Contributors to this page
Last update:

Packages:

core.gardener.cloud/v1beta1

Package v1beta1 is a version of the API.

Resource Types:

BackupBucket

BackupBucket holds details about backup bucket

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
BackupBucket
metadata
Kubernetes meta/v1.ObjectMeta

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
BackupBucketSpec

Specification of the Backup Bucket.



provider
BackupBucketProvider

Provider hold the details of cloud provider of the object store.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the configuration passed to BackupBucket resource.

secretRef
Kubernetes core/v1.SecretReference

SecretRef is a reference to a secret that contains the credentials to access object store.

seedName
string
(Optional)

SeedName holds the name of the seed allocated to BackupBucket for running controller.

status
BackupBucketStatus

Most recently observed status of the Backup Bucket.

BackupEntry

BackupEntry holds details about shoot backup.

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
BackupEntry
metadata
Kubernetes meta/v1.ObjectMeta

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
BackupEntrySpec
(Optional)

Spec contains the specification of the Backup Entry.



bucketName
string

BucketName is the name of backup bucket for this Backup Entry.

seedName
string
(Optional)

SeedName holds the name of the seed allocated to BackupEntry for running controller.

status
BackupEntryStatus
(Optional)

Status contains the most recently observed status of the Backup Entry.

CloudProfile

CloudProfile represents certain properties about a provider environment.

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
CloudProfile
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
CloudProfileSpec
(Optional)

Spec defines the provider environment properties.



caBundle
string
(Optional)

CABundle is a certificate bundle which will be installed onto every host machine of shoot cluster targeting this profile.

kubernetes
KubernetesSettings

Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

machineImages
[]MachineImage

MachineImages contains constraints regarding allowed values for machine images in the Shoot specification.

machineTypes
[]MachineType

MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig contains provider-specific configuration for the profile.

regions
[]Region

Regions contains constraints regarding allowed values for regions and zones.

seedSelector
Kubernetes meta/v1.LabelSelector
(Optional)

SeedSelector contains an optional list of labels on Seed resources that marks those seeds whose shoots may use this provider profile. An empty list means that all seeds of the same provider type are supported. This is useful for environments that are of the same type (like openstack) but may have different “instances”/landscapes.

type
string

Type is the name of the provider.

volumeTypes
[]VolumeType
(Optional)

VolumeTypes contains constraints regarding allowed values for volume types in the ‘workers’ block in the Shoot specification.

ControllerInstallation

ControllerInstallation represents an installation request for an external controller.

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
ControllerInstallation
metadata
Kubernetes meta/v1.ObjectMeta

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
ControllerInstallationSpec

Spec contains the specification of this installation.



registrationRef
Kubernetes core/v1.ObjectReference

RegistrationRef is used to reference a ControllerRegistration resources.

seedRef
Kubernetes core/v1.ObjectReference

SeedRef is used to reference a Seed resources.

status
ControllerInstallationStatus

Status contains the status of this installation.

ControllerRegistration

ControllerRegistration represents a registration of an external controller.

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
ControllerRegistration
metadata
Kubernetes meta/v1.ObjectMeta

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
ControllerRegistrationSpec

Spec contains the specification of this registration.



resources
[]ControllerResource
(Optional)

Resources is a list of combinations of kinds (DNSProvider, Infrastructure, Generic, …) and their actual types (aws-route53, gcp, auditlog, …).

deployment
ControllerDeployment
(Optional)

Deployment contains information for how this controller is deployed.

Plant

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
Plant
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
PlantSpec

Spec contains the specification of this Plant.



secretRef
Kubernetes core/v1.LocalObjectReference

SecretRef is a reference to a Secret object containing the Kubeconfig of the external kubernetes clusters to be added to Gardener.

endpoints
[]Endpoint
(Optional)

Endpoints is the configuration plant endpoints

status
PlantStatus

Status contains the status of this Plant.

Project

Project holds certain properties about a Gardener project.

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
Project
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
ProjectSpec
(Optional)

Spec defines the project properties.



createdBy
Kubernetes rbac/v1.Subject
(Optional)

CreatedBy is a subject representing a user name, an email address, or any other identifier of a user who created the project.

description
string
(Optional)

Description is a human-readable description of what the project is used for.

owner
Kubernetes rbac/v1.Subject
(Optional)

Owner is a subject representing a user name, an email address, or any other identifier of a user owning the project. IMPORTANT: Be aware that this field will be removed in the v1 version of this API in favor of the owner role. The only way to change the owner will be by moving the owner role. In this API version the only way to change the owner is to use this field. TODO: Remove this field in favor of the owner role in v1.

purpose
string
(Optional)

Purpose is a human-readable explanation of the project’s purpose.

members
[]ProjectMember
(Optional)

Members is a list of subjects representing a user name, an email address, or any other identifier of a user, group, or service account that has a certain role.

namespace
string
(Optional)

Namespace is the name of the namespace that has been created for the Project object. A nil value means that Gardener will determine the name of the namespace.

tolerations
ProjectTolerations
(Optional)

Tolerations contains the tolerations for taints on seed clusters.

status
ProjectStatus
(Optional)

Most recently observed status of the Project.

Quota

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
Quota
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
QuotaSpec
(Optional)

Spec defines the Quota constraints.



clusterLifetimeDays
int32
(Optional)

ClusterLifetimeDays is the lifetime of a Shoot cluster in days before it will be terminated automatically.

metrics
Kubernetes core/v1.ResourceList

Metrics is a list of resources which will be put under constraints.

scope
Kubernetes core/v1.ObjectReference

Scope is the scope of the Quota object, either ‘project’ or ‘secret’.

SecretBinding

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
SecretBinding
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
secretRef
Kubernetes core/v1.SecretReference

SecretRef is a reference to a secret object in the same or another namespace.

quotas
[]Kubernetes core/v1.ObjectReference
(Optional)

Quotas is a list of references to Quota objects in the same or another namespace.

Seed

Seed represents an installation request for an external controller.

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
Seed
metadata
Kubernetes meta/v1.ObjectMeta

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
SeedSpec

Spec contains the specification of this installation.



backup
SeedBackup
(Optional)

Backup holds the object store configuration for the backups of shoot (currently only etcd). If it is not specified, then there won’t be any backups taken for shoots associated with this seed. If backup field is present in seed, then backups of the etcd from shoot control plane will be stored under the configured object store.

dns
SeedDNS

DNS contains DNS-relevant information about this seed cluster.

networks
SeedNetworks

Networks defines the pod, service and worker network of the Seed cluster.

provider
SeedProvider

Provider defines the provider type and region for this Seed cluster.

secretRef
Kubernetes core/v1.SecretReference
(Optional)

SecretRef is a reference to a Secret object containing the Kubeconfig and the cloud provider credentials for the account the Seed cluster has been deployed to.

taints
[]SeedTaint
(Optional)

Taints describes taints on the seed.

volume
SeedVolume
(Optional)

Volume contains settings for persistentvolumes created in the seed cluster.

settings
SeedSettings
(Optional)

Settings contains certain settings for this seed cluster.

status
SeedStatus

Status contains the status of this installation.

Shoot

FieldDescription
apiVersion
string
core.gardener.cloud/v1beta1
kind
string
Shoot
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
ShootSpec
(Optional)

Specification of the Shoot cluster.



addons
Addons
(Optional)

Addons contains information about enabled/disabled addons and their configuration.

cloudProfileName
string

CloudProfileName is a name of a CloudProfile object.

dns
DNS
(Optional)

DNS contains information about the DNS settings of the Shoot.

extensions
[]Extension
(Optional)

Extensions contain type and provider information for Shoot extensions.

hibernation
Hibernation
(Optional)

Hibernation contains information whether the Shoot is suspended or not.

kubernetes
Kubernetes

Kubernetes contains the version and configuration settings of the control plane components.

networking
Networking

Networking contains information about cluster networking such as CNI Plugin type, CIDRs, …etc.

maintenance
Maintenance
(Optional)

Maintenance contains information about the time window for maintenance operations and which operations should be performed.

monitoring
Monitoring
(Optional)

Monitoring contains information about custom monitoring configurations for the shoot.

provider
Provider

Provider contains all provider-specific and provider-relevant information.

purpose
ShootPurpose
(Optional)

Purpose is the purpose class for this cluster.

region
string

Region is a name of a region.

secretBindingName
string

SecretBindingName is the name of the a SecretBinding that has a reference to the provider secret. The credentials inside the provider secret will be used to create the shoot in the respective account.

seedName
string
(Optional)

SeedName is the name of the seed cluster that runs the control plane of the Shoot.

seedSelector
Kubernetes meta/v1.LabelSelector
(Optional)

SeedSelector is an optional selector which must match a seed’s labels for the shoot to be scheduled on that seed.

resources
[]NamedResourceReference
(Optional)

Resources holds a list of named resource references that can be referred to in extension configs by their names.

tolerations
[]Toleration
(Optional)

Tolerations contains the tolerations for taints on seed clusters.

status
ShootStatus
(Optional)

Most recently observed status of the Shoot cluster.

Addon

(Appears on: KubernetesDashboard, NginxIngress)

Addon allows enabling or disabling a specific addon and is used to derive from.

FieldDescription
enabled
bool

Enabled indicates whether the addon is enabled or not.

Addons

(Appears on: ShootSpec)

Addons is a collection of configuration for specific addons which are managed by the Gardener.

FieldDescription
kubernetesDashboard
KubernetesDashboard
(Optional)

KubernetesDashboard holds configuration settings for the kubernetes dashboard addon.

nginxIngress
NginxIngress
(Optional)

NginxIngress holds configuration settings for the nginx-ingress addon.

AdmissionPlugin

(Appears on: KubeAPIServerConfig)

AdmissionPlugin contains information about a specific admission plugin and its corresponding configuration.

FieldDescription
name
string

Name is the name of the plugin.

config
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

Config is the configuration of the plugin.

Alerting

(Appears on: Monitoring)

Alerting contains information about how alerting will be done (i.e. who will receive alerts and how).

FieldDescription
emailReceivers
[]string
(Optional)

MonitoringEmailReceivers is a list of recipients for alerts

AuditConfig

(Appears on: KubeAPIServerConfig)

AuditConfig contains settings for audit of the api server

FieldDescription
auditPolicy
AuditPolicy
(Optional)

AuditPolicy contains configuration settings for audit policy of the kube-apiserver.

AuditPolicy

(Appears on: AuditConfig)

AuditPolicy contains audit policy for kube-apiserver

FieldDescription
configMapRef
Kubernetes core/v1.ObjectReference
(Optional)

ConfigMapRef is a reference to a ConfigMap object in the same namespace, which contains the audit policy for the kube-apiserver.

AvailabilityZone

(Appears on: Region)

AvailabilityZone is an availability zone.

FieldDescription
name
string

Name is an an availability zone name.

unavailableMachineTypes
[]string
(Optional)

UnavailableMachineTypes is a list of machine type names that are not availability in this zone.

unavailableVolumeTypes
[]string
(Optional)

UnavailableVolumeTypes is a list of volume type names that are not availability in this zone.

BackupBucketProvider

(Appears on: BackupBucketSpec)

BackupBucketProvider holds the details of cloud provider of the object store.

FieldDescription
type
string

Type is the type of provider.

region
string

Region is the region of the bucket.

BackupBucketSpec

(Appears on: BackupBucket)

BackupBucketSpec is the specification of a Backup Bucket.

FieldDescription
provider
BackupBucketProvider

Provider hold the details of cloud provider of the object store.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the configuration passed to BackupBucket resource.

secretRef
Kubernetes core/v1.SecretReference

SecretRef is a reference to a secret that contains the credentials to access object store.

seedName
string
(Optional)

SeedName holds the name of the seed allocated to BackupBucket for running controller.

BackupBucketStatus

(Appears on: BackupBucket)

BackupBucketStatus holds the most recently observed status of the Backup Bucket.

FieldDescription
providerStatus
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderStatus is the configuration passed to BackupBucket resource.

lastOperation
LastOperation
(Optional)

LastOperation holds information about the last operation on the BackupBucket.

lastError
LastError
(Optional)

LastError holds information about the last occurred error during an operation.

observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this BackupBucket. It corresponds to the BackupBucket’s generation, which is updated on mutation by the API Server.

generatedSecretRef
Kubernetes core/v1.SecretReference
(Optional)

GeneratedSecretRef is reference to the secret generated by backup bucket, which will have object store specific credentials.

BackupEntrySpec

(Appears on: BackupEntry)

BackupEntrySpec is the specification of a Backup Entry.

FieldDescription
bucketName
string

BucketName is the name of backup bucket for this Backup Entry.

seedName
string
(Optional)

SeedName holds the name of the seed allocated to BackupEntry for running controller.

BackupEntryStatus

(Appears on: BackupEntry)

BackupEntryStatus holds the most recently observed status of the Backup Entry.

FieldDescription
lastOperation
LastOperation
(Optional)

LastOperation holds information about the last operation on the BackupEntry.

lastError
LastError
(Optional)

LastError holds information about the last occurred error during an operation.

observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this BackupEntry. It corresponds to the BackupEntry’s generation, which is updated on mutation by the API Server.

CRI

(Appears on: Worker)

CRI contains information about the Container Runtimes.

FieldDescription
name
CRIName

The name of the CRI library

containerRuntimes
[]ContainerRuntime
(Optional)

ContainerRuntimes is the list of the required container runtimes supported for a worker pool.

CRIName (string alias)

(Appears on: CRI)

CRIName is a type alias for the CRI name string.

CloudInfo

(Appears on: ClusterInfo)

CloudInfo contains information about the cloud

FieldDescription
type
string

Type is the cloud type

region
string

Region is the cloud region

CloudProfileSpec

(Appears on: CloudProfile)

CloudProfileSpec is the specification of a CloudProfile. It must contain exactly one of its defined keys.

FieldDescription
caBundle
string
(Optional)

CABundle is a certificate bundle which will be installed onto every host machine of shoot cluster targeting this profile.

kubernetes
KubernetesSettings

Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

machineImages
[]MachineImage

MachineImages contains constraints regarding allowed values for machine images in the Shoot specification.

machineTypes
[]MachineType

MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig contains provider-specific configuration for the profile.

regions
[]Region

Regions contains constraints regarding allowed values for regions and zones.

seedSelector
Kubernetes meta/v1.LabelSelector
(Optional)

SeedSelector contains an optional list of labels on Seed resources that marks those seeds whose shoots may use this provider profile. An empty list means that all seeds of the same provider type are supported. This is useful for environments that are of the same type (like openstack) but may have different “instances”/landscapes.

type
string

Type is the name of the provider.

volumeTypes
[]VolumeType
(Optional)

VolumeTypes contains constraints regarding allowed values for volume types in the ‘workers’ block in the Shoot specification.

ClusterAutoscaler

(Appears on: Kubernetes)

ClusterAutoscaler contains the configuration flags for the Kubernetes cluster autoscaler.

FieldDescription
scaleDownDelayAfterAdd
Kubernetes meta/v1.Duration
(Optional)

ScaleDownDelayAfterAdd defines how long after scale up that scale down evaluation resumes (default: 1 hour).

scaleDownDelayAfterDelete
Kubernetes meta/v1.Duration
(Optional)

ScaleDownDelayAfterDelete how long after node deletion that scale down evaluation resumes, defaults to scanInterval (defaults to ScanInterval).

scaleDownDelayAfterFailure
Kubernetes meta/v1.Duration
(Optional)

ScaleDownDelayAfterFailure how long after scale down failure that scale down evaluation resumes (default: 3 mins).

scaleDownUnneededTime
Kubernetes meta/v1.Duration
(Optional)

ScaleDownUnneededTime defines how long a node should be unneeded before it is eligible for scale down (default: 30 mins).

scaleDownUtilizationThreshold
float64
(Optional)

ScaleDownUtilizationThreshold defines the threshold in % under which a node is being removed

scanInterval
Kubernetes meta/v1.Duration
(Optional)

ScanInterval how often cluster is reevaluated for scale up or down (default: 10 secs).

ClusterInfo

(Appears on: PlantStatus)

ClusterInfo contains information about the Plant cluster

FieldDescription
cloud
CloudInfo

Cloud describes the cloud information

kubernetes
KubernetesInfo

Kubernetes describes kubernetes meta information (e.g., version)

Condition

(Appears on: ControllerInstallationStatus, PlantStatus, SeedStatus, ShootStatus)

Condition holds the information about the state of a resource.

FieldDescription
type
ConditionType

Type of the Shoot condition.

status
ConditionStatus

Status of the condition, one of True, False, Unknown.

lastTransitionTime
Kubernetes meta/v1.Time

Last time the condition transitioned from one status to another.

lastUpdateTime
Kubernetes meta/v1.Time

Last time the condition was updated.

reason
string

The reason for the condition’s last transition.

message
string

A human readable message indicating details about the transition.

codes
[]ErrorCode
(Optional)

Well-defined error codes in case the condition reports a problem.

ConditionStatus (string alias)

(Appears on: Condition)

ConditionStatus is the status of a condition.

ConditionType (string alias)

(Appears on: Condition)

ConditionType is a string alias.

ContainerRuntime

(Appears on: CRI)

ContainerRuntime contains information about worker’s available container runtime

FieldDescription
type
string

Type is the type of the Container Runtime.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the configuration passed to container runtime resource.

ControllerDeployment

(Appears on: ControllerRegistrationSpec)

ControllerDeployment contains information for how this controller is deployed.

FieldDescription
type
string

Type is the deployment type.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig contains type-specific configuration.

policy
ControllerDeploymentPolicy
(Optional)

Policy controls how the controller is deployed. It defaults to ‘OnDemand’.

seedSelector
Kubernetes meta/v1.LabelSelector
(Optional)

SeedSelector contains an optional label selector for seeds. Only if the labels match then this controller will be considered for a deployment. An empty list means that all seeds are selected.

ControllerDeploymentPolicy (string alias)

(Appears on: ControllerDeployment)

ControllerDeploymentPolicy is a string alias.

ControllerInstallationSpec

(Appears on: ControllerInstallation)

ControllerInstallationSpec is the specification of a ControllerInstallation.

FieldDescription
registrationRef
Kubernetes core/v1.ObjectReference

RegistrationRef is used to reference a ControllerRegistration resources.

seedRef
Kubernetes core/v1.ObjectReference

SeedRef is used to reference a Seed resources.

ControllerInstallationStatus

(Appears on: ControllerInstallation)

ControllerInstallationStatus is the status of a ControllerInstallation.

FieldDescription
conditions
[]Condition
(Optional)

Conditions represents the latest available observations of a ControllerInstallations’s current state.

providerStatus
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderStatus contains type-specific status.

ControllerRegistrationSpec

(Appears on: ControllerRegistration)

ControllerRegistrationSpec is the specification of a ControllerRegistration.

FieldDescription
resources
[]ControllerResource
(Optional)

Resources is a list of combinations of kinds (DNSProvider, Infrastructure, Generic, …) and their actual types (aws-route53, gcp, auditlog, …).

deployment
ControllerDeployment
(Optional)

Deployment contains information for how this controller is deployed.

ControllerResource

(Appears on: ControllerRegistrationSpec)

ControllerResource is a combination of a kind (DNSProvider, Infrastructure, Generic, …) and the actual type for this kind (aws-route53, gcp, auditlog, …).

FieldDescription
kind
string

Kind is the resource kind, for example “OperatingSystemConfig”.

type
string

Type is the resource type, for example “coreos” or “ubuntu”.

globallyEnabled
bool
(Optional)

GloballyEnabled determines if this ControllerResource is required by all Shoot clusters.

reconcileTimeout
Kubernetes meta/v1.Duration
(Optional)

ReconcileTimeout defines how long Gardener should wait for the resource reconciliation.

primary
bool
(Optional)

Primary determines if the controller backed by this ControllerRegistration is responsible for the extension resource’s lifecycle. This field defaults to true. There must be exactly one primary controller for this kind/type combination.

DNS

(Appears on: ShootSpec)

DNS holds information about the provider, the hosted zone id and the domain.

FieldDescription
domain
string
(Optional)

Domain is the external available domain of the Shoot cluster. This domain will be written into the kubeconfig that is handed out to end-users.

providers
[]DNSProvider
(Optional)

Providers is a list of DNS providers that shall be enabled for this shoot cluster. Only relevant if not a default domain is used.

DNSIncludeExclude

(Appears on: DNSProvider)

FieldDescription
include
[]string
(Optional)

Include is a list of resources that shall be included.

exclude
[]string
(Optional)

Exclude is a list of resources that shall be excluded.

DNSProvider

(Appears on: DNS)

DNSProvider contains information about a DNS provider.

FieldDescription
domains
DNSIncludeExclude
(Optional)

Domains contains information about which domains shall be included/excluded for this provider.

primary
bool
(Optional)

Primary indicates that this DNSProvider is used for shoot related domains.

secretName
string
(Optional)

SecretName is a name of a secret containing credentials for the stated domain and the provider. When not specified, the Gardener will use the cloud provider credentials referenced by the Shoot and try to find respective credentials there (primary provider only). Specifying this field may override this behavior, i.e. forcing the Gardener to only look into the given secret.

type
string
(Optional)

Type is the DNS provider type.

zones
DNSIncludeExclude
(Optional)

Zones contains information about which hosted zones shall be included/excluded for this provider.

DataVolume

(Appears on: Worker)

DataVolume contains information about a data volume.

FieldDescription
name
string

Name of the volume to make it referencable.

type
string
(Optional)

Type is the type of the volume.

size
string

VolumeSize is the size of the volume.

encrypted
bool
(Optional)

Encrypted determines if the volume should be encrypted.

Endpoint

(Appears on: PlantSpec)

Endpoint is an endpoint for monitoring, logging and other services around the plant.

FieldDescription
name
string

Name is the name of the endpoint

url
string

URL is the url of the endpoint

purpose
string

Purpose is the purpose of the endpoint

ErrorCode (string alias)

(Appears on: Condition, LastError)

ErrorCode is a string alias.

ExpirableVersion

(Appears on: KubernetesSettings, MachineImage)

ExpirableVersion contains a version and an expiration date.

FieldDescription
version
string

Version is the version identifier.

expirationDate
Kubernetes meta/v1.Time
(Optional)

ExpirationDate defines the time at which this version expires.

classification
VersionClassification
(Optional)

Classification defines the state of a version (preview, supported, deprecated)

Extension

(Appears on: ShootSpec)

Extension contains type and provider information for Shoot extensions.

FieldDescription
type
string

Type is the type of the extension resource.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the configuration passed to extension resource.

disabled
bool
(Optional)

Disabled allows to disable extensions that were marked as ‘globally enabled’ by Gardener administrators.

Gardener

(Appears on: SeedStatus, ShootStatus)

Gardener holds the information about the Gardener version that operated a resource.

FieldDescription
id
string

ID is the Docker container id of the Gardener which last acted on a resource.

name
string

Name is the hostname (pod name) of the Gardener which last acted on a resource.

version
string

Version is the version of the Gardener which last acted on a resource.

Hibernation

(Appears on: ShootSpec)

Hibernation contains information whether the Shoot is suspended or not.

FieldDescription
enabled
bool
(Optional)

Enabled specifies whether the Shoot needs to be hibernated or not. If it is true, the Shoot’s desired state is to be hibernated. If it is false or nil, the Shoot’s desired state is to be awaken.

schedules
[]HibernationSchedule
(Optional)

Schedules determine the hibernation schedules.

HibernationSchedule

(Appears on: Hibernation)

HibernationSchedule determines the hibernation schedule of a Shoot. A Shoot will be regularly hibernated at each start time and will be woken up at each end time. Start or End can be omitted, though at least one of each has to be specified.

FieldDescription
start
string
(Optional)

Start is a Cron spec at which time a Shoot will be hibernated.

end
string
(Optional)

End is a Cron spec at which time a Shoot will be woken up.

location
string
(Optional)

Location is the time location in which both start and and shall be evaluated.

HorizontalPodAutoscalerConfig

(Appears on: KubeControllerManagerConfig)

HorizontalPodAutoscalerConfig contains horizontal pod autoscaler configuration settings for the kube-controller-manager. Note: Descriptions were taken from the Kubernetes documentation.

FieldDescription
cpuInitializationPeriod
Kubernetes meta/v1.Duration
(Optional)

The period after which a ready pod transition is considered to be the first.

downscaleDelay
Kubernetes meta/v1.Duration
(Optional)

The period since last downscale, before another downscale can be performed in horizontal pod autoscaler.

downscaleStabilization
Kubernetes meta/v1.Duration
(Optional)

The configurable window at which the controller will choose the highest recommendation for autoscaling.

initialReadinessDelay
Kubernetes meta/v1.Duration
(Optional)

The configurable period at which the horizontal pod autoscaler considers a Pod “not yet ready” given that it’s unready and it has transitioned to unready during that time.

syncPeriod
Kubernetes meta/v1.Duration
(Optional)

The period for syncing the number of pods in horizontal pod autoscaler.

tolerance
float64
(Optional)

The minimum change (from 1.0) in the desired-to-actual metrics ratio for the horizontal pod autoscaler to consider scaling.

upscaleDelay
Kubernetes meta/v1.Duration
(Optional)

The period since last upscale, before another upscale can be performed in horizontal pod autoscaler.

KubeAPIServerConfig

(Appears on: Kubernetes)

KubeAPIServerConfig contains configuration settings for the kube-apiserver.

FieldDescription
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

admissionPlugins
[]AdmissionPlugin
(Optional)

AdmissionPlugins contains the list of user-defined admission plugins (additional to those managed by Gardener), and, if desired, the corresponding configuration.

apiAudiences
[]string
(Optional)

APIAudiences are the identifiers of the API. The service account token authenticator will validate that tokens used against the API are bound to at least one of these audiences. Defaults to [“kubernetes”].

auditConfig
AuditConfig
(Optional)

AuditConfig contains configuration settings for the audit of the kube-apiserver.

enableBasicAuthentication
bool
(Optional)

EnableBasicAuthentication defines whether basic authentication should be enabled for this cluster or not.

oidcConfig
OIDCConfig
(Optional)

OIDCConfig contains configuration settings for the OIDC provider.

runtimeConfig
map[string]bool
(Optional)

RuntimeConfig contains information about enabled or disabled APIs.

serviceAccountConfig
ServiceAccountConfig
(Optional)

ServiceAccountConfig contains configuration settings for the service account handling of the kube-apiserver.

KubeControllerManagerConfig

(Appears on: Kubernetes)

KubeControllerManagerConfig contains configuration settings for the kube-controller-manager.

FieldDescription
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

horizontalPodAutoscaler
HorizontalPodAutoscalerConfig
(Optional)

HorizontalPodAutoscalerConfig contains horizontal pod autoscaler configuration settings for the kube-controller-manager.

nodeCIDRMaskSize
int32
(Optional)

NodeCIDRMaskSize defines the mask size for node cidr in cluster (default is 24)

KubeProxyConfig

(Appears on: Kubernetes)

KubeProxyConfig contains configuration settings for the kube-proxy.

FieldDescription
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

mode
ProxyMode
(Optional)

Mode specifies which proxy mode to use. defaults to IPTables.

KubeSchedulerConfig

(Appears on: Kubernetes)

KubeSchedulerConfig contains configuration settings for the kube-scheduler.

FieldDescription
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

kubeMaxPDVols
string
(Optional)

KubeMaxPDVols allows to configure the KUBE_MAX_PD_VOLS environment variable for the kube-scheduler. Please find more information here: https://kubernetes.io/docs/concepts/storage/storage-limits/#custom-limits Note that using this field is considered alpha-/experimental-level and is on your own risk. You should be aware of all the side-effects and consequences when changing it.

KubeletConfig

(Appears on: Kubernetes, WorkerKubernetes)

KubeletConfig contains configuration settings for the kubelet.

FieldDescription
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

cpuCFSQuota
bool
(Optional)

CPUCFSQuota allows you to disable/enable CPU throttling for Pods.

cpuManagerPolicy
string
(Optional)

CPUManagerPolicy allows to set alternative CPU management policies (default: none).

evictionHard
KubeletConfigEviction
(Optional)

EvictionHard describes a set of eviction thresholds (e.g. memory.available<1Gi) that if met would trigger a Pod eviction. Default: memory.available: “100Mi/1Gi/5%” nodefs.available: “5%” nodefs.inodesFree: “5%” imagefs.available: “5%” imagefs.inodesFree: “5%”

evictionMaxPodGracePeriod
int32
(Optional)

EvictionMaxPodGracePeriod describes the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. Default: 90

evictionMinimumReclaim
KubeletConfigEvictionMinimumReclaim
(Optional)

EvictionMinimumReclaim configures the amount of resources below the configured eviction threshold that the kubelet attempts to reclaim whenever the kubelet observes resource pressure. Default: 0 for each resource

evictionPressureTransitionPeriod
Kubernetes meta/v1.Duration
(Optional)

EvictionPressureTransitionPeriod is the duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. Default: 4m0s

evictionSoft
KubeletConfigEviction
(Optional)

EvictionSoft describes a set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a Pod eviction. Default: memory.available: “200Mi/1.5Gi/10%” nodefs.available: “10%” nodefs.inodesFree: “10%” imagefs.available: “10%” imagefs.inodesFree: “10%”

evictionSoftGracePeriod
KubeletConfigEvictionSoftGracePeriod
(Optional)

EvictionSoftGracePeriod describes a set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a Pod eviction. Default: memory.available: 1m30s nodefs.available: 1m30s nodefs.inodesFree: 1m30s imagefs.available: 1m30s imagefs.inodesFree: 1m30s

maxPods
int32
(Optional)

MaxPods is the maximum number of Pods that are allowed by the Kubelet. Default: 110

podPidsLimit
int64
(Optional)

PodPIDsLimit is the maximum number of process IDs per pod allowed by the kubelet.

imagePullProgressDeadline
Kubernetes meta/v1.Duration
(Optional)

ImagePullProgressDeadline describes the time limit under which if no pulling progress is made, the image pulling will be cancelled. Default: 1m

failSwapOn
bool
(Optional)

FailSwapOn makes the Kubelet fail to start if swap is enabled on the node. (default true).

KubeletConfigEviction

(Appears on: KubeletConfig)

KubeletConfigEviction contains kubelet eviction thresholds supporting either a resource.Quantity or a percentage based value.

FieldDescription
memoryAvailable
string
(Optional)

MemoryAvailable is the threshold for the free memory on the host server.

imageFSAvailable
string
(Optional)

ImageFSAvailable is the threshold for the free disk space in the imagefs filesystem (docker images and container writable layers).

imageFSInodesFree
string
(Optional)

ImageFSInodesFree is the threshold for the available inodes in the imagefs filesystem.

nodeFSAvailable
string
(Optional)

NodeFSAvailable is the threshold for the free disk space in the nodefs filesystem (docker volumes, logs, etc).

nodeFSInodesFree
string
(Optional)

NodeFSInodesFree is the threshold for the available inodes in the nodefs filesystem.

KubeletConfigEvictionMinimumReclaim

(Appears on: KubeletConfig)

KubeletConfigEvictionMinimumReclaim contains configuration for the kubelet eviction minimum reclaim.

FieldDescription
memoryAvailable
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

MemoryAvailable is the threshold for the memory reclaim on the host server.

imageFSAvailable
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

ImageFSAvailable is the threshold for the disk space reclaim in the imagefs filesystem (docker images and container writable layers).

imageFSInodesFree
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

ImageFSInodesFree is the threshold for the inodes reclaim in the imagefs filesystem.

nodeFSAvailable
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

NodeFSAvailable is the threshold for the disk space reclaim in the nodefs filesystem (docker volumes, logs, etc).

nodeFSInodesFree
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

NodeFSInodesFree is the threshold for the inodes reclaim in the nodefs filesystem.

KubeletConfigEvictionSoftGracePeriod

(Appears on: KubeletConfig)

KubeletConfigEvictionSoftGracePeriod contains grace periods for kubelet eviction thresholds.

FieldDescription
memoryAvailable
Kubernetes meta/v1.Duration
(Optional)

MemoryAvailable is the grace period for the MemoryAvailable eviction threshold.

imageFSAvailable
Kubernetes meta/v1.Duration
(Optional)

ImageFSAvailable is the grace period for the ImageFSAvailable eviction threshold.

imageFSInodesFree
Kubernetes meta/v1.Duration
(Optional)

ImageFSInodesFree is the grace period for the ImageFSInodesFree eviction threshold.

nodeFSAvailable
Kubernetes meta/v1.Duration
(Optional)

NodeFSAvailable is the grace period for the NodeFSAvailable eviction threshold.

nodeFSInodesFree
Kubernetes meta/v1.Duration
(Optional)

NodeFSInodesFree is the grace period for the NodeFSInodesFree eviction threshold.

Kubernetes

(Appears on: ShootSpec)

Kubernetes contains the version and configuration variables for the Shoot control plane.

FieldDescription
allowPrivilegedContainers
bool
(Optional)

AllowPrivilegedContainers indicates whether privileged containers are allowed in the Shoot (default: true).

clusterAutoscaler
ClusterAutoscaler
(Optional)

ClusterAutoscaler contains the configuration flags for the Kubernetes cluster autoscaler.

kubeAPIServer
KubeAPIServerConfig
(Optional)

KubeAPIServer contains configuration settings for the kube-apiserver.

kubeControllerManager
KubeControllerManagerConfig
(Optional)

KubeControllerManager contains configuration settings for the kube-controller-manager.

kubeScheduler
KubeSchedulerConfig
(Optional)

KubeScheduler contains configuration settings for the kube-scheduler.

kubeProxy
KubeProxyConfig
(Optional)

KubeProxy contains configuration settings for the kube-proxy.

kubelet
KubeletConfig
(Optional)

Kubelet contains configuration settings for the kubelet.

version
string

Version is the semantic Kubernetes version to use for the Shoot cluster.

verticalPodAutoscaler
VerticalPodAutoscaler
(Optional)

VerticalPodAutoscaler contains the configuration flags for the Kubernetes vertical pod autoscaler.

KubernetesConfig

(Appears on: KubeAPIServerConfig, KubeControllerManagerConfig, KubeProxyConfig, KubeSchedulerConfig, KubeletConfig)

KubernetesConfig contains common configuration fields for the control plane components.

FieldDescription
featureGates
map[string]bool
(Optional)

FeatureGates contains information about enabled feature gates.

KubernetesDashboard

(Appears on: Addons)

KubernetesDashboard describes configuration values for the kubernetes-dashboard addon.

FieldDescription
Addon
Addon

(Members of Addon are embedded into this type.)

authenticationMode
string
(Optional)

AuthenticationMode defines the authentication mode for the kubernetes-dashboard.

KubernetesInfo

(Appears on: ClusterInfo)

KubernetesInfo contains the version and configuration variables for the Plant cluster.

FieldDescription
version
string

Version is the semantic Kubernetes version to use for the Plant cluster.

KubernetesSettings

(Appears on: CloudProfileSpec)

KubernetesSettings contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

FieldDescription
versions
[]ExpirableVersion
(Optional)

Versions is the list of allowed Kubernetes versions with optional expiration dates for Shoot clusters.

LastError

(Appears on: BackupBucketStatus, BackupEntryStatus, ShootStatus)

LastError indicates the last occurred error for an operation on a resource.

FieldDescription
description
string

A human readable message indicating details about the last error.

taskID
string
(Optional)

ID of the task which caused this last error

codes
[]ErrorCode
(Optional)

Well-defined error codes of the last error(s).

lastUpdateTime
Kubernetes meta/v1.Time
(Optional)

Last time the error was reported

LastOperation

(Appears on: BackupBucketStatus, BackupEntryStatus, ShootStatus)

LastOperation indicates the type and the state of the last operation, along with a description message and a progress indicator.

FieldDescription
description
string

A human readable message indicating details about the last operation.

lastUpdateTime
Kubernetes meta/v1.Time

Last time the operation state transitioned from one to another.

progress
int32

The progress in percentage (0-100) of the last operation.

state
LastOperationState

Status of the last operation, one of Aborted, Processing, Succeeded, Error, Failed.

type
LastOperationType

Type of the last operation, one of Create, Reconcile, Delete.

LastOperationState (string alias)

(Appears on: LastOperation)

LastOperationState is a string alias.

LastOperationType (string alias)

(Appears on: LastOperation)

LastOperationType is a string alias.

Machine

(Appears on: Worker)

Machine contains information about the machine type and image.

FieldDescription
type
string

Type is the machine type of the worker group.

image
ShootMachineImage
(Optional)

Image holds information about the machine image to use for all nodes of this pool. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided.

MachineImage

(Appears on: CloudProfileSpec)

MachineImage defines the name and multiple versions of the machine image in any environment.

FieldDescription
name
string

Name is the name of the image.

versions
[]ExpirableVersion

Versions contains versions and expiration dates of the machine image

MachineType

(Appears on: CloudProfileSpec)

MachineType contains certain properties of a machine type.

FieldDescription
cpu
k8s.io/apimachinery/pkg/api/resource.Quantity

CPU is the number of CPUs for this machine type.

gpu
k8s.io/apimachinery/pkg/api/resource.Quantity

GPU is the number of GPUs for this machine type.

memory
k8s.io/apimachinery/pkg/api/resource.Quantity

Memory is the amount of memory for this machine type.

name
string

Name is the name of the machine type.

storage
MachineTypeStorage
(Optional)

Storage is the amount of storage associated with the root volume of this machine type.

usable
bool
(Optional)

Usable defines if the machine type can be used for shoot clusters.

MachineTypeStorage

(Appears on: MachineType)

MachineTypeStorage is the amount of storage associated with the root volume of this machine type.

FieldDescription
class
string

Class is the class of the storage type.

size
k8s.io/apimachinery/pkg/api/resource.Quantity

StorageSize is the storage size.

type
string

Type is the type of the storage.

Maintenance

(Appears on: ShootSpec)

Maintenance contains information about the time window for maintenance operations and which operations should be performed.

FieldDescription
autoUpdate
MaintenanceAutoUpdate
(Optional)

AutoUpdate contains information about which constraints should be automatically updated.

timeWindow
MaintenanceTimeWindow
(Optional)

TimeWindow contains information about the time window for maintenance operations.

confineSpecUpdateRollout
bool
(Optional)

ConfineSpecUpdateRollout prevents that changes/updates to the shoot specification will be rolled out immediately. Instead, they are rolled out during the shoot’s maintenance time window. There is one exception that will trigger an immediate roll out which is changes to the Spec.Hibernation.Enabled field.

MaintenanceAutoUpdate

(Appears on: Maintenance)

MaintenanceAutoUpdate contains information about which constraints should be automatically updated.

FieldDescription
kubernetesVersion
bool

KubernetesVersion indicates whether the patch Kubernetes version may be automatically updated (default: true).

machineImageVersion
bool

MachineImageVersion indicates whether the machine image version may be automatically updated (default: true).

MaintenanceTimeWindow

(Appears on: Maintenance)

MaintenanceTimeWindow contains information about the time window for maintenance operations.

FieldDescription
begin
string

Begin is the beginning of the time window in the format HHMMSS+ZONE, e.g. “220000+0100”. If not present, a random value will be computed.

end
string

End is the end of the time window in the format HHMMSS+ZONE, e.g. “220000+0100”. If not present, the value will be computed based on the “Begin” value.

Monitoring

(Appears on: ShootSpec)

Monitoring contains information about the monitoring configuration for the shoot.

FieldDescription
alerting
Alerting
(Optional)

Alerting contains information about the alerting configuration for the shoot cluster.

NamedResourceReference

(Appears on: ShootSpec)

NamedResourceReference is a named reference to a resource.

FieldDescription
name
string

Name of the resource reference.

resourceRef
Kubernetes autoscaling/v1.CrossVersionObjectReference

ResourceRef is a reference to a resource.

Networking

(Appears on: ShootSpec)

Networking defines networking parameters for the shoot cluster.

FieldDescription
type
string

Type identifies the type of the networking plugin.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the configuration passed to network resource.

pods
string
(Optional)

Pods is the CIDR of the pod network.

nodes
string
(Optional)

Nodes is the CIDR of the entire node network.

services
string
(Optional)

Services is the CIDR of the service network.

NginxIngress

(Appears on: Addons)

NginxIngress describes configuration values for the nginx-ingress addon.

FieldDescription
Addon
Addon

(Members of Addon are embedded into this type.)

loadBalancerSourceRanges
[]string
(Optional)

LoadBalancerSourceRanges is list of whitelist IP sources for NginxIngress

config
map[string]string
(Optional)

Config contains custom configuration for the nginx-ingress-controller configuration. See https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/configmap.md#configuration-options

externalTrafficPolicy
Kubernetes core/v1.ServiceExternalTrafficPolicyType
(Optional)

ExternalTrafficPolicy controls the .spec.externalTrafficPolicy value of the load balancer Service exposing the nginx-ingress. Defaults to Cluster.

OIDCConfig

(Appears on: KubeAPIServerConfig)

OIDCConfig contains configuration settings for the OIDC provider. Note: Descriptions were taken from the Kubernetes documentation.

FieldDescription
caBundle
string
(Optional)

If set, the OpenID server’s certificate will be verified by one of the authorities in the oidc-ca-file, otherwise the host’s root CA set will be used.

clientAuthentication
OpenIDConnectClientAuthentication
(Optional)

ClientAuthentication can optionally contain client configuration used for kubeconfig generation.

clientID
string
(Optional)

The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set.

groupsClaim
string
(Optional)

If provided, the name of a custom OpenID Connect claim for specifying user groups. The claim value is expected to be a string or array of strings. This flag is experimental, please see the authentication documentation for further details.

groupsPrefix
string
(Optional)

If provided, all groups will be prefixed with this value to prevent conflicts with other authentication strategies.

issuerURL
string
(Optional)

The URL of the OpenID issuer, only HTTPS scheme will be accepted. If set, it will be used to verify the OIDC JSON Web Token (JWT).

requiredClaims
map[string]string
(Optional)

ATTENTION: Only meaningful for Kubernetes >= 1.11 key=value pairs that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value.

signingAlgs
[]string
(Optional)

List of allowed JOSE asymmetric signing algorithms. JWTs with a ‘alg’ header value not in this list will be rejected. Values are defined by RFC 7518 https://tools.ietf.org/html/rfc7518#section-3.1

usernameClaim
string
(Optional)

The OpenID claim to use as the user name. Note that claims other than the default (‘sub’) is not guaranteed to be unique and immutable. This flag is experimental, please see the authentication documentation for further details. (default “sub”)

usernamePrefix
string
(Optional)

If provided, all usernames will be prefixed with this value. If not provided, username claims other than ‘email’ are prefixed by the issuer URL to avoid clashes. To skip any prefixing, provide the value ‘-’.

OpenIDConnectClientAuthentication

(Appears on: OIDCConfig)

OpenIDConnectClientAuthentication contains configuration for OIDC clients.

FieldDescription
extraConfig
map[string]string
(Optional)

Extra configuration added to kubeconfig’s auth-provider. Must not be any of idp-issuer-url, client-id, client-secret, idp-certificate-authority, idp-certificate-authority-data, id-token or refresh-token

secret
string
(Optional)

The client Secret for the OpenID Connect client.

PlantSpec

(Appears on: Plant)

PlantSpec is the specification of a Plant.

FieldDescription
secretRef
Kubernetes core/v1.LocalObjectReference

SecretRef is a reference to a Secret object containing the Kubeconfig of the external kubernetes clusters to be added to Gardener.

endpoints
[]Endpoint
(Optional)

Endpoints is the configuration plant endpoints

PlantStatus

(Appears on: Plant)

PlantStatus is the status of a Plant.

FieldDescription
conditions
[]Condition
(Optional)

Conditions represents the latest available observations of a Plant’s current state.

observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this Plant. It corresponds to the Plant’s generation, which is updated on mutation by the API Server.

clusterInfo
ClusterInfo

ClusterInfo is additional computed information about the newly added cluster (Plant)

ProjectMember

(Appears on: ProjectSpec)

ProjectMember is a member of a project.

FieldDescription
Subject
Kubernetes rbac/v1.Subject

(Members of Subject are embedded into this type.)

Subject is representing a user name, an email address, or any other identifier of a user, group, or service account that has a certain role.

role
string

Role represents the role of this member. IMPORTANT: Be aware that this field will be removed in the v1 version of this API in favor of the roles list. TODO: Remove this field in favor of the owner role in v1.

roles
[]string
(Optional)

Roles represents the list of roles of this member.

ProjectPhase (string alias)

(Appears on: ProjectStatus)

ProjectPhase is a label for the condition of a project at the current time.

ProjectSpec

(Appears on: Project)

ProjectSpec is the specification of a Project.

FieldDescription
createdBy
Kubernetes rbac/v1.Subject
(Optional)

CreatedBy is a subject representing a user name, an email address, or any other identifier of a user who created the project.

description
string
(Optional)

Description is a human-readable description of what the project is used for.

owner
Kubernetes rbac/v1.Subject
(Optional)

Owner is a subject representing a user name, an email address, or any other identifier of a user owning the project. IMPORTANT: Be aware that this field will be removed in the v1 version of this API in favor of the owner role. The only way to change the owner will be by moving the owner role. In this API version the only way to change the owner is to use this field. TODO: Remove this field in favor of the owner role in v1.

purpose
string
(Optional)

Purpose is a human-readable explanation of the project’s purpose.

members
[]ProjectMember
(Optional)

Members is a list of subjects representing a user name, an email address, or any other identifier of a user, group, or service account that has a certain role.

namespace
string
(Optional)

Namespace is the name of the namespace that has been created for the Project object. A nil value means that Gardener will determine the name of the namespace.

tolerations
ProjectTolerations
(Optional)

Tolerations contains the tolerations for taints on seed clusters.

ProjectStatus

(Appears on: Project)

ProjectStatus holds the most recently observed status of the project.

FieldDescription
observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this project.

phase
ProjectPhase

Phase is the current phase of the project.

staleSinceTimestamp
Kubernetes meta/v1.Time
(Optional)

StaleSinceTimestamp contains the timestamp when the project was first discovered to be stale/unused.

staleAutoDeleteTimestamp
Kubernetes meta/v1.Time
(Optional)

StaleAutoDeleteTimestamp contains the timestamp when the project will be garbage-collected/automatically deleted because it’s stale/unused.

ProjectTolerations

(Appears on: ProjectSpec)

ProjectTolerations contains the tolerations for taints on seed clusters.

FieldDescription
defaults
[]Toleration
(Optional)

Defaults contains a list of tolerations that are added to the shoots in this project by default.

whitelist
[]Toleration
(Optional)

Whitelist contains a list of tolerations that are allowed to be added to the shoots in this project. Please note that this list may only be added by users having the spec-tolerations-whitelist verb for project resources.

Provider

(Appears on: ShootSpec)

Provider contains provider-specific information that are handed-over to the provider-specific extension controller.

FieldDescription
type
string

Type is the type of the provider.

controlPlaneConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ControlPlaneConfig contains the provider-specific control plane config blob. Please look up the concrete definition in the documentation of your provider extension.

infrastructureConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

InfrastructureConfig contains the provider-specific infrastructure config blob. Please look up the concrete definition in the documentation of your provider extension.

workers
[]Worker

Workers is a list of worker groups.

ProxyMode (string alias)

(Appears on: KubeProxyConfig)

ProxyMode available in Linux platform: ‘userspace’ (older, going to be EOL), ‘iptables’ (newer, faster), ‘ipvs’ (newest, better in performance and scalability). As of now only ‘iptables’ and ‘ipvs’ is supported by Gardener. In Linux platform, if the iptables proxy is selected, regardless of how, but the system’s kernel or iptables versions are insufficient, this always falls back to the userspace proxy. IPVS mode will be enabled when proxy mode is set to ‘ipvs’, and the fall back path is firstly iptables and then userspace.

QuotaSpec

(Appears on: Quota)

QuotaSpec is the specification of a Quota.

FieldDescription
clusterLifetimeDays
int32
(Optional)

ClusterLifetimeDays is the lifetime of a Shoot cluster in days before it will be terminated automatically.

metrics
Kubernetes core/v1.ResourceList

Metrics is a list of resources which will be put under constraints.

scope
Kubernetes core/v1.ObjectReference

Scope is the scope of the Quota object, either ‘project’ or ‘secret’.

Region

(Appears on: CloudProfileSpec)

Region contains certain properties of a region.

FieldDescription
name
string

Name is a region name.

zones
[]AvailabilityZone
(Optional)

Zones is a list of availability zones in this region.

labels
map[string]string
(Optional)

Labels is an optional set of key-value pairs that contain certain administrator-controlled labels for this region. It can be used by Gardener administrators/operators to provide additional information about a region, e.g. wrt quality, reliability, access restrictions, etc.

SeedBackup

(Appears on: SeedSpec)

SeedBackup contains the object store configuration for backups for shoot (currently only etcd).

FieldDescription
provider
string

Provider is a provider name.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the configuration passed to BackupBucket resource.

region
string
(Optional)

Region is a region name.

secretRef
Kubernetes core/v1.SecretReference

SecretRef is a reference to a Secret object containing the cloud provider credentials for the object store where backups should be stored. It should have enough privileges to manipulate the objects as well as buckets.

SeedDNS

(Appears on: SeedSpec)

SeedDNS contains DNS-relevant information about this seed cluster.

FieldDescription
ingressDomain
string

IngressDomain is the domain of the Seed cluster pointing to the ingress controller endpoint. It will be used to construct ingress URLs for system applications running in Shoot clusters.

SeedNetworks

(Appears on: SeedSpec)

SeedNetworks contains CIDRs for the pod, service and node networks of a Kubernetes cluster.

FieldDescription
nodes
string
(Optional)

Nodes is the CIDR of the node network.

pods
string

Pods is the CIDR of the pod network.

services
string

Services is the CIDR of the service network.

shootDefaults
ShootNetworks
(Optional)

ShootDefaults contains the default networks CIDRs for shoots.

blockCIDRs
[]string
(Optional)

BlockCIDRs is a list of network addresses that should be blocked for shoot control plane components running in the seed cluster.

SeedProvider

(Appears on: SeedSpec)

SeedProvider defines the provider type and region for this Seed cluster.

FieldDescription
type
string

Type is the name of the provider.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the configuration passed to Seed resource.

region
string

Region is a name of a region.

SeedSettingExcessCapacityReservation

(Appears on: SeedSettings)

SeedSettingExcessCapacityReservation controls the excess capacity reservation for shoot control planes in the seed. When enabled then this is done via PodPriority and requires the Seed cluster to have Kubernetes version 1.11 or the PodPriority feature gate as well as the scheduling.k8s.io/v1alpha1 API group enabled.

FieldDescription
enabled
bool

Enabled controls whether the excess capacity reservation should be enabled.

SeedSettingLoadBalancerServices

(Appears on: SeedSettings)

SeedSettingLoadBalancerServices controls certain settings for services of type load balancer that are created in the seed.

FieldDescription
annotations
map[string]string
(Optional)

Annotations is a map of annotations that will be injected/merged into every load balancer service object.

SeedSettingScheduling

(Appears on: SeedSettings)

SeedSettingScheduling controls settings for scheduling decisions for the seed.

FieldDescription
visible
bool

Visible controls whether the gardener-scheduler shall consider this seed when scheduling shoots. Invisible seeds are not considered by the scheduler.

SeedSettingShootDNS

(Appears on: SeedSettings)

SeedSettingShootDNS controls the shoot DNS settings for the seed.

FieldDescription
enabled
bool

Enabled controls whether the DNS for shoot clusters should be enabled. When disabled then all shoots using the seed won’t get any DNS providers, DNS records, and no DNS extension controller is required to be installed here. This is useful for environments where DNS is not required.

SeedSettingVerticalPodAutoscaler

(Appears on: SeedSettings)

SeedSettingVerticalPodAutoscaler controls certain settings for the vertical pod autoscaler components deployed in the seed.

FieldDescription
enabled
bool

Enabled controls whether the VPA components shall be deployed into the garden namespace in the seed cluster. It is enabled by default because Gardener heavily relies on a VPA being deployed. You should only disable this if your seed cluster already has another, manually/custom managed VPA deployment.

SeedSettings

(Appears on: SeedSpec)

SeedSettings contains certain settings for this seed cluster.

FieldDescription
excessCapacityReservation
SeedSettingExcessCapacityReservation
(Optional)

ExcessCapacityReservation controls the excess capacity reservation for shoot control planes in the seed.

scheduling
SeedSettingScheduling
(Optional)

Scheduling controls settings for scheduling decisions for the seed.

shootDNS
SeedSettingShootDNS
(Optional)

ShootDNS controls the shoot DNS settings for the seed.

loadBalancerServices
SeedSettingLoadBalancerServices
(Optional)

LoadBalancerServices controls certain settings for services of type load balancer that are created in the seed.

verticalPodAutoscaler
SeedSettingVerticalPodAutoscaler
(Optional)

VerticalPodAutoscaler controls certain settings for the vertical pod autoscaler components deployed in the seed.

SeedSpec

(Appears on: Seed)

SeedSpec is the specification of a Seed.

FieldDescription
backup
SeedBackup
(Optional)

Backup holds the object store configuration for the backups of shoot (currently only etcd). If it is not specified, then there won’t be any backups taken for shoots associated with this seed. If backup field is present in seed, then backups of the etcd from shoot control plane will be stored under the configured object store.

dns
SeedDNS

DNS contains DNS-relevant information about this seed cluster.

networks
SeedNetworks

Networks defines the pod, service and worker network of the Seed cluster.

provider
SeedProvider

Provider defines the provider type and region for this Seed cluster.

secretRef
Kubernetes core/v1.SecretReference
(Optional)

SecretRef is a reference to a Secret object containing the Kubeconfig and the cloud provider credentials for the account the Seed cluster has been deployed to.

taints
[]SeedTaint
(Optional)

Taints describes taints on the seed.

volume
SeedVolume
(Optional)

Volume contains settings for persistentvolumes created in the seed cluster.

settings
SeedSettings
(Optional)

Settings contains certain settings for this seed cluster.

SeedStatus

(Appears on: Seed)

SeedStatus is the status of a Seed.

FieldDescription
gardener
Gardener
(Optional)

Gardener holds information about the Gardener which last acted on the Shoot.

kubernetesVersion
string
(Optional)

KubernetesVersion is the Kubernetes version of the seed cluster.

conditions
[]Condition
(Optional)

Conditions represents the latest available observations of a Seed’s current state.

observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this Seed. It corresponds to the Seed’s generation, which is updated on mutation by the API Server.

SeedTaint

(Appears on: SeedSpec)

SeedTaint describes a taint on a seed.

FieldDescription
key
string

Key is the taint key to be applied to a seed.

value
string
(Optional)

Value is the taint value corresponding to the taint key.

SeedVolume

(Appears on: SeedSpec)

SeedVolume contains settings for persistentvolumes created in the seed cluster.

FieldDescription
minimumSize
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

MinimumSize defines the minimum size that should be used for PVCs in the seed.

providers
[]SeedVolumeProvider
(Optional)

Providers is a list of storage class provisioner types for the seed.

SeedVolumeProvider

(Appears on: SeedVolume)

SeedVolumeProvider is a storage class provisioner type.

FieldDescription
purpose
string

Purpose is the purpose of this provider.

name
string

Name is the name of the storage class provisioner type.

ServiceAccountConfig

(Appears on: KubeAPIServerConfig)

ServiceAccountConfig is the kube-apiserver configuration for service accounts.

FieldDescription
issuer
string
(Optional)

Issuer is the identifier of the service account token issuer. The issuer will assert this identifier in “iss” claim of issued tokens. This value is a string or URI. Defaults to URI of the API server.

signingKeySecretName
Kubernetes core/v1.LocalObjectReference
(Optional)

SigningKeySecret is a reference to a secret that contains an optional private key of the service account token issuer. The issuer will sign issued ID tokens with this private key. Only useful if service account tokens are also issued by another external system.

ShootMachineImage

(Appears on: Machine)

ShootMachineImage defines the name and the version of the shoot’s machine image in any environment. Has to be defined in the respective CloudProfile.

FieldDescription
name
string

Name is the name of the image.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the shoot’s individual configuration passed to an extension resource.

version
string
(Optional)

Version is the version of the shoot’s image. If version is not provided, it will be defaulted to the latest version from the CloudProfile.

ShootNetworks

(Appears on: SeedNetworks)

ShootNetworks contains the default networks CIDRs for shoots.

FieldDescription
pods
string
(Optional)

Pods is the CIDR of the pod network.

services
string
(Optional)

Services is the CIDR of the service network.

ShootPurpose (string alias)

(Appears on: ShootSpec)

ShootPurpose is a type alias for string.

ShootSpec

(Appears on: Shoot)

ShootSpec is the specification of a Shoot.

FieldDescription
addons
Addons
(Optional)

Addons contains information about enabled/disabled addons and their configuration.

cloudProfileName
string

CloudProfileName is a name of a CloudProfile object.

dns
DNS
(Optional)

DNS contains information about the DNS settings of the Shoot.

extensions
[]Extension
(Optional)

Extensions contain type and provider information for Shoot extensions.

hibernation
Hibernation
(Optional)

Hibernation contains information whether the Shoot is suspended or not.

kubernetes
Kubernetes

Kubernetes contains the version and configuration settings of the control plane components.

networking
Networking

Networking contains information about cluster networking such as CNI Plugin type, CIDRs, …etc.

maintenance
Maintenance
(Optional)

Maintenance contains information about the time window for maintenance operations and which operations should be performed.

monitoring
Monitoring
(Optional)

Monitoring contains information about custom monitoring configurations for the shoot.

provider
Provider

Provider contains all provider-specific and provider-relevant information.

purpose
ShootPurpose
(Optional)

Purpose is the purpose class for this cluster.

region
string

Region is a name of a region.

secretBindingName
string

SecretBindingName is the name of the a SecretBinding that has a reference to the provider secret. The credentials inside the provider secret will be used to create the shoot in the respective account.

seedName
string
(Optional)

SeedName is the name of the seed cluster that runs the control plane of the Shoot.

seedSelector
Kubernetes meta/v1.LabelSelector
(Optional)

SeedSelector is an optional selector which must match a seed’s labels for the shoot to be scheduled on that seed.

resources
[]NamedResourceReference
(Optional)

Resources holds a list of named resource references that can be referred to in extension configs by their names.

tolerations
[]Toleration
(Optional)

Tolerations contains the tolerations for taints on seed clusters.

ShootStatus

(Appears on: Shoot)

ShootStatus holds the most recently observed status of the Shoot cluster.

FieldDescription
conditions
[]Condition
(Optional)

Conditions represents the latest available observations of a Shoots’s current state.

constraints
[]Condition
(Optional)

Constraints represents conditions of a Shoot’s current state that constraint some operations on it.

gardener
Gardener

Gardener holds information about the Gardener which last acted on the Shoot.

hibernated
bool

IsHibernated indicates whether the Shoot is currently hibernated.

lastOperation
LastOperation
(Optional)

LastOperation holds information about the last operation on the Shoot.

lastErrors
[]LastError
(Optional)

LastErrors holds information about the last occurred error(s) during an operation.

observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this Shoot. It corresponds to the Shoot’s generation, which is updated on mutation by the API Server.

retryCycleStartTime
Kubernetes meta/v1.Time
(Optional)

RetryCycleStartTime is the start time of the last retry cycle (used to determine how often an operation must be retried until we give up).

seedName
string
(Optional)

SeedName is the name of the seed cluster that runs the control plane of the Shoot. This value is only written after a successful create/reconcile operation. It will be used when control planes are moved between Seeds.

technicalID
string

TechnicalID is the name that is used for creating the Seed namespace, the infrastructure resources, and basically everything that is related to this particular Shoot.

uid
k8s.io/apimachinery/pkg/types.UID

UID is a unique identifier for the Shoot cluster to avoid portability between Kubernetes clusters. It is used to compute unique hashes.

Toleration

(Appears on: ProjectTolerations, ShootSpec)

Toleration is a toleration for a seed taint.

FieldDescription
key
string

Key is the toleration key to be applied to a project or shoot.

value
string
(Optional)

Value is the toleration value corresponding to the toleration key.

VersionClassification (string alias)

(Appears on: ExpirableVersion)

VersionClassification is the logical state of a version according to https://github.com/gardener/gardener/blob/master/docs/operations/versioning.md

VerticalPodAutoscaler

(Appears on: Kubernetes)

VerticalPodAutoscaler contains the configuration flags for the Kubernetes vertical pod autoscaler.

FieldDescription
enabled
bool

Enabled specifies whether the Kubernetes VPA shall be enabled for the shoot cluster.

evictAfterOOMThreshold
Kubernetes meta/v1.Duration
(Optional)

EvictAfterOOMThreshold defines the threshold that will lead to pod eviction in case it OOMed in less than the given threshold since its start and if it has only one container (default: 10m0s).

evictionRateBurst
int32
(Optional)

EvictionRateBurst defines the burst of pods that can be evicted (default: 1)

evictionRateLimit
float64
(Optional)

EvictionRateLimit defines the number of pods that can be evicted per second. A rate limit set to 0 or -1 will disable the rate limiter (default: -1).

evictionTolerance
float64
(Optional)

EvictionTolerance defines the fraction of replica count that can be evicted for update in case more than one pod can be evicted (default: 0.5).

recommendationMarginFraction
float64
(Optional)

RecommendationMarginFraction is the fraction of usage added as the safety margin to the recommended request (default: 0.15).

updaterInterval
Kubernetes meta/v1.Duration
(Optional)

UpdaterInterval is the interval how often the updater should run (default: 1m0s).

recommenderInterval
Kubernetes meta/v1.Duration
(Optional)

RecommenderInterval is the interval how often metrics should be fetched (default: 1m0s).

Volume

(Appears on: Worker)

Volume contains information about the volume type, size, and encryption.

FieldDescription
name
string
(Optional)

Name of the volume to make it referencable.

type
string
(Optional)

Type is the type of the volume.

size
string

VolumeSize is the size of the volume.

encrypted
bool
(Optional)

Encrypted determines if the volume should be encrypted.

VolumeType

(Appears on: CloudProfileSpec)

VolumeType contains certain properties of a volume type.

FieldDescription
class
string

Class is the class of the volume type.

name
string

Name is the name of the volume type.

usable
bool
(Optional)

Usable defines if the volume type can be used for shoot clusters.

Worker

(Appears on: Provider)

Worker is the base definition of a worker group.

FieldDescription
annotations
map[string]string
(Optional)

Annotations is a map of key/value pairs for annotations for all the Node objects in this worker pool.

caBundle
string
(Optional)

CABundle is a certificate bundle which will be installed onto every machine of this worker pool.

cri
CRI
(Optional)

CRI contains configurations of CRI support of every machine in the worker pool

kubernetes
WorkerKubernetes
(Optional)

Kubernetes contains configuration for Kubernetes components related to this worker pool.

labels
map[string]string
(Optional)

Labels is a map of key/value pairs for labels for all the Node objects in this worker pool.

name
string

Name is the name of the worker group.

machine
Machine

Machine contains information about the machine type and image.

maximum
int32

Maximum is the maximum number of VMs to create.

minimum
int32

Minimum is the minimum number of VMs to create.

maxSurge
k8s.io/apimachinery/pkg/util/intstr.IntOrString
(Optional)

MaxSurge is maximum number of VMs that are created during an update.

maxUnavailable
k8s.io/apimachinery/pkg/util/intstr.IntOrString
(Optional)

MaxUnavailable is the maximum number of VMs that can be unavailable during an update.

providerConfig
k8s.io/apimachinery/pkg/runtime.RawExtension
(Optional)

ProviderConfig is the provider-specific configuration for this worker pool.

taints
[]Kubernetes core/v1.Taint
(Optional)

Taints is a list of taints for all the Node objects in this worker pool.

volume
Volume
(Optional)

Volume contains information about the volume type and size.

dataVolumes
[]DataVolume
(Optional)

DataVolumes contains a list of additional worker volumes.

kubeletDataVolumeName
string
(Optional)

KubeletDataVolumeName contains the name of a dataVolume that should be used for storing kubelet state.

zones
[]string
(Optional)

Zones is a list of availability zones that are used to evenly distribute this worker pool. Optional as not every provider may support availability zones.

systemComponents
WorkerSystemComponents
(Optional)

SystemComponents contains configuration for system components related to this worker pool

WorkerKubernetes

(Appears on: Worker)

WorkerKubernetes contains configuration for Kubernetes components related to this worker pool.

FieldDescription
kubelet
KubeletConfig
(Optional)

Kubelet contains configuration settings for all kubelets of this worker pool.

WorkerSystemComponents

(Appears on: Worker)

WorkerSystemComponents contains configuration for system components related to this worker pool

FieldDescription
allow
bool

Allow determines whether the pool should be allowed to host system components or not (defaults to true)