation was successfully completed. |
(Appears on: ShootStatus)
ShootCredentials contains information about the shoot credentials.
| Field | Description |
|---|---|
rotationShootCredentialsRotation |
(Optional)
Rotation contains information about the credential rotations. |
(Appears on: ShootCredentials)
ShootCredentialsRotation contains information about the rotation of credentials.
| Field | Description |
|---|---|
certificateAuthoritiesShootCARotation |
(Optional)
CertificateAuthorities contains information about the certificate authority credential rotation. |
kubeconfigShootKubeconfigRotation |
(Optional)
Kubeconfig contains information about the kubeconfig credential rotation. |
sshKeypairShootSSHKeypairRotation |
(Optional)
SSHKeypair contains information about the ssh-keypair credential rotation. |
(Appears on: ShootCARotation)
ShootCredentialsRotationPhase is a string alias.
(Appears on: ShootCredentialsRotation)
ShootKubeconfigRotation contains information about the kubeconfig credential rotation.
| Field | Description |
|---|---|
lastInitiationTimeKubernetes meta/v1.Time |
(Optional)
LastInitiationTime is the most recent time when the kubeconfig credential rotation was initiated. |
lastCompletionTimeKubernetes meta/v1.Time |
(Optional)
LastCompletionTime is the most recent time when the kubeconfig credential rotation was successfully completed. |
(Appears on: Machine)
ShootMachineImage defines the name and the version of the shoot’s machine image in any environment. Has to be defined in the respective CloudProfile.
| Field | Description |
|---|---|
namestring |
Name is the name of the image. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig is the shoot’s individual configuration passed to an extension resource. |
versionstring |
(Optional)
Version is the version of the shoot’s image. If version is not provided, it will be defaulted to the latest version from the CloudProfile. |
(Appears on: SeedNetworks)
ShootNetworks contains the default networks CIDRs for shoots.
| Field | Description |
|---|---|
podsstring |
(Optional)
Pods is the CIDR of the pod network. |
servicesstring |
(Optional)
Services is the CIDR of the service network. |
(Appears on: ShootSpec)
ShootPurpose is a type alias for string.
(Appears on: ShootCredentialsRotation)
ShootSSHKeypairRotation contains information about the ssh-keypair credential rotation.
| Field | Description |
|---|---|
lastInitiationTimeKubernetes meta/v1.Time |
(Optional)
LastInitiationTime is the most recent time when the certificate authority credential rotation was initiated. |
lastCompletionTimeKubernetes meta/v1.Time |
(Optional)
LastCompletionTime is the most recent time when the ssh-keypair credential rotation was successfully completed. |
(Appears on: Shoot, ShootTemplate)
ShootSpec is the specification of a Shoot.
| Field | Description |
|---|---|
addonsAddons |
(Optional)
Addons contains information about enabled/disabled addons and their configuration. |
cloudProfileNamestring |
CloudProfileName is a name of a CloudProfile object. This field is immutable. |
dnsDNS |
(Optional)
DNS contains information about the DNS settings of the Shoot. |
extensions[]Extension |
(Optional)
Extensions contain type and provider information for Shoot extensions. |
hibernationHibernation |
(Optional)
Hibernation contains information whether the Shoot is suspended or not. |
kubernetesKubernetes |
Kubernetes contains the version and configuration settings of the control plane components. |
networkingNetworking |
Networking contains information about cluster networking such as CNI Plugin type, CIDRs, …etc. |
maintenanceMaintenance |
(Optional)
Maintenance contains information about the time window for maintenance operations and which operations should be performed. |
monitoringMonitoring |
(Optional)
Monitoring contains information about custom monitoring configurations for the shoot. |
providerProvider |
Provider contains all provider-specific and provider-relevant information. |
purposeShootPurpose |
(Optional)
Purpose is the purpose class for this cluster. |
regionstring |
Region is a name of a region. This field is immutable. |
secretBindingNamestring |
SecretBindingName is the name of the a SecretBinding that has a reference to the provider secret. The credentials inside the provider secret will be used to create the shoot in the respective account. This field is immutable. |
seedNamestring |
(Optional)
SeedName is the name of the seed cluster that runs the control plane of the Shoot. This field is immutable when the SeedChange feature gate is disabled. |
seedSelectorSeedSelector |
(Optional)
SeedSelector is an optional selector which must match a seed’s labels for the shoot to be scheduled on that seed. |
resources[]NamedResourceReference |
(Optional)
Resources holds a list of named resource references that can be referred to in extension configs by their names. |
tolerations[]Toleration |
(Optional)
Tolerations contains the tolerations for taints on seed clusters. |
exposureClassNamestring |
(Optional)
ExposureClassName is the optional name of an exposure class to apply a control plane endpoint exposure strategy. This field is immutable. |
systemComponentsSystemComponents |
(Optional)
SystemComponents contains the settings of system components in the control or data plane of the Shoot cluster. |
(Appears on: Shoot)
ShootStatus holds the most recently observed status of the Shoot cluster.
| Field | Description |
|---|---|
conditions[]Condition |
(Optional)
Conditions represents the latest available observations of a Shoots’s current state. |
constraints[]Condition |
(Optional)
Constraints represents conditions of a Shoot’s current state that constraint some operations on it. |
gardenerGardener |
Gardener holds information about the Gardener which last acted on the Shoot. |
hibernatedbool |
IsHibernated indicates whether the Shoot is currently hibernated. |
lastOperationLastOperation |
(Optional)
LastOperation holds information about the last operation on the Shoot. |
lastErrors[]LastError |
(Optional)
LastErrors holds information about the last occurred error(s) during an operation. |
observedGenerationint64 |
(Optional)
ObservedGeneration is the most recent generation observed for this Shoot. It corresponds to the Shoot’s generation, which is updated on mutation by the API Server. |
retryCycleStartTimeKubernetes meta/v1.Time |
(Optional)
RetryCycleStartTime is the start time of the last retry cycle (used to determine how often an operation must be retried until we give up). |
seedNamestring |
(Optional)
SeedName is the name of the seed cluster that runs the control plane of the Shoot. This value is only written after a successful create/reconcile operation. It will be used when control planes are moved between Seeds. |
technicalIDstring |
TechnicalID is the name that is used for creating the Seed namespace, the infrastructure resources, and basically everything that is related to this particular Shoot. This field is immutable. |
uidk8s.io/apimachinery/pkg/types.UID |
UID is a unique identifier for the Shoot cluster to avoid portability between Kubernetes clusters. It is used to compute unique hashes. This field is immutable. |
clusterIdentitystring |
(Optional)
ClusterIdentity is the identity of the Shoot cluster. This field is immutable. |
advertisedAddresses[]ShootAdvertisedAddress |
(Optional)
List of addresses on which the Kube API server can be reached. |
migrationStartTimeKubernetes meta/v1.Time |
(Optional)
MigrationStartTime is the time when a migration to a different seed was initiated. |
credentialsShootCredentials |
(Optional)
Credentials contains information about the shoot credentials. |
ShootTemplate is a template for creating a Shoot object.
| Field | Description | ||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
metadataKubernetes meta/v1.ObjectMeta |
(Optional)
Standard object metadata. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||||||||||||||||||||||||||||
specShootSpec |
(Optional)
Specification of the desired behavior of the Shoot.
|
(Appears on: ShootSpec)
SystemComponents contains the settings of system components in the control or data plane of the Shoot cluster.
| Field | Description |
|---|---|
coreDNSCoreDNS |
(Optional)
CoreDNS contains the settings of the Core DNS components running in the data plane of the Shoot cluster. |
(Appears on: ProjectTolerations, ShootSpec)
Toleration is a toleration for a seed taint.
| Field | Description |
|---|---|
keystring |
Key is the toleration key to be applied to a project or shoot. |
valuestring |
(Optional)
Value is the toleration value corresponding to the toleration key. |
(Appears on: ExpirableVersion)
VersionClassification is the logical state of a version.
(Appears on: Kubernetes)
VerticalPodAutoscaler contains the configuration flags for the Kubernetes vertical pod autoscaler.
| Field | Description |
|---|---|
enabledbool |
Enabled specifies whether the Kubernetes VPA shall be enabled for the shoot cluster. |
evictAfterOOMThresholdKubernetes meta/v1.Duration |
(Optional)
EvictAfterOOMThreshold defines the threshold that will lead to pod eviction in case it OOMed in less than the given threshold since its start and if it has only one container (default: 10m0s). |
evictionRateBurstint32 |
(Optional)
EvictionRateBurst defines the burst of pods that can be evicted (default: 1) |
evictionRateLimitfloat64 |
(Optional)
EvictionRateLimit defines the number of pods that can be evicted per second. A rate limit set to 0 or -1 will disable the rate limiter (default: -1). |
evictionTolerancefloat64 |
(Optional)
EvictionTolerance defines the fraction of replica count that can be evicted for update in case more than one pod can be evicted (default: 0.5). |
recommendationMarginFractionfloat64 |
(Optional)
RecommendationMarginFraction is the fraction of usage added as the safety margin to the recommended request (default: 0.15). |
updaterIntervalKubernetes meta/v1.Duration |
(Optional)
UpdaterInterval is the interval how often the updater should run (default: 1m0s). |
recommenderIntervalKubernetes meta/v1.Duration |
(Optional)
RecommenderInterval is the interval how often metrics should be fetched (default: 1m0s). |
(Appears on: Worker)
Volume contains information about the volume type, size, and encryption.
| Field | Description |
|---|---|
namestring |
(Optional)
Name of the volume to make it referencable. |
typestring |
(Optional)
Type is the type of the volume. |
sizestring |
VolumeSize is the size of the volume. |
encryptedbool |
(Optional)
Encrypted determines if the volume should be encrypted. |
(Appears on: CloudProfileSpec)
VolumeType contains certain properties of a volume type.
| Field | Description |
|---|---|
classstring |
Class is the class of the volume type. |
namestring |
Name is the name of the volume type. |
usablebool |
(Optional)
Usable defines if the volume type can be used for shoot clusters. |
minSizek8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
MinSize is the minimal supported storage size. |
(Appears on: KubeAPIServerConfig)
WatchCacheSizes contains configuration of the API server’s watch cache sizes.
| Field | Description |
|---|---|
defaultint32 |
(Optional)
Default configures the default watch cache size of the kube-apiserver
(flag |
resources[]ResourceWatchCacheSize |
(Optional)
Resources configures the watch cache size of the kube-apiserver per resource
(flag |
(Appears on: Provider)
Worker is the base definition of a worker group.
| Field | Description |
|---|---|
annotationsmap[string]string |
(Optional)
Annotations is a map of key/value pairs for annotations for all the |
caBundlestring |
(Optional)
CABundle is a certificate bundle which will be installed onto every machine of this worker pool. |
criCRI |
(Optional)
CRI contains configurations of CRI support of every machine in the worker pool.
Defaults to a CRI with name |
kubernetesWorkerKubernetes |
(Optional)
Kubernetes contains configuration for Kubernetes components related to this worker pool. |
labelsmap[string]string |
(Optional)
Labels is a map of key/value pairs for labels for all the |
namestring |
Name is the name of the worker group. |
machineMachine |
Machine contains information about the machine type and image. |
maximumint32 |
Maximum is the maximum number of VMs to create. |
minimumint32 |
Minimum is the minimum number of VMs to create. |
maxSurgek8s.io/apimachinery/pkg/util/intstr.IntOrString |
(Optional)
MaxSurge is maximum number of VMs that are created during an update. |
maxUnavailablek8s.io/apimachinery/pkg/util/intstr.IntOrString |
(Optional)
MaxUnavailable is the maximum number of VMs that can be unavailable during an update. |
providerConfigk8s.io/apimachinery/pkg/runtime.RawExtension |
(Optional)
ProviderConfig is the provider-specific configuration for this worker pool. |
taints[]Kubernetes core/v1.Taint |
(Optional)
Taints is a list of taints for all the |
volumeVolume |
(Optional)
Volume contains information about the volume type and size. |
dataVolumes[]DataVolume |
(Optional)
DataVolumes contains a list of additional worker volumes. |
kubeletDataVolumeNamestring |
(Optional)
KubeletDataVolumeName contains the name of a dataVolume that should be used for storing kubelet state. |
zones[]string |
(Optional)
Zones is a list of availability zones that are used to evenly distribute this worker pool. Optional as not every provider may support availability zones. |
systemComponentsWorkerSystemComponents |
(Optional)
SystemComponents contains configuration for system components related to this worker pool |
machineControllerManagerMachineControllerManagerSettings |
(Optional)
MachineControllerManagerSettings contains configurations for different worker-pools. Eg. MachineDrainTimeout, MachineHealthTimeout. |
(Appears on: Worker)
WorkerKubernetes contains configuration for Kubernetes components related to this worker pool.
| Field | Description |
|---|---|
kubeletKubeletConfig |
(Optional)
Kubelet contains configuration settings for all kubelets of this worker pool.
If set, all |
versionstring |
(Optional)
Version is the semantic Kubernetes version to use for the Kubelet in this Worker Group. If not specified the kubelet version is derived from the global shoot cluster kubernetes version. version must be equal or lower than the version of the shoot kubernetes version. Only one minor version difference to other worker groups and global kubernetes version is allowed. |
(Appears on: Worker)
WorkerSystemComponents contains configuration for system components related to this worker pool
| Field | Description |
|---|---|
allowbool |
Allow determines whether the pool should be allowed to host system components or not (defaults to true) |
Generated with gen-crd-api-reference-docs