Packages:

garden.sapcloud.io/v1beta1

Package v1beta1 is a version of the API.

Resource Types:

CloudProfile

CloudProfile represents certain properties about a cloud environment.

Field Description
apiVersion
string
garden.sapcloud.io/v1beta1
kind
string
CloudProfile
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
CloudProfileSpec
(Optional)

Spec defines the cloud environment properties.



aws
AWSProfile
(Optional)

AWS is the profile specification for the Amazon Web Services cloud.

azure
AzureProfile
(Optional)

Azure is the profile specification for the Microsoft Azure cloud.

gcp
GCPProfile
(Optional)

GCP is the profile specification for the Google Cloud Platform cloud.

openstack
OpenStackProfile
(Optional)

OpenStack is the profile specification for the OpenStack cloud.

alicloud
AlicloudProfile
(Optional)

Alicloud is the profile specification for the Alibaba cloud.

packet
PacketProfile
(Optional)

Packet is the profile specification for the Packet cloud.

caBundle
string
(Optional)

CABundle is a certificate bundle which will be installed onto every host machine of the Shoot cluster.

Project

Project holds certain properties about a Gardener project.

Field Description
apiVersion
string
garden.sapcloud.io/v1beta1
kind
string
Project
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
ProjectSpec
(Optional)

Spec defines the project properties.



createdBy
Kubernetes rbac/v1.Subject
(Optional)

CreatedBy is a subject representing a user name, an email address, or any other identifier of a user who created the project.

description
string
(Optional)

Description is a human-readable description of what the project is used for.

owner
Kubernetes rbac/v1.Subject
(Optional)

Owner is a subject representing a user name, an email address, or any other identifier of a user owning the project.

purpose
string
(Optional)

Purpose is a human-readable explanation of the project’s purpose.

members
[]Kubernetes rbac/v1.Subject
(Optional)

Members is a list of subjects representing a user name, an email address, or any other identifier of a user that should be part of this project with full permissions to manage it.

namespace
string
(Optional)

Namespace is the name of the namespace that has been created for the Project object. A nil value means that Gardener will determine the name of the namespace.

viewers
[]Kubernetes rbac/v1.Subject
(Optional)

Viewers is a list of subjects representing a user name, an email address, or any other identifier of a user that should be part of this project with limited permissions to only view some resources.

status
ProjectStatus
(Optional)

Most recently observed status of the Project.

Quota

Field Description
apiVersion
string
garden.sapcloud.io/v1beta1
kind
string
Quota
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
QuotaSpec
(Optional)

Spec defines the Quota constraints.



clusterLifetimeDays
int
(Optional)

ClusterLifetimeDays is the lifetime of a Shoot cluster in days before it will be terminated automatically.

metrics
Kubernetes core/v1.ResourceList

Metrics is a list of resources which will be put under constraints.

scope
QuotaScope

Scope is the scope of the Quota object, either ‘project’ or ‘secret’.

SecretBinding

Field Description
apiVersion
string
garden.sapcloud.io/v1beta1
kind
string
SecretBinding
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
secretRef
Kubernetes core/v1.SecretReference

SecretRef is a reference to a secret object in the same or another namespace.

quotas
[]Kubernetes core/v1.ObjectReference
(Optional)

Quotas is a list of references to Quota objects in the same or another namespace.

Seed

Seed holds certain properties about a Seed cluster.

Field Description
apiVersion
string
garden.sapcloud.io/v1beta1
kind
string
Seed
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
SeedSpec
(Optional)

Spec defines the Seed cluster properties.



cloud
SeedCloud

Cloud defines the cloud profile and the region this Seed cluster belongs to.

ingressDomain
string

IngressDomain is the domain of the Seed cluster pointing to the ingress controller endpoint. It will be used to construct ingress URLs for system applications running in Shoot clusters.

secretRef
Kubernetes core/v1.SecretReference
(Optional)

SecretRef is a reference to a Secret object containing the Kubeconfig and the cloud provider credentials for the account the Seed cluster has been deployed to.

networks
SeedNetworks

Networks defines the pod, service and worker network of the Seed cluster.

blockCIDRs
[]string
(Optional)

BlockCIDRs is a list of network addresses that should be blocked for shoot control plane components running in the seed cluster.

visible
bool
(Optional)

Visible labels the Seed cluster as selectable for the seedfinder admission controller.

protected
bool
(Optional)

Protected prevent that the Seed Cluster can be used for regular Shoot cluster control planes.

backup
BackupProfile
(Optional)

Backup holds the object store configuration for the backups of shoot(currently only etcd). If it is not specified, then there won’t be any backups taken for Shoots associated with this Seed. If backup field is present in Seed, then backups of the etcd from Shoot controlplane will be stored under the configured object store.

status
SeedStatus
(Optional)

Most recently observed status of the Seed cluster.

Shoot

Field Description
apiVersion
string
garden.sapcloud.io/v1beta1
kind
string
Shoot
metadata
Kubernetes meta/v1.ObjectMeta
(Optional)

Standard object metadata.

Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
ShootSpec
(Optional)

Specification of the Shoot cluster.



addons
Addons
(Optional)

Addons contains information about enabled/disabled addons and their configuration.

cloud
Cloud

Cloud contains information about the cloud environment and their specific settings.

dns
DNS
(Optional)

DNS contains information about the DNS settings of the Shoot.

extensions
[]Extension
(Optional)

Extensions contain type and provider information for Shoot extensions.

hibernation
Hibernation
(Optional)

Hibernation contains information whether the Shoot is suspended or not.

kubernetes
Kubernetes

Kubernetes contains the version and configuration settings of the control plane components.

networking
Networking

Networking contains information about cluster networking such as CNI Plugin type, CIDRs, …etc.

maintenance
Maintenance
(Optional)

Maintenance contains information about the time window for maintenance operations and which operations should be performed.

monitoring
Monitoring
(Optional)

Monitoring contains information about custom monitoring configurations for the shoot.

status
ShootStatus
(Optional)

Most recently observed status of the Shoot cluster.

AWSCloud

(Appears on: Cloud)

AWSCloud contains the Shoot specification for AWS.

Field Description
machineImage
ShootMachineImage
(Optional)

ShootMachineImage holds information about the machine image to use for all workers. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided.

networks
AWSNetworks

Networks holds information about the Kubernetes and infrastructure networks.

workers
[]AWSWorker

Workers is a list of worker groups.

zones
[]string

Zones is a list of availability zones to deploy the Shoot cluster to.

AWSConstraints

(Appears on: AWSProfile)

AWSConstraints is an object containing constraints for certain values in the Shoot specification.

Field Description
dnsProviders
[]DNSProviderConstraint
(Optional)

DNSProviders contains constraints regarding allowed values of the ‘dns.provider’ block in the Shoot specification.

kubernetes
KubernetesConstraints

Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

machineImages
[]MachineImage

MachineImages contains constraints regarding allowed values for machine images in the Shoot specification.

machineTypes
[]MachineType

MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification.

volumeTypes
[]VolumeType

VolumeTypes contains constraints regarding allowed values for volume types in the ‘workers’ block in the Shoot specification.

zones
[]Zone

Zones contains constraints regarding allowed values for ‘zones’ block in the Shoot specification.

AWSNetworks

(Appears on: AWSCloud)

AWSNetworks holds information about the Kubernetes and infrastructure networks.

Field Description
K8SNetworks
K8SNetworks

(Members of K8SNetworks are embedded into this type.)

vpc
AWSVPC

VPC indicates whether to use an existing VPC or create a new one.

internal
[]string

Internal is a list of private subnets to create (used for internal load balancers).

public
[]string

Public is a list of public subnets to create (used for bastion and load balancers).

workers
[]string

Workers is a list of worker subnets (private) to create (used for the VMs).

AWSProfile

(Appears on: CloudProfileSpec)

AWSProfile defines certain constraints and definitions for the AWS cloud.

Field Description
constraints
AWSConstraints

Constraints is an object containing constraints for certain values in the Shoot specification.

AWSVPC

(Appears on: AWSNetworks)

AWSVPC contains either an id (of an existing VPC) or the CIDR (for a VPC to be created).

Field Description
id
string
(Optional)

ID is the AWS VPC id of an existing VPC.

cidr
string
(Optional)

CIDR is a CIDR range for a new VPC.

AWSWorker

(Appears on: AWSCloud)

AWSWorker is the definition of a worker group.

Field Description
Worker
Worker

(Members of Worker are embedded into this type.)

volumeType
string

VolumeType is the type of the root volumes.

volumeSize
string

VolumeSize is the size of the root volume.

Addon

(Appears on: AddonClusterAutoscaler, Heapster, HelmTiller, Kube2IAM, KubeLego, KubernetesDashboard, Monocular, NginxIngress)

Addon also enabling or disabling a specific addon and is used to derive from.

Field Description
enabled
bool

Enabled indicates whether the addon is enabled or not.

AddonClusterAutoscaler

(Appears on: Addons)

ClusterAutoscaler describes configuration values for the cluster-autoscaler addon.

Field Description
Addon
Addon

(Members of Addon are embedded into this type.)

Addons

(Appears on: ShootSpec)

Addons is a collection of configuration for specific addons which are managed by the Gardener.

Field Description
kubernetes-dashboard
KubernetesDashboard
(Optional)

KubernetesDashboard holds configuration settings for the kubernetes dashboard addon.

nginx-ingress
NginxIngress
(Optional)

NginxIngress holds configuration settings for the nginx-ingress addon. DEPRECATED: This field will be removed in a future version.

cluster-autoscaler
AddonClusterAutoscaler
(Optional)

ClusterAutoscaler holds configuration settings for the cluster autoscaler addon. DEPRECATED: This field will be removed in a future version.

heapster
Heapster
(Optional)

Heapster holds configuration settings for the heapster addon. DEPRECATED: This field will be removed in a future version.

kube2iam
Kube2IAM
(Optional)

Kube2IAM holds configuration settings for the kube2iam addon (only AWS). DEPRECATED: This field will be removed in a future version.

kube-lego
KubeLego
(Optional)

KubeLego holds configuration settings for the kube-lego addon. DEPRECATED: This field will be removed in a future version.

monocular
Monocular
(Optional)

Monocular holds configuration settings for the monocular addon. DEPRECATED: This field will be removed in a future version.

AdmissionPlugin

(Appears on: KubeAPIServerConfig)

AdmissionPlugin contains information about a specific admission plugin and its corresponding configuration.

Field Description
name
string

Name is the name of the plugin.

config
github.com/gardener/gardener/pkg/apis/core/v1alpha1.ProviderConfig
(Optional)

Config is the configuration of the plugin.

Alerting

(Appears on: Monitoring)

Alerting contains information about how alerting will be done (i.e. who will receive alerts and how).

Field Description
emailReceivers
[]string
(Optional)

MonitoringEmailReceivers is a list of recipients for alerts

Alicloud

(Appears on: Cloud)

Alicloud contains the Shoot specification for Alibaba cloud

Field Description
machineImage
ShootMachineImage
(Optional)

ShootMachineImage holds information about the machine image to use for all workers. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided.

networks
AlicloudNetworks

Networks holds information about the Kubernetes and infrastructure networks.

workers
[]AlicloudWorker

Workers is a list of worker groups.

zones
[]string

Zones is a list of availability zones to deploy the Shoot cluster to, currently, only one is supported.

AlicloudConstraints

(Appears on: AlicloudProfile)

AlicloudConstraints is an object containing constraints for certain values in the Shoot specification

Field Description
dnsProviders
[]DNSProviderConstraint
(Optional)

DNSProviders contains constraints regarding allowed values of the ‘dns.provider’ block in the Shoot specification.

kubernetes
KubernetesConstraints

Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

machineImages
[]MachineImage

MachineImages contains constraints regarding allowed values for machine images in the Shoot specification.

machineTypes
[]AlicloudMachineType

MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification.

volumeTypes
[]AlicloudVolumeType

VolumeTypes contains constraints regarding allowed values for volume types in the ‘workers’ block in the Shoot specification.

zones
[]Zone

Zones contains constraints regarding allowed values for ‘zones’ block in the Shoot specification.

AlicloudMachineType

(Appears on: AlicloudConstraints)

AlicloudMachineType defines certain machine types and zone constraints.

Field Description
MachineType
MachineType

(Members of MachineType are embedded into this type.)

zones
[]string

AlicloudNetworks

(Appears on: Alicloud)

AlicloudNetworks holds information about the Kubernetes and infrastructure networks.

Field Description
K8SNetworks
K8SNetworks

(Members of K8SNetworks are embedded into this type.)

vpc
AlicloudVPC

VPC indicates whether to use an existing VPC or create a new one.

workers
[]string

Workers is a CIDR of a worker subnet (private) to create (used for the VMs).

AlicloudProfile

(Appears on: CloudProfileSpec)

AlicloudProfile defines constraints and definitions in Alibaba Cloud environment.

Field Description
constraints
AlicloudConstraints

Constraints is an object containing constraints for certain values in the Shoot specification.

AlicloudVPC

(Appears on: AlicloudNetworks)

AlicloudVPC contains either an id (of an existing VPC) or the CIDR (for a VPC to be created).

Field Description
id
string
(Optional)

ID is the Alicloud VPC id of an existing VPC.

cidr
string
(Optional)

CIDR is a CIDR range for a new VPC.

AlicloudVolumeType

(Appears on: AlicloudConstraints)

AlicloudVolumeType defines certain volume types and zone constraints.

Field Description
VolumeType
VolumeType

(Members of VolumeType are embedded into this type.)

zones
[]string

AlicloudWorker

(Appears on: Alicloud)

AlicloudWorker is the definition of a worker group.

Field Description
Worker
Worker

(Members of Worker are embedded into this type.)

volumeType
string

VolumeType is the type of the root volumes.

volumeSize
string

VolumeSize is the size of the root volume.

AuditConfig

(Appears on: KubeAPIServerConfig)

AuditConfig contains settings for audit of the api server

Field Description
auditPolicy
AuditPolicy
(Optional)

AuditPolicy contains configuration settings for audit policy of the kube-apiserver.

AuditPolicy

(Appears on: AuditConfig)

AuditPolicy contains audit policy for kube-apiserver

Field Description
configMapRef
Kubernetes core/v1.ObjectReference
(Optional)

ConfigMapRef is a reference to a ConfigMap object in the same namespace, which contains the audit policy for the kube-apiserver.

AzureCloud

(Appears on: Cloud)

AzureCloud contains the Shoot specification for Azure.

Field Description
machineImage
ShootMachineImage
(Optional)

ShootMachineImage holds information about the machine image to use for all workers. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided.

networks
AzureNetworks

Networks holds information about the Kubernetes and infrastructure networks.

resourceGroup
AzureResourceGroup
(Optional)

ResourceGroup indicates whether to use an existing resource group or create a new one.

workers
[]AzureWorker

Workers is a list of worker groups.

zones
[]string
(Optional)

Zones is a list of availability zones to deploy the Shoot cluster to.

AzureConstraints

(Appears on: AzureProfile)

AzureConstraints is an object containing constraints for certain values in the Shoot specification.

Field Description
dnsProviders
[]DNSProviderConstraint
(Optional)

DNSProviders contains constraints regarding allowed values of the ‘dns.provider’ block in the Shoot specification.

kubernetes
KubernetesConstraints

Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

machineImages
[]MachineImage

MachineImages contains constraints regarding allowed values for machine images in the Shoot specification.

machineTypes
[]MachineType

MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification.

volumeTypes
[]VolumeType

VolumeTypes contains constraints regarding allowed values for volume types in the ‘workers’ block in the Shoot specification.

zones
[]Zone
(Optional)

Zones contains constraints regarding allowed values for ‘zones’ block in the Shoot specification.

AzureDomainCount

(Appears on: AzureProfile)

AzureDomainCount defines the region and the count for this domain count value.

Field Description
region
string

Region is a region in Azure.

count
int

Count is the count value for the respective domain count.

AzureNetworks

(Appears on: AzureCloud)

AzureNetworks holds information about the Kubernetes and infrastructure networks.

Field Description
K8SNetworks
K8SNetworks

(Members of K8SNetworks are embedded into this type.)

vnet
AzureVNet

VNet indicates whether to use an existing VNet or create a new one.

workers
string

Workers is a CIDR of a worker subnet (private) to create (used for the VMs).

serviceEndpoints
[]string
(Optional)

ServiceEndpoints is a list of Azure ServiceEndpoints which should be associated with the worker subnet.

AzureProfile

(Appears on: CloudProfileSpec)

AzureProfile defines certain constraints and definitions for the Azure cloud.

Field Description
constraints
AzureConstraints

Constraints is an object containing constraints for certain values in the Shoot specification.

countUpdateDomains
[]AzureDomainCount

CountUpdateDomains is list of Azure update domain counts for each region.

countFaultDomains
[]AzureDomainCount

CountFaultDomains is list of Azure fault domain counts for each region.

AzureResourceGroup

(Appears on: AzureCloud)

AzureResourceGroup indicates whether to use an existing resource group or create a new one.

Field Description
name
string

Name is the name of an existing resource group.

AzureVNet

(Appears on: AzureNetworks)

AzureVNet indicates whether to use an existing VNet or create a new one.

Field Description
name
string
(Optional)

Name is the AWS VNet name of an existing VNet.

resourceGroup
string
(Optional)

ResourceGroup is the resourceGroup where the VNet is located.

cidr
string
(Optional)

CIDR is a CIDR range for a new VNet.

AzureWorker

(Appears on: AzureCloud)

AzureWorker is the definition of a worker group.

Field Description
Worker
Worker

(Members of Worker are embedded into this type.)

volumeType
string

VolumeType is the type of the root volumes.

volumeSize
string

VolumeSize is the size of the root volume.

BackupProfile

(Appears on: SeedSpec)

BackupProfile contains the object store configuration for backups for shoot(currently only etcd).

Field Description
provider
CloudProvider

Provider is a provider name.

region
string
(Optional)

Region is a region name.

secretRef
Kubernetes core/v1.SecretReference

SecretRef is a reference to a Secret object containing the cloud provider credentials for the object store where backups should be stored. It should have enough privileges to manipulate the objects as well as buckets.

Cloud

(Appears on: ShootSpec)

Cloud contains information about the cloud environment and their specific settings. It must contain exactly one key of the below cloud providers.

Field Description
profile
string

Profile is a name of a CloudProfile object.

region
string

Region is a name of a cloud provider region.

secretBindingRef
Kubernetes core/v1.LocalObjectReference

SecretBindingRef is a reference to a SecretBinding object.

seed
string
(Optional)

Seed is the name of a Seed object.

aws
AWSCloud
(Optional)

AWS contains the Shoot specification for the Amazon Web Services cloud.

azure
AzureCloud
(Optional)

Azure contains the Shoot specification for the Microsoft Azure cloud.

gcp
GCPCloud
(Optional)

GCP contains the Shoot specification for the Google Cloud Platform cloud.

openstack
OpenStackCloud
(Optional)

OpenStack contains the Shoot specification for the OpenStack cloud.

alicloud
Alicloud
(Optional)

Alicloud contains the Shoot specification for the Alibaba cloud.

packet
PacketCloud
(Optional)

Packet contains the Shoot specification for the Packet cloud.

CloudControllerManagerConfig

(Appears on: Kubernetes)

CloudControllerManagerConfig contains configuration settings for the cloud-controller-manager.

Field Description
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

CloudProfileSpec

(Appears on: CloudProfile)

CloudProfileSpec is the specification of a CloudProfile. It must contain exactly one of its defined keys.

Field Description
aws
AWSProfile
(Optional)

AWS is the profile specification for the Amazon Web Services cloud.

azure
AzureProfile
(Optional)

Azure is the profile specification for the Microsoft Azure cloud.

gcp
GCPProfile
(Optional)

GCP is the profile specification for the Google Cloud Platform cloud.

openstack
OpenStackProfile
(Optional)

OpenStack is the profile specification for the OpenStack cloud.

alicloud
AlicloudProfile
(Optional)

Alicloud is the profile specification for the Alibaba cloud.

packet
PacketProfile
(Optional)

Packet is the profile specification for the Packet cloud.

caBundle
string
(Optional)

CABundle is a certificate bundle which will be installed onto every host machine of the Shoot cluster.

CloudProvider (string alias)

(Appears on: BackupProfile)

CloudProvider is a string alias.

ClusterAutoscaler

(Appears on: Kubernetes)

ClusterAutoscaler contains the configration flags for the Kubernetes cluster autoscaler.

Field Description
scaleDownUtilizationThreshold
float64
(Optional)

ScaleDownUtilizationThreshold defines the threshold in % under which a node is being removed

scaleDownUnneededTime
Kubernetes meta/v1.Duration
(Optional)

ScaleDownUnneededTime defines how long a node should be unneeded before it is eligible for scale down (default: 10 mins).

scaleDownDelayAfterAdd
Kubernetes meta/v1.Duration
(Optional)

ScaleDownDelayAfterAdd defines how long after scale up that scale down evaluation resumes (default: 10 mins).

scaleDownDelayAfterFailure
Kubernetes meta/v1.Duration
(Optional)

ScaleDownDelayAfterFailure how long after scale down failure that scale down evaluation resumes (default: 3 mins).

scaleDownDelayAfterDelete
Kubernetes meta/v1.Duration
(Optional)

ScaleDownDelayAfterDelete how long after node deletion that scale down evaluation resumes, defaults to scanInterval (defaults to ScanInterval).

scanInterval
Kubernetes meta/v1.Duration
(Optional)

ScanInterval how often cluster is reevaluated for scale up or down (default: 10 secs).

DNS

(Appears on: ShootSpec)

DNS holds information about the provider, the hosted zone id and the domain.

Field Description
domain
string
(Optional)

Domain is the external available domain of the Shoot cluster.

secretName
string
(Optional)

SecretName is a name of a secret containing credentials for the stated domain and the provider. When not specified, the Gardener will use the cloud provider credentials referenced by the Shoot and try to find respective credentials there. Specifying this field may override this behavior, i.e. forcing the Gardener to only look into the given secret.

provider
string
(Optional)

Provider is the DNS provider type for the Shoot. Only relevant if not the default domain is used for this shoot.

includeDomains
[]string
(Optional)

IncludeDomains is a list of domains that shall be included. Only relevant if not the default domain is used for this shoot.

excludeDomains
[]string
(Optional)

ExcludeDomains is a list of domains that shall be excluded. Only relevant if not the default domain is used for this shoot.

includeZones
[]string
(Optional)

IncludeZones is a list of hosted zone IDs that shall be included. Only relevant if not the default domain is used for this shoot.

excludeZones
[]string
(Optional)

ExcludeZones is a list of hosted zone IDs that shall be excluded. Only relevant if not the default domain is used for this shoot.

DNSProviderConstraint

(Appears on: AWSConstraints, AlicloudConstraints, AzureConstraints, GCPConstraints, OpenStackConstraints, PacketConstraints)

DNSProviderConstraint contains constraints regarding allowed values of the ‘dns.provider’ block in the Shoot specification.

Field Description
name
string

Name is the name of the DNS provider.

Extension

(Appears on: ShootSpec)

Extension contains type and provider information for Shoot extensions.

Field Description
type
string

Type is the type of the extension resource.

providerConfig
github.com/gardener/gardener/pkg/apis/core/v1alpha1.ProviderConfig
(Optional)

ProviderConfig is the configuration passed to extension resource.

GCPCloud

(Appears on: Cloud)

GCPCloud contains the Shoot specification for GCP.

Field Description
machineImage
ShootMachineImage
(Optional)

ShootMachineImage holds information about the machine image to use for all workers. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided.

networks
GCPNetworks

Networks holds information about the Kubernetes and infrastructure networks.

workers
[]GCPWorker

Workers is a list of worker groups.

zones
[]string

Zones is a list of availability zones to deploy the Shoot cluster to.

GCPConstraints

(Appears on: GCPProfile)

GCPConstraints is an object containing constraints for certain values in the Shoot specification.

Field Description
dnsProviders
[]DNSProviderConstraint
(Optional)

DNSProviders contains constraints regarding allowed values of the ‘dns.provider’ block in the Shoot specification.

kubernetes
KubernetesConstraints

Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

machineImages
[]MachineImage

MachineImages contains constraints regarding allowed values for machine images in the Shoot specification.

machineTypes
[]MachineType

MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification.

volumeTypes
[]VolumeType

VolumeTypes contains constraints regarding allowed values for volume types in the ‘workers’ block in the Shoot specification.

zones
[]Zone

Zones contains constraints regarding allowed values for ‘zones’ block in the Shoot specification.

GCPNetworks

(Appears on: GCPCloud)

GCPNetworks holds information about the Kubernetes and infrastructure networks.

Field Description
K8SNetworks
K8SNetworks

(Members of K8SNetworks are embedded into this type.)

vpc
GCPVPC
(Optional)

VPC indicates whether to use an existing VPC or create a new one.

workers
[]string

Workers is a list of CIDRs of worker subnets (private) to create (used for the VMs).

internal
string
(Optional)

Internal is a private subnet (used for internal load balancers).

GCPProfile

(Appears on: CloudProfileSpec)

GCPProfile defines certain constraints and definitions for the GCP cloud.

Field Description
constraints
GCPConstraints

Constraints is an object containing constraints for certain values in the Shoot specification.

GCPVPC

(Appears on: GCPNetworks)

GCPVPC indicates whether to use an existing VPC or create a new one.

Field Description
name
string

Name is the name of an existing GCP VPC.

GCPWorker

(Appears on: GCPCloud)

GCPWorker is the definition of a worker group.

Field Description
Worker
Worker

(Members of Worker are embedded into this type.)

volumeType
string

VolumeType is the type of the root volumes.

volumeSize
string

VolumeSize is the size of the root volume.

Gardener

(Appears on: SeedStatus, ShootStatus)

Gardener holds the information about the Gardener

Field Description
id
string

ID is the Docker container id of the Gardener which last acted on a Shoot cluster.

name
string

Name is the hostname (pod name) of the Gardener which last acted on a Shoot cluster.

version
string

Version is the version of the Gardener which last acted on a Shoot cluster.

GardenerDuration

(Appears on: HorizontalPodAutoscalerConfig)

GardenerDuration is a workaround for missing OpenAPI functions on metav1.Duration struct.

Field Description
Duration
time.Duration

Heapster

(Appears on: Addons)

Heapster describes configuration values for the heapster addon.

Field Description
Addon
Addon

(Members of Addon are embedded into this type.)

HelmTiller

HelmTiller describes configuration values for the helm-tiller addon.

Field Description
Addon
Addon

(Members of Addon are embedded into this type.)

Hibernation

(Appears on: ShootSpec)

Hibernation contains information whether the Shoot is suspended or not.

Field Description
enabled
bool
(Optional)

Enabled specifies whether the Shoot needs to be hibernated or not. If it is true, the Shoot’s desired state is to be hibernated. If it is false or nil, the Shoot’s desired state is to be awaken.

schedules
[]HibernationSchedule
(Optional)

Schedules determine the hibernation schedules.

HibernationSchedule

(Appears on: Hibernation)

HibernationSchedule determines the hibernation schedule of a Shoot. A Shoot will be regularly hibernated at each start time and will be woken up at each end time. Start or End can be omitted, though at least one of each has to be specified.

Field Description
start
string
(Optional)

Start is a Cron spec at which time a Shoot will be hibernated.

end
string
(Optional)

End is a Cron spec at which time a Shoot will be woken up.

location
string
(Optional)

Location is the time location in which both start and and shall be evaluated.

HorizontalPodAutoscalerConfig

(Appears on: KubeControllerManagerConfig)

HorizontalPodAutoscalerConfig contains horizontal pod autoscaler configuration settings for the kube-controller-manager. Note: Descriptions were taken from the Kubernetes documentation.

Field Description
downscaleDelay
GardenerDuration
(Optional)

The period since last downscale, before another downscale can be performed in horizontal pod autoscaler.

syncPeriod
GardenerDuration
(Optional)

The period for syncing the number of pods in horizontal pod autoscaler.

tolerance
float64
(Optional)

The minimum change (from 1.0) in the desired-to-actual metrics ratio for the horizontal pod autoscaler to consider scaling.

upscaleDelay
GardenerDuration
(Optional)

The period since last upscale, before another upscale can be performed in horizontal pod autoscaler.

downscaleStabilization
GardenerDuration
(Optional)

The configurable window at which the controller will choose the highest recommendation for autoscaling.

initialReadinessDelay
GardenerDuration
(Optional)

The configurable period at which the horizontal pod autoscaler considers a Pod “not yet ready” given that it’s unready and it has transitioned to unready during that time.

cpuInitializationPeriod
GardenerDuration
(Optional)

The period after which a ready pod transition is considered to be the first.

K8SNetworks

(Appears on: AWSNetworks, AlicloudNetworks, AzureNetworks, GCPNetworks, Networking, OpenStackNetworks, PacketNetworks)

K8SNetworks contains CIDRs for the pod, service and node networks of a Kubernetes cluster.

Field Description
nodes
string
(Optional)

Nodes is the CIDR of the node network.

pods
string
(Optional)

Pods is the CIDR of the pod network.

services
string
(Optional)

Services is the CIDR of the service network.

Kube2IAM

(Appears on: Addons)

Kube2IAM describes configuration values for the kube2iam addon.

Field Description
Addon
Addon

(Members of Addon are embedded into this type.)

roles
[]Kube2IAMRole
(Optional)

Roles is list of AWS IAM roles which should be created by the Gardener.

Kube2IAMRole

(Appears on: Kube2IAM)

Kube2IAMRole allows passing AWS IAM policies which will result in IAM roles.

Field Description
name
string

Name is the name of the IAM role. Will be extended by the Shoot name.

description
string

Description is a human readable message indiciating what this IAM role can be used for.

policy
string

Policy is an AWS IAM policy document.

KubeAPIServerConfig

(Appears on: Kubernetes)

KubeAPIServerConfig contains configuration settings for the kube-apiserver.

Field Description
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

admissionPlugins
[]AdmissionPlugin
(Optional)

AdmissionPlugins contains the list of user-defined admission plugins (additional to those managed by Gardener), and, if desired, the corresponding configuration.

apiAudiences
[]string
(Optional)

APIAudiences are the identifiers of the API. The service account token authenticator will validate that tokens used against the API are bound to at least one of these audiences. If serviceAccountConfig.issuer is configured and this is not, this defaults to a single element list containing the issuer URL.

auditConfig
AuditConfig
(Optional)

AuditConfig contains configuration settings for the audit of the kube-apiserver.

enableBasicAuthentication
bool
(Optional)

EnableBasicAuthentication defines whether basic authentication should be enabled for this cluster or not.

oidcConfig
OIDCConfig
(Optional)

OIDCConfig contains configuration settings for the OIDC provider.

runtimeConfig
map[string]bool
(Optional)

RuntimeConfig contains information about enabled or disabled APIs.

serviceAccountConfig
ServiceAccountConfig
(Optional)

ServiceAccountConfig contains configuration settings for the service account handling of the kube-apiserver.

KubeControllerManagerConfig

(Appears on: Kubernetes)

KubeControllerManagerConfig contains configuration settings for the kube-controller-manager.

Field Description
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

horizontalPodAutoscaler
HorizontalPodAutoscalerConfig
(Optional)

HorizontalPodAutoscalerConfig contains horizontal pod autoscaler configuration settings for the kube-controller-manager.

nodeCIDRMaskSize
int
(Optional)

NodeCIDRMaskSize defines the mask size for node cidr in cluster (default is 24)

KubeLego

(Appears on: Addons)

KubeLego describes configuration values for the kube-lego addon.

Field Description
Addon
Addon

(Members of Addon are embedded into this type.)

email
string
(Optional)

Mail is the email address to register at Let’s Encrypt.

KubeProxyConfig

(Appears on: Kubernetes)

KubeProxyConfig contains configuration settings for the kube-proxy.

Field Description
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

mode
ProxyMode
(Optional)

Mode specifies which proxy mode to use. defaults to IPTables.

KubeSchedulerConfig

(Appears on: Kubernetes)

KubeSchedulerConfig contains configuration settings for the kube-scheduler.

Field Description
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

KubeletConfig

(Appears on: Kubernetes, Worker)

KubeletConfig contains configuration settings for the kubelet.

Field Description
KubernetesConfig
KubernetesConfig

(Members of KubernetesConfig are embedded into this type.)

podPidsLimit
int64
(Optional)

PodPIDsLimit is the maximum number of process IDs per pod allowed by the kubelet.

cpuCFSQuota
bool
(Optional)

CPUCFSQuota allows you to disable/enable CPU throttling for Pods.

cpuManagerPolicy
string
(Optional)

CPUManagerPolicy allows to set alternative CPU management policies (default: none).

maxPods
int32
(Optional)

MaxPods is the maximum number of Pods that are allowed by the Kubelet. Default: 110

evictionHard
KubeletConfigEviction
(Optional)

EvictionHard describes a set of eviction thresholds (e.g. memory.available<1Gi) that if met would trigger a Pod eviction. Default: memory.available: “100Mi/1Gi/5%” nodefs.available: “5%” nodefs.inodesFree: “5%” imagefs.available: “5%” imagefs.inodesFree: “5%”

evictionSoft
KubeletConfigEviction
(Optional)

EvictionSoft describes a set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a Pod eviction. Default: memory.available: “200Mi/1.5Gi/10%” nodefs.available: “10%” nodefs.inodesFree: “10%” imagefs.available: “10%” imagefs.inodesFree: “10%”

evictionSoftGracePeriod
KubeletConfigEvictionSoftGracePeriod
(Optional)

EvictionSoftGracePeriod describes a set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a Pod eviction. Default: memory.available: 1m30s nodefs.available: 1m30s nodefs.inodesFree: 1m30s imagefs.available: 1m30s imagefs.inodesFree: 1m30s

evictionMinimumReclaim
KubeletConfigEvictionMinimumReclaim
(Optional)

EvictionMinimumReclaim configures the amount of resources below the configured eviction threshold that the kubelet attempts to reclaim whenever the kubelet observes resource pressure. Default: 0 for each resource

evictionPressureTransitionPeriod
Kubernetes meta/v1.Duration
(Optional)

EvictionPressureTransitionPeriod is the duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. Default: 4m0s

evictionMaxPodGracePeriod
int32
(Optional)

EvictionMaxPodGracePeriod describes the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. Default: 90

KubeletConfigEviction

(Appears on: KubeletConfig)

KubeletConfigEviction contains kubelet eviction thresholds supporting either a resource.Quantity or a percentage based value.

Field Description
memoryAvailable
string
(Optional)

MemoryAvailable is the threshold for the free memory on the host server.

imageFSAvailable
string
(Optional)

ImageFSAvailable is the threshold for the free disk space in the imagefs filesystem (docker images and container writable layers).

imageFSInodesFree
string
(Optional)

ImageFSInodesFree is the threshold for the available inodes in the imagefs filesystem.

nodeFSAvailable
string
(Optional)

NodeFSAvailable is the threshold for the free disk space in the nodefs filesystem (docker volumes, logs, etc).

nodeFSInodesFree
string
(Optional)

NodeFSInodesFree is the threshold for the available inodes in the nodefs filesystem.

KubeletConfigEvictionMinimumReclaim

(Appears on: KubeletConfig)

KubeletConfigEviction contains configuration for the kubelet eviction minimum reclaim.

Field Description
memoryAvailable
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

MemoryAvailable is the threshold for the memory reclaim on the host server.

imageFSAvailable
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

ImageFSAvailable is the threshold for the disk space reclaim in the imagefs filesystem (docker images and container writable layers).

imageFSInodesFree
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

ImageFSInodesFree is the threshold for the inodes reclaim in the imagefs filesystem.

nodeFSAvailable
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

NodeFSAvailable is the threshold for the disk space reclaim in the nodefs filesystem (docker volumes, logs, etc).

nodeFSInodesFree
k8s.io/apimachinery/pkg/api/resource.Quantity
(Optional)

NodeFSInodesFree is the threshold for the inodes reclaim in the nodefs filesystem.

KubeletConfigEvictionSoftGracePeriod

(Appears on: KubeletConfig)

KubeletConfigEvictionSoftGracePeriod contains grace periods for kubelet eviction thresholds.

Field Description
memoryAvailable
Kubernetes meta/v1.Duration
(Optional)

MemoryAvailable is the grace period for the MemoryAvailable eviction threshold.

imageFSAvailable
Kubernetes meta/v1.Duration
(Optional)

ImageFSAvailable is the grace period for the ImageFSAvailable eviction threshold.

imageFSInodesFree
Kubernetes meta/v1.Duration
(Optional)

ImageFSInodesFree is the grace period for the ImageFSInodesFree eviction threshold.

nodeFSAvailable
Kubernetes meta/v1.Duration
(Optional)

NodeFSAvailable is the grace period for the NodeFSAvailable eviction threshold.

nodeFSInodesFree
Kubernetes meta/v1.Duration
(Optional)

NodeFSInodesFree is the grace period for the NodeFSInodesFree eviction threshold.

Kubernetes

(Appears on: ShootSpec)

Kubernetes contains the version and configuration variables for the Shoot control plane.

Field Description
allowPrivilegedContainers
bool
(Optional)

AllowPrivilegedContainers indicates whether privileged containers are allowed in the Shoot (default: true).

kubeAPIServer
KubeAPIServerConfig
(Optional)

KubeAPIServer contains configuration settings for the kube-apiserver.

cloudControllerManager
CloudControllerManagerConfig
(Optional)

CloudControllerManager contains configuration settings for the cloud-controller-manager.

kubeControllerManager
KubeControllerManagerConfig
(Optional)

KubeControllerManager contains configuration settings for the kube-controller-manager.

kubeScheduler
KubeSchedulerConfig
(Optional)

KubeScheduler contains configuration settings for the kube-scheduler.

kubeProxy
KubeProxyConfig
(Optional)

KubeProxy contains configuration settings for the kube-proxy.

kubelet
KubeletConfig
(Optional)

Kubelet contains configuration settings for the kubelet.

version
string

Version is the semantic Kubernetes version to use for the Shoot cluster.

clusterAutoscaler
ClusterAutoscaler

ClusterAutoscaler contains the configration flags for the Kubernetes cluster autoscaler.

KubernetesConfig

(Appears on: CloudControllerManagerConfig, KubeAPIServerConfig, KubeControllerManagerConfig, KubeProxyConfig, KubeSchedulerConfig, KubeletConfig)

KubernetesConfig contains common configuration fields for the control plane components.

Field Description
featureGates
map[string]bool
(Optional)

FeatureGates contains information about enabled feature gates.

KubernetesConstraints

(Appears on: AWSConstraints, AlicloudConstraints, AzureConstraints, GCPConstraints, OpenStackConstraints, PacketConstraints)

KubernetesConstraints contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

Field Description
versions
[]string
(Optional)

Versions is the list of allowed Kubernetes versions for Shoot clusters (e.g., 1.13.1).

offeredVersions
[]KubernetesVersion
(Optional)

OfferedVersions is the list of allowed Kubernetes versions with optional expiration dates for Shoot clusters.

KubernetesDashboard

(Appears on: Addons)

KubernetesDashboard describes configuration values for the kubernetes-dashboard addon.

Field Description
Addon
Addon

(Members of Addon are embedded into this type.)

authenticationMode
string
(Optional)

AuthenticationMode defines the authentication mode for the kubernetes-dashboard.

KubernetesVersion

(Appears on: KubernetesConstraints)

KubernetesVersion contains the version code and optional expiration date for a kubernetes version

Field Description
version
string

Version is the kubernetes version

expirationDate
Kubernetes meta/v1.Time
(Optional)

ExpirationDate defines the time at which this kubernetes version is not supported any more. This has the following implications: 1) A shoot that opted out of automatic kubernetes system updates and that is running this kubernetes version will be forcefully updated to the latest kubernetes patch version for the current minor version 2) Shoot’s with this kubernetes version cannot be created

MachineImage

(Appears on: AWSConstraints, AlicloudConstraints, AzureConstraints, GCPConstraints, OpenStackConstraints, PacketConstraints)

MachineImage defines the name and multiple versions of the machine image in any environment.

Field Description
name
string

Name is the name of the image.

version
string
(Optional)

DEPRECATED: This field will be removed in a future version.

versions
[]MachineImageVersion
(Optional)

Versions contains versions and expiration dates of the machine image

MachineImageVersion

(Appears on: MachineImage)

MachineImageVersion contains a version and an expiration date of a machine image

Field Description
version
string

Version is the version of the image.

expirationDate
Kubernetes meta/v1.Time
(Optional)

ExpirationDate defines the time at which a shoot that opted out of automatic operating system updates and that is running this image version will be forcefully updated to the latest version specified in the referenced cloud profile.

MachineType

(Appears on: AWSConstraints, AlicloudMachineType, AzureConstraints, GCPConstraints, OpenStackMachineType, PacketConstraints)

MachineType contains certain properties of a machine type.

Field Description
name
string

Name is the name of the machine type.

usable
bool
(Optional)

Usable defines if the machine type can be used for shoot clusters.

cpu
k8s.io/apimachinery/pkg/api/resource.Quantity

CPU is the number of CPUs for this machine type.

gpu
k8s.io/apimachinery/pkg/api/resource.Quantity

GPU is the number of GPUs for this machine type.

storage
MachineTypeStorage
(Optional)

Storage is the amount of storage associated with the root volume of this machine type.

memory
k8s.io/apimachinery/pkg/api/resource.Quantity

Memory is the amount of memory for this machine type.

MachineTypeStorage

(Appears on: MachineType)

MachineTypeStorage is the amount of storage associated with the root volume of this machine type.

Field Description
class
string

Class is the class of the storage type.

size
k8s.io/apimachinery/pkg/api/resource.Quantity

Size is the storage size.

type
string

Type is the type of the storage.

Maintenance

(Appears on: ShootSpec)

Maintenance contains information about the time window for maintenance operations and which operations should be performed.

Field Description
autoUpdate
MaintenanceAutoUpdate
(Optional)

AutoUpdate contains information about which constraints should be automatically updated.

timeWindow
MaintenanceTimeWindow
(Optional)

TimeWindow contains information about the time window for maintenance operations.

MaintenanceAutoUpdate

(Appears on: Maintenance)

MaintenanceAutoUpdate contains information about which constraints should be automatically updated.

Field Description
kubernetesVersion
bool

KubernetesVersion indicates whether the patch Kubernetes version may be automatically updated.

machineImageVersion
bool
(Optional)

MachineImageVersion indicates whether the machine image version may be automatically updated (default: true).

MaintenanceTimeWindow

(Appears on: Maintenance)

MaintenanceTimeWindow contains information about the time window for maintenance operations.

Field Description
begin
string

Begin is the beginning of the time window in the format HHMMSS+ZONE, e.g. “220000+0100”. If not present, a random value will be computed.

end
string

End is the end of the time window in the format HHMMSS+ZONE, e.g. “220000+0100”. If not present, the value will be computed based on the “Begin” value.

Monitoring

(Appears on: ShootSpec)

Monitoring contains information about the monitoring configuration for the shoot.

Field Description
alerting
Alerting
(Optional)

Alerting contains information about the alerting configuration for the shoot cluster.

Monocular

(Appears on: Addons)

Monocular describes configuration values for the monocular addon.

Field Description
Addon
Addon

(Members of Addon are embedded into this type.)

Networking

(Appears on: ShootSpec)

Networking defines networking parameters for the shoot cluster.

Field Description
K8SNetworks
K8SNetworks

(Members of K8SNetworks are embedded into this type.)

type
string

Type identifies the type of the networking plugin

providerConfig
github.com/gardener/gardener/pkg/apis/core/v1alpha1.ProviderConfig
(Optional)

ProviderConfig is the configuration passed to network resource.

NginxIngress

(Appears on: Addons)

NginxIngress describes configuration values for the nginx-ingress addon.

Field Description
Addon
Addon

(Members of Addon are embedded into this type.)

loadBalancerSourceRanges
[]string
(Optional)

LoadBalancerSourceRanges is list of whitelist IP sources for NginxIngress

config
map[string]string
(Optional)

Config contains custom configuration for the nginx-ingress-controller configuration. See https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/configmap.md#configuration-options

externalTrafficPolicy
Kubernetes core/v1.ServiceExternalTrafficPolicyType
(Optional)

ExternalTrafficPolicy controls the .spec.externalTrafficPolicy value of the load balancer Service exposing the nginx-ingress. Defaults to Cluster.

OIDCConfig

(Appears on: KubeAPIServerConfig)

OIDCConfig contains configuration settings for the OIDC provider. Note: Descriptions were taken from the Kubernetes documentation.

Field Description
caBundle
string
(Optional)

If set, the OpenID server’s certificate will be verified by one of the authorities in the oidc-ca-file, otherwise the host’s root CA set will be used.

clientID
string
(Optional)

The client ID for the OpenID Connect client, must be set if oidc-issuer-url is set.

groupsClaim
string
(Optional)

If provided, the name of a custom OpenID Connect claim for specifying user groups. The claim value is expected to be a string or array of strings. This flag is experimental, please see the authentication documentation for further details.

groupsPrefix
string
(Optional)

If provided, all groups will be prefixed with this value to prevent conflicts with other authentication strategies.

issuerURL
string
(Optional)

The URL of the OpenID issuer, only HTTPS scheme will be accepted. If set, it will be used to verify the OIDC JSON Web Token (JWT).

requiredClaims
map[string]string
(Optional)

ATTENTION: Only meaningful for Kubernetes >= 1.11 key=value pairs that describes a required claim in the ID Token. If set, the claim is verified to be present in the ID Token with a matching value.

signingAlgs
[]string
(Optional)

List of allowed JOSE asymmetric signing algorithms. JWTs with a ‘alg’ header value not in this list will be rejected. Values are defined by RFC 7518 https://tools.ietf.org/html/rfc7518#section-3.1

usernameClaim
string
(Optional)

The OpenID claim to use as the user name. Note that claims other than the default (‘sub’) is not guaranteed to be unique and immutable. This flag is experimental, please see the authentication documentation for further details. (default “sub”)

usernamePrefix
string
(Optional)

If provided, all usernames will be prefixed with this value. If not provided, username claims other than ‘email’ are prefixed by the issuer URL to avoid clashes. To skip any prefixing, provide the value ‘-’.

clientAuthentication
OpenIDConnectClientAuthentication
(Optional)

ClientAuthentication can optionally contain client configuration used for kubeconfig generation.

OpenIDConnectClientAuthentication

(Appears on: OIDCConfig)

OpenIDConnectClientAuthentication contains configuration for OIDC clients.

Field Description
secret
string
(Optional)

The client Secret for the OpenID Connect client.

extraConfig
map[string]string
(Optional)

Extra configuration added to kubeconfig’s auth-provider. Must not be any of idp-issuer-url, client-id, client-secret, idp-certificate-authority, idp-certificate-authority-data, id-token or refresh-token

OpenStackCloud

(Appears on: Cloud)

OpenStackCloud contains the Shoot specification for OpenStack.

Field Description
floatingPoolName
string

FloatingPoolName is the name of the floating pool to get FIPs from.

loadBalancerProvider
string

LoadBalancerProvider is the name of the load balancer provider in the OpenStack environment.

loadBalancerClasses
[]OpenStackLoadBalancerClass
(Optional)

LoadBalancerClasses available for a dedicated Shoot.

machineImage
ShootMachineImage
(Optional)

ShootMachineImage holds information about the machine image to use for all workers. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided.

networks
OpenStackNetworks

Networks holds information about the Kubernetes and infrastructure networks.

workers
[]OpenStackWorker

Workers is a list of worker groups.

zones
[]string

Zones is a list of availability zones to deploy the Shoot cluster to.

OpenStackConstraints

(Appears on: OpenStackProfile)

OpenStackConstraints is an object containing constraints for certain values in the Shoot specification.

Field Description
dnsProviders
[]DNSProviderConstraint
(Optional)

DNSProviders contains constraints regarding allowed values of the ‘dns.provider’ block in the Shoot specification.

floatingPools
[]OpenStackFloatingPool

FloatingPools contains constraints regarding allowed values of the ‘floatingPoolName’ block in the Shoot specification.

kubernetes
KubernetesConstraints

Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

loadBalancerProviders
[]OpenStackLoadBalancerProvider

LoadBalancerProviders contains constraints regarding allowed values of the ‘loadBalancerProvider’ block in the Shoot specification.

machineImages
[]MachineImage

MachineImages contains constraints regarding allowed values for machine images in the Shoot specification.

machineTypes
[]OpenStackMachineType

MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification.

zones
[]Zone

Zones contains constraints regarding allowed values for ‘zones’ block in the Shoot specification.

OpenStackFloatingPool

(Appears on: OpenStackConstraints)

OpenStackFloatingPool contains constraints regarding allowed values of the ‘floatingPoolName’ block in the Shoot specification.

Field Description
name
string

Name is the name of the floating pool.

loadBalancerClasses
[]OpenStackLoadBalancerClass
(Optional)

LoadBalancerClasses contains a list of supported labeled load balancer network settings.

OpenStackLoadBalancerClass

(Appears on: OpenStackCloud, OpenStackFloatingPool)

OpenStackLoadBalancerClass defines a restricted network setting for generic LoadBalancer classes usable in CloudProfiles.

Field Description
name
string

Name is the name of the LB class

floatingSubnetID
string
(Optional)

FloatingSubnetID is the subnetwork ID of a dedicated subnet in floating network pool.

floatingNetworkID
string
(Optional)

FloatingNetworkID is the network ID of the floating network pool.

subnetID
string
(Optional)

SubnetID is the ID of a local subnet used for LoadBalancer provisioning. Only usable if no FloatingPool configuration is done.

OpenStackLoadBalancerProvider

(Appears on: OpenStackConstraints)

OpenStackLoadBalancerProvider contains constraints regarding allowed values of the ‘loadBalancerProvider’ block in the Shoot specification.

Field Description
name
string

Name is the name of the load balancer provider.

OpenStackMachineType

(Appears on: OpenStackConstraints)

OpenStackMachineType contains certain properties of a machine type in OpenStack

Field Description
MachineType
MachineType

(Members of MachineType are embedded into this type.)

volumeType
string

VolumeType is the type of that volume.

volumeSize
k8s.io/apimachinery/pkg/api/resource.Quantity

VolumeSize is the amount of disk storage for this machine type.

OpenStackNetworks

(Appears on: OpenStackCloud)

OpenStackNetworks holds information about the Kubernetes and infrastructure networks.

Field Description
K8SNetworks
K8SNetworks

(Members of K8SNetworks are embedded into this type.)

router
OpenStackRouter
(Optional)

Router indicates whether to use an existing router or create a new one.

workers
[]string

Workers is a list of CIDRs of worker subnets (private) to create (used for the VMs).

OpenStackProfile

(Appears on: CloudProfileSpec)

OpenStackProfile defines certain constraints and definitions for the OpenStack cloud.

Field Description
constraints
OpenStackConstraints

Constraints is an object containing constraints for certain values in the Shoot specification.

keystoneURL
string

KeyStoneURL is the URL for auth{n,z} in OpenStack (pointing to KeyStone).

dnsServers
[]string
(Optional)

DNSServers is a list of IPs of DNS servers used while creating subnets.

dhcpDomain
string
(Optional)

DHCPDomain is the dhcp domain of the OpenStack system configured in nova.conf. Only meaningful for Kubernetes 1.10.1+. See https://github.com/kubernetes/kubernetes/pull/61890 for details.

requestTimeout
string
(Optional)

RequestTimeout specifies the HTTP timeout against the OpenStack API.

OpenStackRouter

(Appears on: OpenStackNetworks)

OpenStackRouter indicates whether to use an existing router or create a new one.

Field Description
id
string

ID is the router id of an existing OpenStack router.

OpenStackWorker

(Appears on: OpenStackCloud)

OpenStackWorker is the definition of a worker group.

Field Description
Worker
Worker

(Members of Worker are embedded into this type.)

PacketCloud

(Appears on: Cloud)

PacketCloud contains the Shoot specification for Packet cloud

Field Description
machineImage
ShootMachineImage
(Optional)

ShootMachineImage holds information about the machine image to use for all workers. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided.

networks
PacketNetworks

Networks holds information about the Kubernetes and infrastructure networks.

workers
[]PacketWorker

Workers is a list of worker groups.

zones
[]string

Zones is a list of availability zones to deploy the Shoot cluster to, currently, only one is supported.

PacketConstraints

(Appears on: PacketProfile)

PacketConstraints is an object containing constraints for certain values in the Shoot specification

Field Description
dnsProviders
[]DNSProviderConstraint
(Optional)

DNSProviders contains constraints regarding allowed values of the ‘dns.provider’ block in the Shoot specification.

kubernetes
KubernetesConstraints

Kubernetes contains constraints regarding allowed values of the ‘kubernetes’ block in the Shoot specification.

machineImages
[]MachineImage

MachineImages contains constraints regarding allowed values for machine images in the Shoot specification.

machineTypes
[]MachineType

MachineTypes contains constraints regarding allowed values for machine types in the ‘workers’ block in the Shoot specification.

volumeTypes
[]VolumeType

VolumeTypes contains constraints regarding allowed values for volume types in the ‘workers’ block in the Shoot specification.

zones
[]Zone

Zones contains constraints regarding allowed values for ‘zones’ block in the Shoot specification.

PacketNetworks

(Appears on: PacketCloud)

PacketNetworks holds information about the Kubernetes and infrastructure networks.

Field Description
K8SNetworks
K8SNetworks

(Members of K8SNetworks are embedded into this type.)

PacketProfile

(Appears on: CloudProfileSpec)

PacketProfile defines constraints and definitions in Packet Cloud environment.

Field Description
constraints
PacketConstraints

Constraints is an object containing constraints for certain values in the Shoot specification.

PacketWorker

(Appears on: PacketCloud)

PacketWorker is the definition of a worker group.

Field Description
Worker
Worker

(Members of Worker are embedded into this type.)

volumeType
string

VolumeType is the type of the root volumes.

volumeSize
string

VolumeSize is the size of the root volume.

ProjectPhase (string alias)

(Appears on: ProjectStatus)

ProjectPhase is a label for the condition of a project at the current time.

ProjectSpec

(Appears on: Project)

ProjectSpec is the specification of a Project.

Field Description
createdBy
Kubernetes rbac/v1.Subject
(Optional)

CreatedBy is a subject representing a user name, an email address, or any other identifier of a user who created the project.

description
string
(Optional)

Description is a human-readable description of what the project is used for.

owner
Kubernetes rbac/v1.Subject
(Optional)

Owner is a subject representing a user name, an email address, or any other identifier of a user owning the project.

purpose
string
(Optional)

Purpose is a human-readable explanation of the project’s purpose.

members
[]Kubernetes rbac/v1.Subject
(Optional)

Members is a list of subjects representing a user name, an email address, or any other identifier of a user that should be part of this project with full permissions to manage it.

namespace
string
(Optional)

Namespace is the name of the namespace that has been created for the Project object. A nil value means that Gardener will determine the name of the namespace.

viewers
[]Kubernetes rbac/v1.Subject
(Optional)

Viewers is a list of subjects representing a user name, an email address, or any other identifier of a user that should be part of this project with limited permissions to only view some resources.

ProjectStatus

(Appears on: Project)

ProjectStatus holds the most recently observed status of the project.

Field Description
observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this project.

phase
ProjectPhase

Phase is the current phase of the project.

ProxyMode (string alias)

(Appears on: KubeProxyConfig)

ProxyMode available in Linux platform: ‘userspace’ (older, going to be EOL), ‘iptables’ (newer, faster), ‘ipvs’(newest, better in performance and scalability).

As of now only ‘iptables’ and ‘ipvs’ is supported by Gardener.

In Linux platform, if the iptables proxy is selected, regardless of how, but the system’s kernel or iptables versions are insufficient, this always falls back to the userspace proxy. IPVS mode will be enabled when proxy mode is set to ‘ipvs’, and the fall back path is firstly iptables and then userspace.

QuotaScope (string alias)

(Appears on: QuotaSpec)

QuotaScope is a string alias.

QuotaSpec

(Appears on: Quota)

QuotaSpec is the specification of a Quota.

Field Description
clusterLifetimeDays
int
(Optional)

ClusterLifetimeDays is the lifetime of a Shoot cluster in days before it will be terminated automatically.

metrics
Kubernetes core/v1.ResourceList

Metrics is a list of resources which will be put under constraints.

scope
QuotaScope

Scope is the scope of the Quota object, either ‘project’ or ‘secret’.

SeedCloud

(Appears on: SeedSpec)

SeedCloud defines the cloud profile and the region this Seed cluster belongs to.

Field Description
profile
string

Profile is the name of a cloud profile.

region
string

Region is a name of a region.

SeedNetworks

(Appears on: SeedSpec)

SeedNetworks contains CIDRs for the pod, service and node networks of a Kubernetes cluster.

Field Description
nodes
string

Nodes is the CIDR of the node network.

pods
string

Pods is the CIDR of the pod network.

services
string

Services is the CIDR of the service network.

shootDefaults
ShootNetworks
(Optional)

ShootDefaults contains the default networks CIDRs for shoots.

SeedSpec

(Appears on: Seed)

SeedSpec is the specification of a Seed.

Field Description
cloud
SeedCloud

Cloud defines the cloud profile and the region this Seed cluster belongs to.

ingressDomain
string

IngressDomain is the domain of the Seed cluster pointing to the ingress controller endpoint. It will be used to construct ingress URLs for system applications running in Shoot clusters.

secretRef
Kubernetes core/v1.SecretReference
(Optional)

SecretRef is a reference to a Secret object containing the Kubeconfig and the cloud provider credentials for the account the Seed cluster has been deployed to.

networks
SeedNetworks

Networks defines the pod, service and worker network of the Seed cluster.

blockCIDRs
[]string
(Optional)

BlockCIDRs is a list of network addresses that should be blocked for shoot control plane components running in the seed cluster.

visible
bool
(Optional)

Visible labels the Seed cluster as selectable for the seedfinder admission controller.

protected
bool
(Optional)

Protected prevent that the Seed Cluster can be used for regular Shoot cluster control planes.

backup
BackupProfile
(Optional)

Backup holds the object store configuration for the backups of shoot(currently only etcd). If it is not specified, then there won’t be any backups taken for Shoots associated with this Seed. If backup field is present in Seed, then backups of the etcd from Shoot controlplane will be stored under the configured object store.

SeedStatus

(Appears on: Seed)

SeedStatus holds the most recently observed status of the Seed cluster.

Field Description
conditions
[]github.com/gardener/gardener/pkg/apis/core/v1alpha1.Condition
(Optional)

Conditions represents the latest available observations of a Seed’s current state.

gardener
Gardener
(Optional)

Gardener holds information about the Gardener which last acted on the Seed.

kubernetesVersion
string
(Optional)

KubernetesVersion is the Kubernetes version of the seed cluster.

observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this Seed. It corresponds to the Seed’s generation, which is updated on mutation by the API Server.

ServiceAccountConfig

(Appears on: KubeAPIServerConfig)

ServiceAccountConfig is the kube-apiserver configuration for service accounts.

Field Description
issuer
string
(Optional)

Issuer is the identifier of the service account token issuer. The issuer will assert this identifier in “iss” claim of issued tokens. This value is a string or URI.

signingKeySecretName
Kubernetes core/v1.LocalObjectReference
(Optional)

SigningKeySecret is a reference to a secret that contains the current private key of the service account token issuer. The issuer will sign issued ID tokens with this private key. (Requires the ‘TokenRequest’ feature gate.)

ShootMachineImage

(Appears on: AWSCloud, Alicloud, AzureCloud, GCPCloud, OpenStackCloud, PacketCloud, Worker)

MachineImage defines the name and the version of the shoot’s machine image in any environment. Has to be defined in the respective CloudProfile.

Field Description
name
string

Name is the name of the image.

version
string

Version is the version of the shoot’s image.

providerConfig
github.com/gardener/gardener/pkg/apis/core/v1alpha1.ProviderConfig
(Optional)

ProviderConfig is the shoot’s individual configuration passed to an extension resource.

ShootNetworks

(Appears on: SeedNetworks)

ShootNetworks contains the default networks CIDRs for shoots.

Field Description
pods
string
(Optional)

Pods is the CIDR of the pod network.

services
string
(Optional)

Services is the CIDR of the service network.

ShootSpec

(Appears on: Shoot)

ShootSpec is the specification of a Shoot.

Field Description
addons
Addons
(Optional)

Addons contains information about enabled/disabled addons and their configuration.

cloud
Cloud

Cloud contains information about the cloud environment and their specific settings.

dns
DNS
(Optional)

DNS contains information about the DNS settings of the Shoot.

extensions
[]Extension
(Optional)

Extensions contain type and provider information for Shoot extensions.

hibernation
Hibernation
(Optional)

Hibernation contains information whether the Shoot is suspended or not.

kubernetes
Kubernetes

Kubernetes contains the version and configuration settings of the control plane components.

networking
Networking

Networking contains information about cluster networking such as CNI Plugin type, CIDRs, …etc.

maintenance
Maintenance
(Optional)

Maintenance contains information about the time window for maintenance operations and which operations should be performed.

monitoring
Monitoring
(Optional)

Monitoring contains information about custom monitoring configurations for the shoot.

ShootStatus

(Appears on: Shoot)

ShootStatus holds the most recently observed status of the Shoot cluster.

Field Description
conditions
[]github.com/gardener/gardener/pkg/apis/core/v1alpha1.Condition
(Optional)

Conditions represents the latest available observations of a Shoots’s current state.

constraints
[]github.com/gardener/gardener/pkg/apis/core/v1alpha1.Condition
(Optional)

Constraints represents conditions of a Shoot’s current state that constraint some operations on it.

gardener
Gardener

Gardener holds information about the Gardener which last acted on the Shoot.

lastOperation
github.com/gardener/gardener/pkg/apis/core/v1alpha1.LastOperation
(Optional)

LastOperation holds information about the last operation on the Shoot.

lastError
github.com/gardener/gardener/pkg/apis/core/v1alpha1.LastError
(Optional)

LastError holds information about the last occurred error during an operation.

lastErrors
[]github.com/gardener/gardener/pkg/apis/core/v1alpha1.LastError
(Optional)

LastErrors holds information about the last occurred error(s) during an operation.

observedGeneration
int64
(Optional)

ObservedGeneration is the most recent generation observed for this Shoot. It corresponds to the Shoot’s generation, which is updated on mutation by the API Server.

retryCycleStartTime
Kubernetes meta/v1.Time
(Optional)

RetryCycleStartTime is the start time of the last retry cycle (used to determine how often an operation must be retried until we give up).

seed
string

Seed is the name of the seed cluster that runs the control plane of the Shoot. This value is only written after a successful create/reconcile operation. It will be used when control planes are moved between Seeds.

hibernated
bool
(Optional)

IsHibernated indicates whether the Shoot is currently hibernated.

technicalID
string

TechnicalID is the name that is used for creating the Seed namespace, the infrastructure resources, and basically everything that is related to this particular Shoot.

uid
k8s.io/apimachinery/pkg/types.UID

UID is a unique identifier for the Shoot cluster to avoid portability between Kubernetes clusters. It is used to compute unique hashes.

VolumeType

(Appears on: AWSConstraints, AlicloudVolumeType, AzureConstraints, GCPConstraints, PacketConstraints)

VolumeType contains certain properties of a volume type.

Field Description
name
string

Name is the name of the volume type.

usable
bool
(Optional)

Usable defines if the volume type can be used for shoot clusters.

class
string

Class is the class of the volume type.

Worker

(Appears on: AWSWorker, AlicloudWorker, AzureWorker, GCPWorker, OpenStackWorker, PacketWorker)

Worker is the base definition of a worker group.

Field Description
name
string

Name is the name of the worker group.

machineType
string

MachineType is the machine type of the worker group.

machineImage
ShootMachineImage
(Optional)

ShootMachineImage holds information about the machine image to use for all workers. It will default to the latest version of the first image stated in the referenced CloudProfile if no value has been provided.

autoScalerMin
int

AutoScalerMin is the minimum number of VMs to create.

autoScalerMax
int

AutoScalerMin is the maximum number of VMs to create.

maxSurge
k8s.io/apimachinery/pkg/util/intstr.IntOrString
(Optional)

MaxSurge is maximum number of VMs that are created during an update.

maxUnavailable
k8s.io/apimachinery/pkg/util/intstr.IntOrString
(Optional)

MaxUnavailable is the maximum number of VMs that can be unavailable during an update.

annotations
map[string]string
(Optional)

Annotations is a map of key/value pairs for annotations for all the Node objects in this worker pool.

labels
map[string]string
(Optional)

Labels is a map of key/value pairs for labels for all the Node objects in this worker pool.

taints
[]Kubernetes core/v1.Taint
(Optional)

Taints is a list of taints for all the Node objects in this worker pool.

kubelet
KubeletConfig
(Optional)

Kubelet contains configuration settings for the kubelet.

caBundle
string
(Optional)

CABundle is a certificate bundle which will be installed onto every machine of this worker pool.

Zone

(Appears on: AWSConstraints, AlicloudConstraints, AzureConstraints, GCPConstraints, OpenStackConstraints, PacketConstraints)

Zone contains certain properties of an availability zone.

Field Description
region
string

Region is a region name.

names
[]string
(Optional)

Names is a list of availability zone names in this region.


Generated with gen-crd-api-reference-docs on git commit 857401a84.

Report an issue

See a typo? Have a picture to recommend? Want to edit some words/phrases/sentences? You can simply submit a ticket to request we make the change. If you are github savvy, submit a pull request. Open Github Issue