diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index 57338175cf8..75e693ba5a7 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -53284,6 +53284,13 @@ func schema_openshift_api_operator_v1_KubeAPIServerSpec(ref common.ReferenceCall Format: "int32", }, }, + "eventTTLMinutes": { + SchemaProps: spec.SchemaProps{ + Description: "eventTTLMinutes specifies the amount of time that the events are stored before being deleted. The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours).\n\nLowering this value will reduce the storage required in etcd. Note that this setting will only apply to new events being created and will not update existing events.\n\nWhen omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is 3h (180 minutes).", + Type: []string{"integer"}, + Format: "int32", + }, + }, }, Required: []string{"managementState", "forceRedeploymentReason"}, }, @@ -53405,6 +53412,11 @@ func schema_openshift_api_operator_v1_KubeAPIServerStatus(ref common.ReferenceCa }, }, "serviceAccountIssuers": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, SchemaProps: spec.SchemaProps{ Description: "serviceAccountIssuers tracks history of used service account issuers. The item without expiration time represents the currently used service account issuer. The other items represents service account issuers that were used previously and are still being trusted. The default expiration for the items is set by the platform and it defaults to 24h. see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection", Type: []string{"array"}, diff --git a/openapi/openapi.json b/openapi/openapi.json index a2af11a3e71..44f475e1bdb 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -30910,6 +30910,11 @@ "forceRedeploymentReason" ], "properties": { + "eventTTLMinutes": { + "description": "eventTTLMinutes specifies the amount of time that the events are stored before being deleted. The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours).\n\nLowering this value will reduce the storage required in etcd. Note that this setting will only apply to new events being created and will not update existing events.\n\nWhen omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is 3h (180 minutes).", + "type": "integer", + "format": "int32" + }, "failedRevisionLimit": { "description": "failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)", "type": "integer", @@ -31016,7 +31021,8 @@ "items": { "default": {}, "$ref": "#/definitions/com.github.openshift.api.operator.v1.ServiceAccountIssuerStatus" - } + }, + "x-kubernetes-list-type": "atomic" }, "version": { "description": "version is the level this availability applies to", diff --git a/operator/v1/tests/kubeapiservers.operator.openshift.io/EventTTL.yaml b/operator/v1/tests/kubeapiservers.operator.openshift.io/EventTTL.yaml new file mode 100644 index 00000000000..77b06237591 --- /dev/null +++ b/operator/v1/tests/kubeapiservers.operator.openshift.io/EventTTL.yaml @@ -0,0 +1,49 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "KubeAPIServer" +crdName: kubeapiservers.operator.openshift.io +featureGates: + - EventTTL +tests: + onCreate: + - name: Should be able to create default omitted event ttl + initial: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + spec: {} # No spec is required for a KubeAPIServer + expected: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + spec: + logLevel: Normal + operatorLogLevel: Normal + - name: Should be able to create a normal hour event ttl + initial: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + spec: + eventTTLMinutes: 60 + expected: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + spec: + logLevel: Normal + operatorLogLevel: Normal + eventTTLMinutes: 60 + - name: Should not be able to create with less than 5 minutes + initial: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + metadata: + name: gg1 + spec: + eventTTLMinutes: 4 + expectedError: "Invalid value: 4: spec.eventTTLMinutes in body should be greater than or equal to 5" + - name: Should not be able to create more than 360 minutes + initial: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + metadata: + name: gg1 + spec: + eventTTLMinutes: 181 + expectedError: "Invalid value: 181: spec.eventTTLMinutes in body should be less than or equal to 180" diff --git a/operator/v1/types_kubeapiserver.go b/operator/v1/types_kubeapiserver.go index 7d468755a19..1461f11a12a 100644 --- a/operator/v1/types_kubeapiserver.go +++ b/operator/v1/types_kubeapiserver.go @@ -35,6 +35,21 @@ type KubeAPIServer struct { type KubeAPIServerSpec struct { StaticPodOperatorSpec `json:",inline"` + + // eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + // The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + // + // Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + // to new events being created and will not update existing events. + // + // When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is 3h (180 minutes). + // + // +openshift:enable:FeatureGate=EventTTL + // +kubebuilder:validation:Minimum=5 + // +kubebuilder:validation:Maximum=180 + // +optional + EventTTLMinutes int32 `json:"eventTTLMinutes,omitempty"` } type KubeAPIServerStatus struct { @@ -46,6 +61,7 @@ type KubeAPIServerStatus struct { // The default expiration for the items is set by the platform and it defaults to 24h. // see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection // +optional + // +listType=atomic ServiceAccountIssuers []ServiceAccountIssuerStatus `json:"serviceAccountIssuers,omitempty"` } diff --git a/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-CustomNoUpgrade.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-CustomNoUpgrade.crd.yaml new file mode 100644 index 00000000000..ba2587dc9d7 --- /dev/null +++ b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-CustomNoUpgrade.crd.yaml @@ -0,0 +1,349 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: kubeapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeAPIServer + listKind: KubeAPIServerList + plural: kubeapiservers + singular: kubeapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + KubeAPIServer provides information to configure an operator to manage kube-apiserver. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes API Server + properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer + failedRevisionLimit: + description: |- + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: |- + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. + This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work + this time instead of failing again on the same config. + type: string + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: |- + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + API Server + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: |- + currentRevision is the generation of the most recently successful deployment. + Can not be set on creation of a nodeStatus. Updates must only increase the value. + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: |- + targetRevision is the generation of the deployment we're trying to apply. + Can not be set on creation of a nodeStatus. + format: int32 + type: integer + required: + - nodeName + type: object + x-kubernetes-validations: + - fieldPath: .currentRevision + message: cannot be unset once set + rule: has(self.currentRevision) || !has(oldSelf.currentRevision) + - fieldPath: .currentRevision + message: currentRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.currentRevision) + - fieldPath: .targetRevision + message: targetRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.targetRevision) + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: no more than 1 node status may have a nonzero targetRevision + rule: size(self.filter(status, status.?targetRevision.orValue(0) + != 0)) <= 1 + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + serviceAccountIssuers: + description: |- + serviceAccountIssuers tracks history of used service account issuers. + The item without expiration time represents the currently used service account issuer. + The other items represents service account issuers that were used previously and are still being trusted. + The default expiration for the items is set by the platform and it defaults to 24h. + see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection + items: + properties: + expirationTime: + description: |- + expirationTime is the time after which this service account issuer will be pruned and removed from the trusted list + of service account issuers. + format: date-time + type: string + name: + description: name is the name of the service account issuer + type: string + type: object + type: array + x-kubernetes-list-type: atomic + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-Default.crd.yaml similarity index 99% rename from operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml rename to operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-Default.crd.yaml index a8664362d67..3e7c51dc6f1 100644 --- a/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml +++ b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-Default.crd.yaml @@ -6,6 +6,7 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: Default name: kubeapiservers.operator.openshift.io spec: group: operator.openshift.io @@ -320,6 +321,7 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic version: description: version is the level this availability applies to type: string diff --git a/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-DevPreviewNoUpgrade.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-DevPreviewNoUpgrade.crd.yaml new file mode 100644 index 00000000000..b0d11038de2 --- /dev/null +++ b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-DevPreviewNoUpgrade.crd.yaml @@ -0,0 +1,349 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: DevPreviewNoUpgrade + name: kubeapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeAPIServer + listKind: KubeAPIServerList + plural: kubeapiservers + singular: kubeapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + KubeAPIServer provides information to configure an operator to manage kube-apiserver. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes API Server + properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer + failedRevisionLimit: + description: |- + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: |- + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. + This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work + this time instead of failing again on the same config. + type: string + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: |- + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + API Server + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: |- + currentRevision is the generation of the most recently successful deployment. + Can not be set on creation of a nodeStatus. Updates must only increase the value. + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: |- + targetRevision is the generation of the deployment we're trying to apply. + Can not be set on creation of a nodeStatus. + format: int32 + type: integer + required: + - nodeName + type: object + x-kubernetes-validations: + - fieldPath: .currentRevision + message: cannot be unset once set + rule: has(self.currentRevision) || !has(oldSelf.currentRevision) + - fieldPath: .currentRevision + message: currentRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.currentRevision) + - fieldPath: .targetRevision + message: targetRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.targetRevision) + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: no more than 1 node status may have a nonzero targetRevision + rule: size(self.filter(status, status.?targetRevision.orValue(0) + != 0)) <= 1 + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + serviceAccountIssuers: + description: |- + serviceAccountIssuers tracks history of used service account issuers. + The item without expiration time represents the currently used service account issuer. + The other items represents service account issuers that were used previously and are still being trusted. + The default expiration for the items is set by the platform and it defaults to 24h. + see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection + items: + properties: + expirationTime: + description: |- + expirationTime is the time after which this service account issuer will be pruned and removed from the trusted list + of service account issuers. + format: date-time + type: string + name: + description: name is the name of the service account issuer + type: string + type: object + type: array + x-kubernetes-list-type: atomic + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-TechPreviewNoUpgrade.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 00000000000..48d0d6a7096 --- /dev/null +++ b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,349 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: kubeapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeAPIServer + listKind: KubeAPIServerList + plural: kubeapiservers + singular: kubeapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + KubeAPIServer provides information to configure an operator to manage kube-apiserver. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes API Server + properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer + failedRevisionLimit: + description: |- + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: |- + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. + This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work + this time instead of failing again on the same config. + type: string + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: |- + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + API Server + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: |- + currentRevision is the generation of the most recently successful deployment. + Can not be set on creation of a nodeStatus. Updates must only increase the value. + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: |- + targetRevision is the generation of the deployment we're trying to apply. + Can not be set on creation of a nodeStatus. + format: int32 + type: integer + required: + - nodeName + type: object + x-kubernetes-validations: + - fieldPath: .currentRevision + message: cannot be unset once set + rule: has(self.currentRevision) || !has(oldSelf.currentRevision) + - fieldPath: .currentRevision + message: currentRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.currentRevision) + - fieldPath: .targetRevision + message: targetRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.targetRevision) + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: no more than 1 node status may have a nonzero targetRevision + rule: size(self.filter(status, status.?targetRevision.orValue(0) + != 0)) <= 1 + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + serviceAccountIssuers: + description: |- + serviceAccountIssuers tracks history of used service account issuers. + The item without expiration time represents the currently used service account issuer. + The other items represents service account issuers that were used previously and are still being trusted. + The default expiration for the items is set by the platform and it defaults to 24h. + see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection + items: + properties: + expirationTime: + description: |- + expirationTime is the time after which this service account issuer will be pruned and removed from the trusted list + of service account issuers. + format: date-time + type: string + name: + description: name is the name of the service account issuer + type: string + type: object + type: array + x-kubernetes-list-type: atomic + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/operator/v1/zz_generated.featuregated-crd-manifests.yaml index 613d32b5e8e..e7c94e28694 100644 --- a/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -217,7 +217,8 @@ kubeapiservers.operator.openshift.io: CRDName: kubeapiservers.operator.openshift.io Capability: "" Category: coreoperators - FeatureGates: [] + FeatureGates: + - EventTTL FilenameOperatorName: kube-apiserver FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_20" diff --git a/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/AAA_ungated.yaml b/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/AAA_ungated.yaml index 7d8985a1866..b4be3ef9ebd 100644 --- a/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/AAA_ungated.yaml +++ b/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/AAA_ungated.yaml @@ -321,6 +321,7 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic version: description: version is the level this availability applies to type: string diff --git a/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/EventTTL.yaml b/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/EventTTL.yaml new file mode 100644 index 00000000000..959f93828ba --- /dev/null +++ b/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/EventTTL.yaml @@ -0,0 +1,349 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/filename-cvo-runlevel: "0000_20" + api.openshift.io/filename-operator: kube-apiserver + api.openshift.io/filename-ordering: "01" + feature-gate.release.openshift.io/EventTTL: "true" + name: kubeapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeAPIServer + listKind: KubeAPIServerList + plural: kubeapiservers + singular: kubeapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + KubeAPIServer provides information to configure an operator to manage kube-apiserver. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes API Server + properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer + failedRevisionLimit: + description: |- + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: |- + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. + This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work + this time instead of failing again on the same config. + type: string + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: |- + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + API Server + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: |- + currentRevision is the generation of the most recently successful deployment. + Can not be set on creation of a nodeStatus. Updates must only increase the value. + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: |- + targetRevision is the generation of the deployment we're trying to apply. + Can not be set on creation of a nodeStatus. + format: int32 + type: integer + required: + - nodeName + type: object + x-kubernetes-validations: + - fieldPath: .currentRevision + message: cannot be unset once set + rule: has(self.currentRevision) || !has(oldSelf.currentRevision) + - fieldPath: .currentRevision + message: currentRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.currentRevision) + - fieldPath: .targetRevision + message: targetRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.targetRevision) + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: no more than 1 node status may have a nonzero targetRevision + rule: size(self.filter(status, status.?targetRevision.orValue(0) + != 0)) <= 1 + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + serviceAccountIssuers: + description: |- + serviceAccountIssuers tracks history of used service account issuers. + The item without expiration time represents the currently used service account issuer. + The other items represents service account issuers that were used previously and are still being trusted. + The default expiration for the items is set by the platform and it defaults to 24h. + see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection + items: + properties: + expirationTime: + description: |- + expirationTime is the time after which this service account issuer will be pruned and removed from the trusted list + of service account issuers. + format: date-time + type: string + name: + description: name is the name of the service account issuer + type: string + type: object + type: array + x-kubernetes-list-type: atomic + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index 55e9dd8d7bb..483d9720da9 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -1314,6 +1314,14 @@ func (KubeAPIServerList) SwaggerDoc() map[string]string { return map_KubeAPIServerList } +var map_KubeAPIServerSpec = map[string]string{ + "eventTTLMinutes": "eventTTLMinutes specifies the amount of time that the events are stored before being deleted. The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours).\n\nLowering this value will reduce the storage required in etcd. Note that this setting will only apply to new events being created and will not update existing events.\n\nWhen omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is 3h (180 minutes).", +} + +func (KubeAPIServerSpec) SwaggerDoc() map[string]string { + return map_KubeAPIServerSpec +} + var map_KubeAPIServerStatus = map[string]string{ "serviceAccountIssuers": "serviceAccountIssuers tracks history of used service account issuers. The item without expiration time represents the currently used service account issuer. The other items represents service account issuers that were used previously and are still being trusted. The default expiration for the items is set by the platform and it defaults to 24h. see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection", } diff --git a/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-CustomNoUpgrade.crd.yaml b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-CustomNoUpgrade.crd.yaml new file mode 100644 index 00000000000..ba2587dc9d7 --- /dev/null +++ b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-CustomNoUpgrade.crd.yaml @@ -0,0 +1,349 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: kubeapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeAPIServer + listKind: KubeAPIServerList + plural: kubeapiservers + singular: kubeapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + KubeAPIServer provides information to configure an operator to manage kube-apiserver. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes API Server + properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer + failedRevisionLimit: + description: |- + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: |- + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. + This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work + this time instead of failing again on the same config. + type: string + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: |- + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + API Server + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: |- + currentRevision is the generation of the most recently successful deployment. + Can not be set on creation of a nodeStatus. Updates must only increase the value. + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: |- + targetRevision is the generation of the deployment we're trying to apply. + Can not be set on creation of a nodeStatus. + format: int32 + type: integer + required: + - nodeName + type: object + x-kubernetes-validations: + - fieldPath: .currentRevision + message: cannot be unset once set + rule: has(self.currentRevision) || !has(oldSelf.currentRevision) + - fieldPath: .currentRevision + message: currentRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.currentRevision) + - fieldPath: .targetRevision + message: targetRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.targetRevision) + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: no more than 1 node status may have a nonzero targetRevision + rule: size(self.filter(status, status.?targetRevision.orValue(0) + != 0)) <= 1 + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + serviceAccountIssuers: + description: |- + serviceAccountIssuers tracks history of used service account issuers. + The item without expiration time represents the currently used service account issuer. + The other items represents service account issuers that were used previously and are still being trusted. + The default expiration for the items is set by the platform and it defaults to 24h. + see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection + items: + properties: + expirationTime: + description: |- + expirationTime is the time after which this service account issuer will be pruned and removed from the trusted list + of service account issuers. + format: date-time + type: string + name: + description: name is the name of the service account issuer + type: string + type: object + type: array + x-kubernetes-list-type: atomic + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-Default.crd.yaml similarity index 99% rename from payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml rename to payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-Default.crd.yaml index a8664362d67..3e7c51dc6f1 100644 --- a/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml +++ b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-Default.crd.yaml @@ -6,6 +6,7 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: Default name: kubeapiservers.operator.openshift.io spec: group: operator.openshift.io @@ -320,6 +321,7 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic version: description: version is the level this availability applies to type: string diff --git a/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-DevPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-DevPreviewNoUpgrade.crd.yaml new file mode 100644 index 00000000000..b0d11038de2 --- /dev/null +++ b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-DevPreviewNoUpgrade.crd.yaml @@ -0,0 +1,349 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: DevPreviewNoUpgrade + name: kubeapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeAPIServer + listKind: KubeAPIServerList + plural: kubeapiservers + singular: kubeapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + KubeAPIServer provides information to configure an operator to manage kube-apiserver. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes API Server + properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer + failedRevisionLimit: + description: |- + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: |- + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. + This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work + this time instead of failing again on the same config. + type: string + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: |- + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + API Server + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: |- + currentRevision is the generation of the most recently successful deployment. + Can not be set on creation of a nodeStatus. Updates must only increase the value. + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: |- + targetRevision is the generation of the deployment we're trying to apply. + Can not be set on creation of a nodeStatus. + format: int32 + type: integer + required: + - nodeName + type: object + x-kubernetes-validations: + - fieldPath: .currentRevision + message: cannot be unset once set + rule: has(self.currentRevision) || !has(oldSelf.currentRevision) + - fieldPath: .currentRevision + message: currentRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.currentRevision) + - fieldPath: .targetRevision + message: targetRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.targetRevision) + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: no more than 1 node status may have a nonzero targetRevision + rule: size(self.filter(status, status.?targetRevision.orValue(0) + != 0)) <= 1 + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + serviceAccountIssuers: + description: |- + serviceAccountIssuers tracks history of used service account issuers. + The item without expiration time represents the currently used service account issuer. + The other items represents service account issuers that were used previously and are still being trusted. + The default expiration for the items is set by the platform and it defaults to 24h. + see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection + items: + properties: + expirationTime: + description: |- + expirationTime is the time after which this service account issuer will be pruned and removed from the trusted list + of service account issuers. + format: date-time + type: string + name: + description: name is the name of the service account issuer + type: string + type: object + type: array + x-kubernetes-list-type: atomic + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-TechPreviewNoUpgrade.crd.yaml b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 00000000000..48d0d6a7096 --- /dev/null +++ b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,349 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: kubeapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeAPIServer + listKind: KubeAPIServerList + plural: kubeapiservers + singular: kubeapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + KubeAPIServer provides information to configure an operator to manage kube-apiserver. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes API Server + properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer + failedRevisionLimit: + description: |- + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: |- + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. + This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work + this time instead of failing again on the same config. + type: string + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: |- + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api + -1 = unlimited, 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + API Server + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: |- + currentRevision is the generation of the most recently successful deployment. + Can not be set on creation of a nodeStatus. Updates must only increase the value. + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: |- + targetRevision is the generation of the deployment we're trying to apply. + Can not be set on creation of a nodeStatus. + format: int32 + type: integer + required: + - nodeName + type: object + x-kubernetes-validations: + - fieldPath: .currentRevision + message: cannot be unset once set + rule: has(self.currentRevision) || !has(oldSelf.currentRevision) + - fieldPath: .currentRevision + message: currentRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.currentRevision) + - fieldPath: .targetRevision + message: targetRevision can not be set on creation of a nodeStatus + optionalOldSelf: true + rule: oldSelf.hasValue() || !has(self.targetRevision) + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: no more than 1 node status may have a nonzero targetRevision + rule: size(self.filter(status, status.?targetRevision.orValue(0) + != 0)) <= 1 + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + serviceAccountIssuers: + description: |- + serviceAccountIssuers tracks history of used service account issuers. + The item without expiration time represents the currently used service account issuer. + The other items represents service account issuers that were used previously and are still being trusted. + The default expiration for the items is set by the platform and it defaults to 24h. + see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection + items: + properties: + expirationTime: + description: |- + expirationTime is the time after which this service account issuer will be pruned and removed from the trusted list + of service account issuers. + format: date-time + type: string + name: + description: name is the name of the service account issuer + type: string + type: object + type: array + x-kubernetes-list-type: atomic + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {}