그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그 그

  18 minute read  

Packages:

operator.gardener.cloud/v1alpha1

Package v1alpha1 contains the configuration of the Gardener Operator.

Resource Types:

    ACMEIssuer

    (Appears on: DefaultIssuer)

    ACMEIssuer specifies an issuer using an ACME server.

    FieldDescription
    email
    string

    Email is the e-mail for the ACME user.

    server
    string

    Server is the ACME server endpoint.

    secretRef
    Kubernetes core/v1.LocalObjectReference
    (Optional)

    SecretRef is a reference to a secret containing a private key of the issuer (data key ‘privateKey’).

    precheckNameservers
    []string
    (Optional)

    PrecheckNameservers overwrites the default precheck nameservers used for checking DNS propagation. Format host or host:port, e.g. “8.8.8.8” same as “8.8.8.8:53” or “google-public-dns-a.google.com:53”.

    AdmissionDeploymentSpec

    (Appears on: Deployment)

    AdmissionDeploymentSpec contains the deployment specification for the admission controller of an extension.

    FieldDescription
    runtimeCluster
    DeploymentSpec
    (Optional)

    RuntimeCluster is the deployment configuration for the admission in the runtime cluster. The runtime deployment is responsible for creating the admission controller in the runtime cluster.

    virtualCluster
    DeploymentSpec
    (Optional)

    VirtualCluster is the deployment configuration for the admission deployment in the garden cluster. The garden deployment installs necessary resources in the virtual garden cluster e.g. RBAC that are necessary for the admission controller.

    values
    k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON
    (Optional)

    Values are the deployment values. The values will be applied to both admission deployments.

    AuditWebhook

    (Appears on: GardenerAPIServerConfig, KubeAPIServerConfig)

    AuditWebhook contains settings related to an audit webhook configuration.

    FieldDescription
    batchMaxSize
    int32
    (Optional)

    BatchMaxSize is the maximum size of a batch.

    kubeconfigSecretName
    string

    KubeconfigSecretName specifies the name of a secret containing the kubeconfig for this webhook.

    version
    string
    (Optional)

    Version is the API version to send and expect from the webhook.

    Authentication

    (Appears on: KubeAPIServerConfig)

    Authentication contains settings related to authentication.

    FieldDescription
    webhook
    AuthenticationWebhook
    (Optional)

    Webhook contains settings related to an authentication webhook configuration.

    AuthenticationWebhook

    (Appears on: Authentication)

    AuthenticationWebhook contains settings related to an authentication webhook configuration.

    FieldDescription
    cacheTTL
    Kubernetes meta/v1.Duration
    (Optional)

    CacheTTL is the duration to cache responses from the webhook authenticator.

    kubeconfigSecretName
    string

    KubeconfigSecretName specifies the name of a secret containing the kubeconfig for this webhook.

    version
    string
    (Optional)

    Version is the API version to send and expect from the webhook.

    Backup

    (Appears on: ETCDMain)

    Backup contains the object store configuration for backups for the virtual garden etcd.

    FieldDescription
    provider
    string

    Provider is a provider name. This field is immutable.

    bucketName
    string

    BucketName is the name of the backup bucket.

    secretRef
    Kubernetes core/v1.LocalObjectReference

    SecretRef is a reference to a Secret object containing the cloud provider credentials for the object store where backups should be stored. It should have enough privileges to manipulate the objects as well as buckets.

    CAIssuer

    (Appears on: DefaultIssuer)

    CAIssuer specifies an issuer using a root or intermediate CA to be used for signing.

    FieldDescription
    secretRef
    Kubernetes core/v1.LocalObjectReference

    SecretRef is a reference to a TLS secret containing the CA for signing certificates.

    CertManagement

    (Appears on: RuntimeCluster)

    CertManagement configures the cert-management component for issuing TLS certificates from an ACME server.

    FieldDescription
    config
    CertManagementConfig
    (Optional)

    Config contains configuration for deploying the cert-controller-manager.

    defaultIssuer
    DefaultIssuer

    DefaultIssuer is the default issuer used for requesting TLS certificates.

    CertManagementConfig

    (Appears on: CertManagement)

    CertManagementConfig contains information for deploying the cert-controller-manager.

    FieldDescription
    caCertificatesSecretRef
    Kubernetes core/v1.LocalObjectReference
    (Optional)

    CACertificatesSecretRef are additional root certificates to access ACME servers with private TLS certificates. The certificates are expected at key ‘bundle.crt’.

    ControlPlane

    (Appears on: VirtualCluster)

    ControlPlane holds information about the general settings for the control plane of the virtual garden cluster.

    FieldDescription
    highAvailability
    HighAvailability
    (Optional)

    HighAvailability holds the configuration settings for high availability settings.

    Credentials

    (Appears on: GardenStatus)

    Credentials contains information about the virtual garden cluster credentials.

    FieldDescription
    rotation
    CredentialsRotation
    (Optional)

    Rotation contains information about the credential rotations.

    CredentialsRotation

    (Appears on: Credentials)

    CredentialsRotation contains information about the rotation of credentials.

    FieldDescription
    certificateAuthorities
    github.com/gardener/gardener/pkg/apis/core/v1beta1.CARotation
    (Optional)

    CertificateAuthorities contains information about the certificate authority credential rotation.

    serviceAccountKey
    github.com/gardener/gardener/pkg/apis/core/v1beta1.ServiceAccountKeyRotation
    (Optional)

    ServiceAccountKey contains information about the service account key credential rotation.

    etcdEncryptionKey
    github.com/gardener/gardener/pkg/apis/core/v1beta1.ETCDEncryptionKeyRotation
    (Optional)

    ETCDEncryptionKey contains information about the ETCD encryption key credential rotation.

    observability
    github.com/gardener/gardener/pkg/apis/core/v1beta1.ObservabilityRotation
    (Optional)

    Observability contains information about the observability credential rotation.

    DNS

    (Appears on: VirtualCluster)

    DNS holds information about DNS settings.

    FieldDescription
    domains
    []string
    (Optional)

    Domains are the external domains of the virtual garden cluster. The first given domain in this list is immutable.

    DashboardGitHub

    (Appears on: GardenerDashboardConfig)

    DashboardGitHub contains configuration for the GitHub ticketing feature.

    FieldDescription
    apiURL
    string

    APIURL is the URL to the GitHub API.

    organisation
    string

    Organisation is the name of the GitHub organisation.

    repository
    string

    Repository is the name of the GitHub repository.

    secretRef
    Kubernetes core/v1.LocalObjectReference

    SecretRef is the reference to a secret in the garden namespace containing the GitHub credentials.

    pollInterval
    Kubernetes meta/v1.Duration
    (Optional)

    PollInterval is the interval of how often the GitHub API is polled for issue updates. This field is used as a fallback mechanism to ensure state synchronization, even when there is a GitHub webhook configuration. If a webhook event is missed or not successfully delivered, the polling will help catch up on any missed updates. If this field is not provided and there is no ‘webhookSecret’ key in the referenced secret, it will be implicitly defaulted to 15m.

    DashboardOIDC

    (Appears on: GardenerDashboardConfig)

    DashboardOIDC contains configuration for the OIDC settings.

    FieldDescription
    sessionLifetime
    Kubernetes meta/v1.Duration
    (Optional)

    SessionLifetime is the maximum duration of a session.

    additionalScopes
    []string
    (Optional)

    AdditionalScopes is the list of additional OIDC scopes.

    secretRef
    Kubernetes core/v1.LocalObjectReference

    SecretRef is the reference to a secret in the garden namespace containing the OIDC client ID and secret for the dashboard.

    DashboardTerminal

    (Appears on: GardenerDashboardConfig)

    DashboardTerminal contains configuration for the terminal settings.

    FieldDescription
    container
    DashboardTerminalContainer

    Container contains configuration for the dashboard terminal container.

    allowedHosts
    []string
    (Optional)

    AllowedHosts should consist of permitted hostnames (without the scheme) for terminal connections. It is important to consider that the usage of wildcards follows the rules defined by the content security policy. ‘.seed.local.gardener.cloud’, or ‘.other-seeds.local.gardener.cloud’. For more information, see https://github.com/gardener/dashboard/blob/master/docs/operations/webterminals.md#allowlist-for-hosts.

    DashboardTerminalContainer

    (Appears on: DashboardTerminal)

    DashboardTerminalContainer contains configuration for the dashboard terminal container.

    FieldDescription
    image
    string

    Image is the container image for the dashboard terminal container.

    description
    string
    (Optional)

    Description is a description for the dashboard terminal container with hints for the user.

    DefaultIssuer

    (Appears on: CertManagement)

    DefaultIssuer specifies an issuer to be created on the cluster.

    FieldDescription
    acme
    ACMEIssuer
    (Optional)

    ACME is the ACME protocol specific spec. Either ACME or CA must be specified.

    ca
    CAIssuer
    (Optional)

    CA is the CA specific spec. Either ACME or CA must be specified.

    Deployment

    (Appears on: ExtensionSpec)

    Deployment specifies how an extension can be installed for a Gardener landscape. It includes the specification for installing an extension and/or an admission controller.

    FieldDescription
    extension
    ExtensionDeploymentSpec
    (Optional)

    ExtensionDeployment contains the deployment configuration an extension.

    admission
    AdmissionDeploymentSpec
    (Optional)

    AdmissionDeployment contains the deployment configuration for an admission controller.

    DeploymentSpec

    (Appears on: AdmissionDeploymentSpec, ExtensionDeploymentSpec)

    DeploymentSpec is the specification for the deployment of a component.

    FieldDescription
    helm
    ExtensionHelm

    Helm contains the specification for a Helm deployment.

    ETCD

    (Appears on: VirtualCluster)

    ETCD contains configuration for the etcds of the virtual garden cluster.

    FieldDescription
    main
    ETCDMain
    (Optional)

    Main contains configuration for the main etcd.

    events
    ETCDEvents
    (Optional)

    Events contains configuration for the events etcd.

    ETCDEvents

    (Appears on: ETCD)

    ETCDEvents contains configuration for the events etcd.

    FieldDescription
    storage
    Storage
    (Optional)

    Storage contains storage configuration.

    ETCDMain

    (Appears on: ETCD)

    ETCDMain contains configuration for the main etcd.

    FieldDescription
    backup
    Backup
    (Optional)

    Backup contains the object store configuration for backups for the virtual garden etcd.

    storage
    Storage
    (Optional)

    Storage contains storage configuration.

    Extension

    Extension describes a Gardener extension.

    FieldDescription
    metadata
    Kubernetes meta/v1.ObjectMeta

    Standard object metadata.

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    ExtensionSpec

    Spec contains the specification of this extension.



    resources
    []github.com/gardener/gardener/pkg/apis/core/v1beta1.ControllerResource
    (Optional)

    Resources is a list of combinations of kinds (DNSRecord, Backupbucket, …) and their actual types (aws-route53, gcp).

    deployment
    Deployment
    (Optional)

    Deployment contains deployment configuration for an extension and it’s admission controller.

    status
    ExtensionStatus

    Status contains the status of this extension.

    ExtensionDeploymentSpec

    (Appears on: Deployment)

    ExtensionDeploymentSpec specifies how to install the extension in a gardener landscape. The installation is split into two parts: - installing the extension in the virtual garden cluster by creating the ControllerRegistration and ControllerDeployment - installing the extension in the runtime cluster (if necessary).

    FieldDescription
    DeploymentSpec
    DeploymentSpec

    (Members of DeploymentSpec are embedded into this type.)

    (Optional)

    DeploymentSpec is the deployment configuration for the extension.

    values
    k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON
    (Optional)

    Values are the deployment values used in the creation of the ControllerDeployment in the virtual garden cluster.

    runtimeClusterValues
    k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON
    (Optional)

    RuntimeClusterValues are the deployment values for the extension deployment running in the runtime garden cluster.

    policy
    github.com/gardener/gardener/pkg/apis/core/v1beta1.ControllerDeploymentPolicy
    (Optional)

    Policy controls how the controller is deployed. It defaults to ‘OnDemand’.

    ExtensionHelm

    (Appears on: DeploymentSpec)

    ExtensionHelm is the configuration for a helm deployment.

    FieldDescription
    ociRepository
    github.com/gardener/gardener/pkg/apis/core/v1.OCIRepository
    (Optional)

    OCIRepository defines where to pull the chart from.

    ExtensionSpec

    (Appears on: Extension)

    ExtensionSpec contains the specification of a Gardener extension.

    FieldDescription
    resources
    []github.com/gardener/gardener/pkg/apis/core/v1beta1.ControllerResource
    (Optional)

    Resources is a list of combinations of kinds (DNSRecord, Backupbucket, …) and their actual types (aws-route53, gcp).

    deployment
    Deployment
    (Optional)

    Deployment contains deployment configuration for an extension and it’s admission controller.

    ExtensionStatus

    (Appears on: Extension)

    ExtensionStatus is the status of a Gardener extension.

    FieldDescription
    observedGeneration
    int64
    (Optional)

    ObservedGeneration is the most recent generation observed for this resource.

    conditions
    []github.com/gardener/gardener/pkg/apis/core/v1beta1.Condition
    (Optional)

    Conditions represents the latest available observations of an Extension’s current state.

    providerStatus
    k8s.io/apimachinery/pkg/runtime.RawExtension
    (Optional)

    ProviderStatus contains type-specific status.

    Garden

    Garden describes a list of gardens.

    FieldDescription
    metadata
    Kubernetes meta/v1.ObjectMeta

    Standard object metadata.

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    GardenSpec

    Spec contains the specification of this garden.



    runtimeCluster
    RuntimeCluster

    RuntimeCluster contains configuration for the runtime cluster.

    virtualCluster
    VirtualCluster

    VirtualCluster contains configuration for the virtual cluster.

    status
    GardenStatus

    Status contains the status of this garden.

    GardenSpec

    (Appears on: Garden)

    GardenSpec contains the specification of a garden environment.

    FieldDescription
    runtimeCluster
    RuntimeCluster

    RuntimeCluster contains configuration for the runtime cluster.

    virtualCluster
    VirtualCluster

    VirtualCluster contains configuration for the virtual cluster.

    GardenStatus

    (Appears on: Garden)

    GardenStatus is the status of a garden environment.

    FieldDescription
    gardener
    github.com/gardener/gardener/pkg/apis/core/v1beta1.Gardener
    (Optional)

    Gardener holds information about the Gardener which last acted on the Garden.

    conditions
    []github.com/gardener/gardener/pkg/apis/core/v1beta1.Condition

    Conditions is a list of conditions.

    lastOperation
    github.com/gardener/gardener/pkg/apis/core/v1beta1.LastOperation
    (Optional)

    LastOperation holds information about the last operation on the Garden.

    observedGeneration
    int64

    ObservedGeneration is the most recent generation observed for this resource.

    credentials
    Credentials
    (Optional)

    Credentials contains information about the virtual garden cluster credentials.

    encryptedResources
    []string
    (Optional)

    EncryptedResources is the list of resources which are currently encrypted in the virtual garden by the virtual kube-apiserver. Resources which are encrypted by default will not appear here. See https://github.com/gardener/gardener/blob/master/docs/concepts/operator.md#etcd-encryption-config for more details.

    Gardener

    (Appears on: VirtualCluster)

    Gardener contains the configuration settings for the Gardener components.

    FieldDescription
    clusterIdentity
    string

    ClusterIdentity is the identity of the garden cluster. This field is immutable.

    gardenerAPIServer
    GardenerAPIServerConfig
    (Optional)

    APIServer contains configuration settings for the gardener-apiserver.

    gardenerAdmissionController
    GardenerAdmissionControllerConfig
    (Optional)

    AdmissionController contains configuration settings for the gardener-admission-controller.

    gardenerControllerManager
    GardenerControllerManagerConfig
    (Optional)

    ControllerManager contains configuration settings for the gardener-controller-manager.

    gardenerScheduler
    GardenerSchedulerConfig
    (Optional)

    Scheduler contains configuration settings for the gardener-scheduler.

    gardenerDashboard
    GardenerDashboardConfig
    (Optional)

    Dashboard contains configuration settings for the gardener-dashboard.

    gardenerDiscoveryServer
    GardenerDiscoveryServerConfig
    (Optional)

    DiscoveryServer contains configuration settings for the gardener-discovery-server.

    GardenerAPIServerConfig

    (Appears on: Gardener)

    GardenerAPIServerConfig contains configuration settings for the gardener-apiserver.

    FieldDescription
    KubernetesConfig
    github.com/gardener/gardener/pkg/apis/core/v1beta1.KubernetesConfig

    (Members of KubernetesConfig are embedded into this type.)

    admissionPlugins
    []github.com/gardener/gardener/pkg/apis/core/v1beta1.AdmissionPlugin
    (Optional)

    AdmissionPlugins contains the list of user-defined admission plugins (additional to those managed by Gardener), and, if desired, the corresponding configuration.

    auditConfig
    github.com/gardener/gardener/pkg/apis/core/v1beta1.AuditConfig
    (Optional)

    AuditConfig contains configuration settings for the audit of the kube-apiserver.

    auditWebhook
    AuditWebhook
    (Optional)

    AuditWebhook contains settings related to an audit webhook configuration.

    logging
    github.com/gardener/gardener/pkg/apis/core/v1beta1.APIServerLogging
    (Optional)

    Logging contains configuration for the log level and HTTP access logs.

    requests
    github.com/gardener/gardener/pkg/apis/core/v1beta1.APIServerRequests
    (Optional)

    Requests contains configuration for request-specific settings for the kube-apiserver.

    watchCacheSizes
    github.com/gardener/gardener/pkg/apis/core/v1beta1.WatchCacheSizes
    (Optional)

    WatchCacheSizes contains configuration of the API server’s watch cache sizes. Configuring these flags might be useful for large-scale Garden clusters with a lot of parallel update requests and a lot of watching controllers (e.g. large ManagedSeed clusters). When the API server’s watch cache’s capacity is too small to cope with the amount of update requests and watchers for a particular resource, it might happen that controller watches are permanently stopped with too old resource version errors. Starting from kubernetes v1.19, the API server’s watch cache size is adapted dynamically and setting the watch cache size flags will have no effect, except when setting it to 0 (which disables the watch cache).

    encryptionConfig
    github.com/gardener/gardener/pkg/apis/core/v1beta1.EncryptionConfig
    (Optional)

    EncryptionConfig contains customizable encryption configuration of the Gardener API server.

    GardenerAdmissionControllerConfig

    (Appears on: Gardener)

    GardenerAdmissionControllerConfig contains configuration settings for the gardener-admission-controller.

    FieldDescription
    logLevel
    string
    (Optional)

    LogLevel is the configured log level for the gardener-admission-controller. Must be one of [info,debug,error]. Defaults to info.

    resourceAdmissionConfiguration
    ResourceAdmissionConfiguration
    (Optional)

    ResourceAdmissionConfiguration is the configuration for resource size restrictions for arbitrary Group-Version-Kinds.

    GardenerControllerManagerConfig

    (Appears on: Gardener)

    GardenerControllerManagerConfig contains configuration settings for the gardener-controller-manager.

    FieldDescription
    KubernetesConfig
    github.com/gardener/gardener/pkg/apis/core/v1beta1.KubernetesConfig

    (Members of KubernetesConfig are embedded into this type.)

    defaultProjectQuotas
    []ProjectQuotaConfiguration
    (Optional)

    DefaultProjectQuotas is the default configuration matching projects are set up with if a quota is not already specified.

    logLevel
    string
    (Optional)

    LogLevel is the configured log level for the gardener-controller-manager. Must be one of [info,debug,error]. Defaults to info.

    GardenerDashboardConfig

    (Appears on: Gardener)

    GardenerDashboardConfig contains configuration settings for the gardener-dashboard.

    FieldDescription
    enableTokenLogin
    bool
    (Optional)

    EnableTokenLogin specifies whether it is possible to log into the dashboard with a JWT token. If disabled, OIDC must be configured.

    frontendConfigMapRef
    Kubernetes core/v1.LocalObjectReference
    (Optional)

    FrontendConfigMapRef is the reference to a ConfigMap in the garden namespace containing the frontend configuration.

    assetsConfigMapRef
    Kubernetes core/v1.LocalObjectReference
    (Optional)

    AssetsConfigMapRef is the reference to a ConfigMap in the garden namespace containing the assets (logos/icons).

    gitHub
    DashboardGitHub
    (Optional)

    GitHub contains configuration for the GitHub ticketing feature.

    logLevel
    string
    (Optional)

    LogLevel is the configured log level. Must be one of [trace,debug,info,warn,error]. Defaults to info.

    oidcConfig
    DashboardOIDC
    (Optional)

    OIDC contains configuration for the OIDC provider. This field must be provided when EnableTokenLogin is false.

    terminal
    DashboardTerminal
    (Optional)

    Terminal contains configuration for the terminal settings.

    GardenerDiscoveryServerConfig

    (Appears on: Gardener)

    GardenerDiscoveryServerConfig contains configuration settings for the gardener-discovery-server.

    GardenerSchedulerConfig

    (Appears on: Gardener)

    GardenerSchedulerConfig contains configuration settings for the gardener-scheduler.

    FieldDescription
    KubernetesConfig
    github.com/gardener/gardener/pkg/apis/core/v1beta1.KubernetesConfig

    (Members of KubernetesConfig are embedded into this type.)

    logLevel
    string
    (Optional)

    LogLevel is the configured log level for the gardener-scheduler. Must be one of [info,debug,error]. Defaults to info.

    GroupResource

    (Appears on: KubeAPIServerConfig)

    GroupResource contains a list of resources which should be stored in etcd-events instead of etcd-main.

    FieldDescription
    group
    string

    Group is the API group name.

    resource
    string

    Resource is the resource name.

    HighAvailability

    (Appears on: ControlPlane)

    HighAvailability specifies the configuration settings for high availability for a resource.

    Ingress

    (Appears on: RuntimeCluster)

    Ingress configures the Ingress specific settings of the runtime cluster.

    FieldDescription
    domains
    []string
    (Optional)

    Domains specify the ingress domains of the cluster pointing to the ingress controller endpoint. They will be used to construct ingress URLs for system applications running in runtime cluster.

    controller
    github.com/gardener/gardener/pkg/apis/core/v1beta1.IngressController

    Controller configures a Gardener managed Ingress Controller listening on the ingressDomain.

    KubeAPIServerConfig

    (Appears on: Kubernetes)

    KubeAPIServerConfig contains configuration settings for the kube-apiserver.

    FieldDescription
    KubeAPIServerConfig
    github.com/gardener/gardener/pkg/apis/core/v1beta1.KubeAPIServerConfig

    (Members of KubeAPIServerConfig are embedded into this type.)

    (Optional)

    KubeAPIServerConfig contains all configuration values not specific to the virtual garden cluster.

    auditWebhook
    AuditWebhook
    (Optional)

    AuditWebhook contains settings related to an audit webhook configuration.

    authentication
    Authentication
    (Optional)

    Authentication contains settings related to authentication.

    resourcesToStoreInETCDEvents
    []GroupResource
    (Optional)

    ResourcesToStoreInETCDEvents contains a list of resources which should be stored in etcd-events instead of etcd-main. The ‘events’ resource is always stored in etcd-events. Note that adding or removing resources from this list will not migrate them automatically from the etcd-main to etcd-events or vice versa.

    sni
    SNI
    (Optional)

    SNI contains configuration options for the TLS SNI settings.

    KubeControllerManagerConfig

    (Appears on: Kubernetes)

    KubeControllerManagerConfig contains configuration settings for the kube-controller-manager.

    FieldDescription
    KubeControllerManagerConfig
    github.com/gardener/gardener/pkg/apis/core/v1beta1.KubeControllerManagerConfig

    (Members of KubeControllerManagerConfig are embedded into this type.)

    (Optional)

    KubeControllerManagerConfig contains all configuration values not specific to the virtual garden cluster.

    certificateSigningDuration
    Kubernetes meta/v1.Duration
    (Optional)

    CertificateSigningDuration is the maximum length of duration signed certificates will be given. Individual CSRs may request shorter certs by setting spec.expirationSeconds.

    Kubernetes

    (Appears on: VirtualCluster)

    Kubernetes contains the version and configuration options for the Kubernetes components of the virtual garden cluster.

    FieldDescription
    kubeAPIServer
    KubeAPIServerConfig
    (Optional)

    KubeAPIServer contains configuration settings for the kube-apiserver.

    kubeControllerManager
    KubeControllerManagerConfig
    (Optional)

    KubeControllerManager contains configuration settings for the kube-controller-manager.

    version
    string

    Version is the semantic Kubernetes version to use for the virtual garden cluster.

    Maintenance

    (Appears on: VirtualCluster)

    Maintenance contains information about the time window for maintenance operations.

    FieldDescription
    timeWindow
    github.com/gardener/gardener/pkg/apis/core/v1beta1.MaintenanceTimeWindow

    TimeWindow contains information about the time window for maintenance operations.

    Networking

    (Appears on: VirtualCluster)

    Networking defines networking parameters for the virtual garden cluster.

    FieldDescription
    services
    string

    Services is the CIDR of the service network. This field is immutable.

    ProjectQuotaConfiguration

    (Appears on: GardenerControllerManagerConfig)

    ProjectQuotaConfiguration defines quota configurations.

    FieldDescription
    config
    k8s.io/apimachinery/pkg/runtime.RawExtension

    Config is the quota specification used for the project set-up. Only v1.ResourceQuota resources are supported.

    projectSelector
    Kubernetes meta/v1.LabelSelector
    (Optional)

    ProjectSelector is an optional setting to select the projects considered for quotas. Defaults to empty LabelSelector, which matches all projects.

    Provider

    (Appears on: RuntimeCluster)

    Provider defines the provider-specific information for this cluster.

    FieldDescription
    zones
    []string
    (Optional)

    Zones is the list of availability zones the cluster is deployed to.

    ResourceAdmissionConfiguration

    (Appears on: GardenerAdmissionControllerConfig)

    ResourceAdmissionConfiguration contains settings about arbitrary kinds and the size each resource should have at most.

    FieldDescription
    limits
    []ResourceLimit

    Limits contains configuration for resources which are subjected to size limitations.

    unrestrictedSubjects
    []Kubernetes rbac/v1.Subject
    (Optional)

    UnrestrictedSubjects contains references to users, groups, or service accounts which aren’t subjected to any resource size limit.

    operationMode
    ResourceAdmissionWebhookMode
    (Optional)

    OperationMode specifies the mode the webhooks operates in. Allowed values are “block” and “log”. Defaults to “block”.

    ResourceAdmissionWebhookMode (string alias)

    (Appears on: ResourceAdmissionConfiguration)

    ResourceAdmissionWebhookMode is an alias type for the resource admission webhook mode.

    ResourceLimit

    (Appears on: ResourceAdmissionConfiguration)

    ResourceLimit contains settings about a kind and the size each resource should have at most.

    FieldDescription
    apiGroups
    []string
    (Optional)

    APIGroups is the name of the APIGroup that contains the limited resource. WildcardAll represents all groups.

    apiVersions
    []string
    (Optional)

    APIVersions is the version of the resource. WildcardAll represents all versions.

    resources
    []string

    Resources is the name of the resource this rule applies to. WildcardAll represents all resources.

    size
    k8s.io/apimachinery/pkg/api/resource.Quantity

    Size specifies the imposed limit.

    RuntimeCluster

    (Appears on: GardenSpec)

    RuntimeCluster contains configuration for the runtime cluster.

    FieldDescription
    ingress
    Ingress

    Ingress configures Ingress specific settings for the Garden cluster.

    networking
    RuntimeNetworking

    Networking defines the networking configuration of the runtime cluster.

    provider
    Provider

    Provider defines the provider-specific information for this cluster.

    settings
    Settings
    (Optional)

    Settings contains certain settings for this cluster.

    volume
    Volume
    (Optional)

    Volume contains settings for persistent volumes created in the runtime cluster.

    certManagement
    CertManagement
    (Optional)

    CertManagement configures the cert-management component for issuing TLS certificates from an ACME server.

    RuntimeNetworking

    (Appears on: RuntimeCluster)

    RuntimeNetworking defines the networking configuration of the runtime cluster.

    FieldDescription
    nodes
    string
    (Optional)

    Nodes is the CIDR of the node network. This field is immutable.

    pods
    string

    Pods is the CIDR of the pod network. This field is immutable.

    services
    string

    Services is the CIDR of the service network. This field is immutable.

    blockCIDRs
    []string
    (Optional)

    BlockCIDRs is a list of network addresses that should be blocked.

    SNI

    (Appears on: KubeAPIServerConfig)

    SNI contains configuration options for the TLS SNI settings.

    FieldDescription
    secretName
    string

    SecretName is the name of a secret containing the TLS certificate and private key.

    domainPatterns
    []string
    (Optional)

    DomainPatterns is a list of fully qualified domain names, possibly with prefixed wildcard segments. The domain patterns also allow IP addresses, but IPs should only be used if the apiserver has visibility to the IP address requested by a client. If no domain patterns are provided, the names of the certificate are extracted. Non-wildcard matches trump over wildcard matches, explicit domain patterns trump over extracted names.

    SettingLoadBalancerServices

    (Appears on: Settings)

    SettingLoadBalancerServices controls certain settings for services of type load balancer that are created in the runtime cluster.

    FieldDescription
    annotations
    map[string]string
    (Optional)

    Annotations is a map of annotations that will be injected/merged into every load balancer service object.

    SettingTopologyAwareRouting

    (Appears on: Settings)

    SettingTopologyAwareRouting controls certain settings for topology-aware traffic routing in the cluster. See https://github.com/gardener/gardener/blob/master/docs/operations/topology_aware_routing.md.

    FieldDescription
    enabled
    bool

    Enabled controls whether certain Services deployed in the cluster should be topology-aware. These Services are virtual-garden-etcd-main-client, virtual-garden-etcd-events-client and virtual-garden-kube-apiserver. Additionally, other components that are deployed to the runtime cluster via other means can read this field and according to its value enable/disable topology-aware routing for their Services.

    SettingVerticalPodAutoscaler

    (Appears on: Settings)

    SettingVerticalPodAutoscaler controls certain settings for the vertical pod autoscaler components deployed in the seed.

    FieldDescription
    enabled
    bool
    (Optional)

    Enabled controls whether the VPA components shall be deployed into this cluster. It is true by default because the operator (and Gardener) heavily rely on a VPA being deployed. You should only disable this if your runtime cluster already has another, manually/custom managed VPA deployment. If this is not the case, but you still disable it, then reconciliation will fail.

    Settings

    (Appears on: RuntimeCluster)

    Settings contains certain settings for this cluster.

    FieldDescription
    loadBalancerServices
    SettingLoadBalancerServices
    (Optional)

    LoadBalancerServices controls certain settings for services of type load balancer that are created in the runtime cluster.

    verticalPodAutoscaler
    SettingVerticalPodAutoscaler
    (Optional)

    VerticalPodAutoscaler controls certain settings for the vertical pod autoscaler components deployed in the cluster.

    topologyAwareRouting
    SettingTopologyAwareRouting
    (Optional)

    TopologyAwareRouting controls certain settings for topology-aware traffic routing in the cluster. See https://github.com/gardener/gardener/blob/master/docs/operations/topology_aware_routing.md.

    Storage

    (Appears on: ETCDEvents, ETCDMain)

    Storage contains storage configuration.

    FieldDescription
    capacity
    k8s.io/apimachinery/pkg/api/resource.Quantity
    (Optional)

    Capacity is the storage capacity for the volumes.

    className
    string
    (Optional)

    ClassName is the name of a storage class.

    VirtualCluster

    (Appears on: GardenSpec)

    VirtualCluster contains configuration for the virtual cluster.

    FieldDescription
    controlPlane
    ControlPlane
    (Optional)

    ControlPlane holds information about the general settings for the control plane of the virtual cluster.

    dns
    DNS

    DNS holds information about DNS settings.

    etcd
    ETCD
    (Optional)

    ETCD contains configuration for the etcds of the virtual garden cluster.

    gardener
    Gardener

    Gardener contains the configuration options for the Gardener control plane components.

    kubernetes
    Kubernetes

    Kubernetes contains the version and configuration options for the Kubernetes components of the virtual garden cluster.

    maintenance
    Maintenance

    Maintenance contains information about the time window for maintenance operations.

    networking
    Networking

    Networking contains information about cluster networking such as CIDRs, etc.

    Volume

    (Appears on: RuntimeCluster)

    Volume contains settings for persistent volumes created in the runtime cluster.

    FieldDescription
    minimumSize
    k8s.io/apimachinery/pkg/api/resource.Quantity
    (Optional)

    MinimumSize defines the minimum size that should be used for PVCs in the runtime cluster.


    Generated with gen-crd-api-reference-docs