Extensions

Specification of the BackupBucket. If the object’s deletion timestamp is set, this field is immutable.

Specification of the BackupEntry. If the object’s deletion timestamp is set, this field is immutable.

Spec is the specification of this Bastion. If the object’s deletion timestamp is set, this field is immutable.

Status is the bastion’s status.

Specification of the ContainerRuntime. If the object’s deletion timestamp is set, this field is immutable.

Specification of the ControlPlane. If the object’s deletion timestamp is set, this field is immutable.

Specification of the DNSRecord. If the object’s deletion timestamp is set, this field is immutable.

Specification of the Extension. If the object’s deletion timestamp is set, this field is immutable.

Specification of the Infrastructure. If the object’s deletion timestamp is set, this field is immutable.

Specification of the Network. If the object’s deletion timestamp is set, this field is immutable.

Specification of the OperatingSystemConfig. If the object’s deletion timestamp is set, this field is immutable.

Specification of the Worker. If the object’s deletion timestamp is set, this field is immutable.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

Region is the region of this bucket. This field is immutable.

SecretRef is a reference to a secret that contains the credentials to access object store.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

GeneratedSecretRef is reference to the secret generated by backup bucket, which will have object store specific credentials.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

BackupBucketProviderStatus contains the provider status that has been generated by the controller responsible for the BackupBucket resource.

Region is the region of this Entry. This field is immutable.

BucketName is the name of backup bucket for this Backup Entry.

SecretRef is a reference to a secret that contains the credentials to access object store.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

IPBlock defines an IP block that is allowed to access the bastion.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

UserData is the base64-encoded user data for the bastion instance. This should contain code to provision the SSH key on the bastion instance. This field is immutable.

Ingress controls from where the created bastion host should be reachable.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

Ingress is the external IP and/or hostname of the bastion host.

LastInitiationTime is the most recent time when the certificate authority credential rotation was initiated.

Name is a mandatory string containing the name of the CRI library. Supported values are containerd.

CgroupDriver configures the CRI’s cgroup driver. Supported values are cgroupfs or systemd.

ContainerdConfig is the containerd configuration. Only to be set for OperatingSystemConfigs with purpose ‘reconcile’.

SecretRef is a reference to a secret that contains the actual result of the generated cloud config.

ScaleDownUtilizationThreshold defines the threshold in fraction (0.0 - 1.0) under which a node is being removed.

ScaleDownGpuUtilizationThreshold defines the threshold in fraction (0.0 - 1.0) of gpu resources under which a node is being removed.

ScaleDownUnneededTime defines how long a node should be unneeded before it is eligible for scale down.

ScaleDownUnreadyTime defines how long an unready node should be unneeded before it is eligible for scale down.

MaxNodeProvisionTime defines how long cluster autoscaler should wait for a node to be provisioned.

CloudProfile is a raw extension field that contains the cloudprofile resource referenced by the shoot that has to be reconciled.

Seed is a raw extension field that contains the seed resource referenced by the shoot that has to be reconciled.

Shoot is a raw extension field that contains the shoot resource that has to be reconciled.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

BinaryPath is the Worker’s machine path where container runtime extensions should copy the binaries to.

WorkerPool identifies the worker pool of the Shoot. For each worker pool and type, Gardener deploys a ContainerRuntime CRD.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

Name specifies the name of the worker pool the container runtime should be available for. This field is immutable.

Selector is the label selector used by the extension to match the nodes belonging to the worker pool.

Registries configures the registry hosts for containerd.

SandboxImage configures the sandbox image for containerd.

Plugins configures the plugins section in containerd’s config.toml.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

InfrastructureProviderStatus contains the provider status that has been generated by the controller responsible for the Infrastructure resource.

Region is the region of this control plane. This field is immutable.

SecretRef is a reference to a secret that contains the cloud provider specific credentials.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

CertificateAuthorities contains information about the certificate authority credential rotation.

ServiceAccountKey contains information about the service account key credential rotation.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

SecretRef is a reference to a secret that contains the cloud provider specific credentials.

Region is the region of this DNS record. If not specified, the region specified in SecretRef will be used. If that is also not specified, the extension controller will use its default region.

Zone is the DNS hosted zone of this DNS record. If not specified, it will be determined automatically by getting all hosted zones of the account and searching for the longest zone name that is a suffix of Name.

Name is the fully qualified domain name, e.g. “api.”. This field is immutable.

RecordType is the DNS record type. Only A, CNAME, and TXT records are currently supported. This field is immutable.

Values is a list of IP addresses for A records, a single hostname for CNAME records, or a list of texts for TXT records.

TTL is the time to live in seconds. Defaults to 120.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

Zone is the DNS hosted zone of this DNS record.

Name of the volume to make it referenceable.

Type is the type of the volume.

Size is the of the root volume.

Encrypted determines if the volume should be encrypted.

Type contains the instance of the resource’s kind.

Class holds the extension class used to control the responsibility for multiple provider extensions.

ProviderConfig is the provider specific configuration.

ProviderStatus contains provider-specific status.

Conditions represents the latest available observations of a Seed’s current state.

LastError holds information about the last occurred error during an operation.

LastOperation holds information about the last operation on the resource.

ObservedGeneration is the most recent generation observed for this resource.

State can be filled by the operating controller with what ever data it needs.

Resources holds a list of named resource references that can be referred to in the state by their names.

Name is the name of the drop-in.

Content is the content of the drop-in.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

Path is the path of the file system where the file should get written to.

Permissions describes with which permissions the file should get written to the file system. If no permissions are set, the operating system’s defaults are used.

Content describe the file’s content.

SecretRef is a struct that contains information about the referenced secret.

Inline is a struct that contains information about the inlined data.

TransmitUnencoded set to true will ensure that the os-extension does not encode the file content when sent to the node. This for example can be used to manipulate the clear-text content before it reaches the node.

ImageRef describes a container image which contains a file.

Image contains the container image repository with tag.

FilePathInImage contains the path in the image to the file that should be extracted.

Encoding is the file’s encoding (e.g. base64).

Data is the file’s data.

Name is the name of the secret.

DataKey is the key in the secret’s .data field that should be read.

OperatingSystemVersion is the version of the operating system.

KubeletVersion is the version of the kubelet.

CredentialsRotation is a structure containing information about the last initiation time of the certificate authority and service account key rotation.

OSUpdate defines the configuration for the operating system update.

WorkerPoolToHashMap is a map of worker pool names to their corresponding hash.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

Region is the region of this infrastructure. This field is immutable.

SecretRef is a reference to a secret that contains the cloud provider credentials.

SSHPublicKey is the public SSH key that should be used with this infrastructure.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

NodesCIDR is the CIDR of the node network that was optionally created by the acting extension controller. This might be needed in environments in which the CIDR for the network for the shoot worker node cannot be statically defined in the Shoot resource but must be computed dynamically.

EgressCIDRs is a list of CIDRs used by the shoot as the source IP for egress traffic. For certain environments the egress IPs may not be stable in which case the extension controller may opt to not populate this field.

Networking contains information about cluster networking such as CIDRs.

Pods are the CIDRs of the pod network.

Nodes are the CIDRs of the node network.

Services are the CIDRs of the service network.

Name is the name of the MachineDeployment resource.

Minimum is the minimum number for this machine deployment.

Maximum is the maximum number for this machine deployment.

Priority (or weight) is the importance by which this machine deployment will be scaled by cluster autoscaling.

Name is the logical name of the machine image.

Version is the version of the machine image.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

PodCIDR defines the CIDR that will be used for pods. This field is immutable.

ServiceCIDR defines the CIDR that will be used for services. This field is immutable.

IPFamilies specifies the IP protocol versions to use for shoot networking. See https://github.com/gardener/gardener/blob/master/docs/development/ipv6.md

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

IPFamilies specifies the IP protocol versions that actually are used for shoot networking. During dual-stack migration, this field may differ from the spec.

Capacity represents the expected Node capacity.

VirtualCapacity represents the expected Node ‘virtual’ capacity ie comprising virtual extended resources.

Command defines the command responsible for performing machine image updates.

Args provides a mechanism to pass additional arguments or flags to the Command.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

CRI config is a structure contains configurations of the CRI library

Purpose describes how the result of this OperatingSystemConfig is used by Gardener. Either it gets sent to the Worker extension controller to bootstrap a VM, or it is downloaded by the gardener-node-agent already running on a bootstrapped VM. This field is immutable.

Units is a list of unit for the operating system configuration (usually, a systemd unit).

Files is a list of files that should get written to the host’s file system.

InPlaceUpdates contains the configuration for in-place updates.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

ExtensionUnits is a list of additional systemd units provided by the extension.

ExtensionFiles is a list of additional files provided by the extension.

CloudConfig is a structure for containing the generated output for the given operating system config spec. It contains a reference to a secret as the result may contain confidential data. After Gardener v1.112, this will be only set for OperatingSystemConfigs with purpose ‘provision’.

InPlaceUpdates contains the configuration for in-place updates.

Op is the operation for the given path. Possible values are ‘add’ and ‘remove’, defaults to ‘add’.

Path is a list of elements that construct the path in the plugins section.

Values are the values configured at the given path. If defined, it is expected as json format: - A given json object will be put to the given path. - If not configured, only the table entry to be created.

Upstream is the upstream name of the registry.

Server is the URL to registry server of this upstream. It corresponds to the server field in the hosts.toml file, see https://github.com/containerd/containerd/blob/c51463010e0682f76dfdc10edc095e6596e2764b/docs/hosts.md#server-field for more information.

Hosts are the registry hosts. It corresponds to the host fields in the hosts.toml file, see https://github.com/containerd/containerd/blob/c51463010e0682f76dfdc10edc095e6596e2764b/docs/hosts.md#host-fields-in-the-toml-table-format for more information.

ReadinessProbe determines if host registry endpoints should be probed before they are added to the containerd config.

URL is the endpoint address of the registry mirror.

Capabilities determine what operations a host is capable of performing. Defaults to - pull - resolve

CACerts are paths to public key certificates used for TLS.

LastInitiationTime is the most recent time when the service account key credential rotation was initiated.

Name is the name of a unit.

Command is the unit’s command.

Enable describes whether the unit is enabled or not.

Content is the unit’s content.

DropIns is a list of drop-ins for this unit.

FilePaths is a list of files the unit depends on. If any file changes a restart of the dependent unit will be triggered. For each FilePath there must exist a File with matching Path in OperatingSystemConfig.Spec.Files.

Name of the volume to make it referenceable.

Type is the type of the volume.

Size is the of the root volume.

Encrypted determines if the volume should be encrypted.

MachineType contains information about the machine type that should be used for this worker pool.

Maximum is the maximum size of the worker pool.

MaxSurge is maximum number of VMs that are created during an update.

MaxUnavailable is the maximum number of VMs that can be unavailable during an update.

Annotations is a map of key/value pairs for annotations for all the Node objects in this worker pool.

Labels is a map of key/value pairs for labels for all the Node objects in this worker pool.

Taints is a list of taints for all the Node objects in this worker pool.

MachineImage contains logical information about the name and the version of the machie image that should be used. The logical information must be mapped to the provider-specific information (e.g., AMIs, …) by the provider itself.

Minimum is the minimum size of the worker pool.

Name is the name of this worker pool.

NodeAgentSecretName is uniquely identifying selected aspects of the OperatingSystemConfig. If it changes, then the worker pool must be rolled.

ProviderConfig is a provider specific configuration for the worker pool.

UserDataSecretRef references a Secret and a data key containing the data that is sent to the provider’s APIs when a new machine/VM that is part of this worker pool shall be spawned.

Volume contains information about the root disks that should be used for this worker pool.

DataVolumes contains a list of additional worker volumes.

KubeletDataVolumeName contains the name of a dataVolume that should be used for storing kubelet state.

Zones contains information about availability zones for this worker pool.

MachineControllerManagerSettings contains configurations for different worker-pools. Eg. MachineDrainTimeout, MachineHealthTimeout.

KubernetesVersion is the kubernetes version in this worker pool

KubeletConfig contains the kubelet configuration for the worker pool.

NodeTemplate contains resource information of the machine which is used by Cluster Autoscaler to generate nodeTemplate during scaling a nodeGroup

Architecture is the CPU architecture of the worker pool machines and machine image.

ClusterAutoscaler contains the cluster autoscaler configurations for the worker pool.

Priority (or weight) is the importance by which this worker pool will be scaled by cluster autoscaling.

UpdateStrategy specifies the machine update strategy for the worker pool.

(Members of DefaultSpec are embedded into this type.)

DefaultSpec is a structure containing common fields used by all extension resources.

InfrastructureProviderStatus is a raw extension field that contains the provider status that has been generated by the controller responsible for the Infrastructure resource.

Region is the name of the region where the worker pool should be deployed to. This field is immutable.

SecretRef is a reference to a secret that contains the cloud provider specific credentials.

SSHPublicKey is the public SSH key that should be used with these workers.

Pools is a list of worker pools.

(Members of DefaultStatus are embedded into this type.)

DefaultStatus is a structure containing common fields used by all extension resources.

MachineDeployments is a list of created machine deployments. It will be used to e.g. configure the cluster-autoscaler properly.

MachineDeploymentsLastUpdateTime is the timestamp when the status.MachineDeployments slice was last updated.

InPlaceUpdates contains the status for in-place updates.