This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Config and Storage Resources

1 - ConfigMap

ConfigMap holds configuration data for pods to consume.

apiVersion: v1

import "k8s.io/api/core/v1"

ConfigMap

ConfigMap holds configuration data for pods to consume.

  • apiVersion: v1

  • kind: ConfigMap

  • metadata (ObjectMeta)

    Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

  • binaryData (map[string][]byte)

    BinaryData contains the binary data. Each key must consist of alphanumeric characters, '-', '_' or '.'. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.

  • data (map[string]string)

    Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.

  • immutable (boolean)

    Immutable, if set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.

ConfigMapList

ConfigMapList is a resource containing a list of ConfigMap objects.

Operations

get read the specified ConfigMap

HTTP Request

GET /api/v1/namespaces/{namespace}/configmaps/{name}

Parameters

  • name (in path): string, required

    name of the ConfigMap

  • namespace (in path): string, required

    namespace

  • pretty (in query): string

    pretty

Response

200 (ConfigMap): OK

401: Unauthorized

list list or watch objects of kind ConfigMap

HTTP Request

GET /api/v1/namespaces/{namespace}/configmaps

Parameters

Response

200 (ConfigMapList): OK

401: Unauthorized

list list or watch objects of kind ConfigMap

HTTP Request

GET /api/v1/configmaps

Parameters

Response

200 (ConfigMapList): OK

401: Unauthorized

create create a ConfigMap

HTTP Request

POST /api/v1/namespaces/{namespace}/configmaps

Parameters

Response

200 (ConfigMap): OK

201 (ConfigMap): Created

202 (ConfigMap): Accepted

401: Unauthorized

update replace the specified ConfigMap

HTTP Request

PUT /api/v1/namespaces/{namespace}/configmaps/{name}

Parameters

Response

200 (ConfigMap): OK

201 (ConfigMap): Created

401: Unauthorized

patch partially update the specified ConfigMap

HTTP Request

PATCH /api/v1/namespaces/{namespace}/configmaps/{name}

Parameters

  • name (in path): string, required

    name of the ConfigMap

  • namespace (in path): string, required

    namespace

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (ConfigMap): OK

201 (ConfigMap): Created

401: Unauthorized

delete delete a ConfigMap

HTTP Request

DELETE /api/v1/namespaces/{namespace}/configmaps/{name}

Parameters

Response

200 (Status): OK

202 (Status): Accepted

401: Unauthorized

deletecollection delete collection of ConfigMap

HTTP Request

DELETE /api/v1/namespaces/{namespace}/configmaps

Parameters

Response

200 (Status): OK

401: Unauthorized

2 - Secret

Secret holds secret data of a certain type.

apiVersion: v1

import "k8s.io/api/core/v1"

Secret

Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.

  • apiVersion: v1

  • kind: Secret

  • metadata (ObjectMeta)

    Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

  • data (map[string][]byte)

    Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4

  • immutable (boolean)

    Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.

  • stringData (map[string]string)

    stringData allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API.

  • type (string)

    Used to facilitate programmatic handling of secret data. More info: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types

SecretList

SecretList is a list of Secret.

Operations

get read the specified Secret

HTTP Request

GET /api/v1/namespaces/{namespace}/secrets/{name}

Parameters

  • name (in path): string, required

    name of the Secret

  • namespace (in path): string, required

    namespace

  • pretty (in query): string

    pretty

Response

200 (Secret): OK

401: Unauthorized

list list or watch objects of kind Secret

HTTP Request

GET /api/v1/namespaces/{namespace}/secrets

Parameters

Response

200 (SecretList): OK

401: Unauthorized

list list or watch objects of kind Secret

HTTP Request

GET /api/v1/secrets

Parameters

Response

200 (SecretList): OK

401: Unauthorized

create create a Secret

HTTP Request

POST /api/v1/namespaces/{namespace}/secrets

Parameters

Response

200 (Secret): OK

201 (Secret): Created

202 (Secret): Accepted

401: Unauthorized

update replace the specified Secret

HTTP Request

PUT /api/v1/namespaces/{namespace}/secrets/{name}

Parameters

  • name (in path): string, required

    name of the Secret

  • namespace (in path): string, required

    namespace

  • body: Secret, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • pretty (in query): string

    pretty

Response

200 (Secret): OK

201 (Secret): Created

401: Unauthorized

patch partially update the specified Secret

HTTP Request

PATCH /api/v1/namespaces/{namespace}/secrets/{name}

Parameters

  • name (in path): string, required

    name of the Secret

  • namespace (in path): string, required

    namespace

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (Secret): OK

201 (Secret): Created

401: Unauthorized

delete delete a Secret

HTTP Request

DELETE /api/v1/namespaces/{namespace}/secrets/{name}

Parameters

Response

200 (Status): OK

202 (Status): Accepted

401: Unauthorized

deletecollection delete collection of Secret

HTTP Request

DELETE /api/v1/namespaces/{namespace}/secrets

Parameters

Response

200 (Status): OK

401: Unauthorized

3 - Volume

Volume represents a named volume in a pod that may be accessed by any container in the pod.

import "k8s.io/api/core/v1"

Volume

Volume represents a named volume in a pod that may be accessed by any container in the pod.

Exposed Persistent volumes

  • persistentVolumeClaim (PersistentVolumeClaimVolumeSource)

    persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

    PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).

Projections

  • configMap (ConfigMapVolumeSource)

    configMap represents a configMap that should populate this volume

    *Adapts a ConfigMap into a volume.

    The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.*

    • configMap.name (string)

      Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

    • configMap.optional (boolean)

      optional specify whether the ConfigMap or its keys must be defined

    • configMap.defaultMode (int32)

      defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

    • configMap.items ([]KeyToPath)

      items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

  • secret (SecretVolumeSource)

    secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

    *Adapts a Secret into a volume.

    The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.*

    • secret.secretName (string)

      secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

    • secret.optional (boolean)

      optional field specify whether the Secret or its keys must be defined

    • secret.defaultMode (int32)

      defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

    • secret.items ([]KeyToPath)

      items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

  • downwardAPI (DownwardAPIVolumeSource)

    downwardAPI represents downward API about the pod that should populate this volume

    DownwardAPIVolumeSource represents a volume containing downward API info. Downward API volumes support ownership management and SELinux relabeling.

    • downwardAPI.defaultMode (int32)

      Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

    • downwardAPI.items ([]DownwardAPIVolumeFile)

      Items is a list of downward API volume file

  • projected (ProjectedVolumeSource)

    projected items for all in one resources secrets, configmaps, and downward API

    Represents a projected volume source

    • projected.defaultMode (int32)

      defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

    • projected.sources ([]VolumeProjection)

      sources is the list of volume projections

      Projection that may be projected along with other supported volume types

      • projected.sources.configMap (ConfigMapProjection)

        configMap information about the configMap data to project

        *Adapts a ConfigMap into a projected volume.

        The contents of the target ConfigMap's Data field will be presented in a projected volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. Note that this is identical to a configmap volume source without the default mode.*

        • projected.sources.configMap.name (string)

          Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

        • projected.sources.configMap.optional (boolean)

          optional specify whether the ConfigMap or its keys must be defined

        • projected.sources.configMap.items ([]KeyToPath)

          items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

      • projected.sources.downwardAPI (DownwardAPIProjection)

        downwardAPI information about the downwardAPI data to project

        Represents downward API info for projecting into a projected volume. Note that this is identical to a downwardAPI volume source without the default mode.

      • projected.sources.secret (SecretProjection)

        secret information about the secret data to project

        *Adapts a secret into a projected volume.

        The contents of the target Secret's Data field will be presented in a projected volume as files using the keys in the Data field as the file names. Note that this is identical to a secret volume source without the default mode.*

        • projected.sources.secret.name (string)

          Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

        • projected.sources.secret.optional (boolean)

          optional field specify whether the Secret or its key must be defined

        • projected.sources.secret.items ([]KeyToPath)

          items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.

      • projected.sources.serviceAccountToken (ServiceAccountTokenProjection)

        serviceAccountToken is information about the serviceAccountToken data to project

        ServiceAccountTokenProjection represents a projected service account token volume. This projection can be used to insert a service account token into the pods runtime filesystem for use against APIs (Kubernetes API Server or otherwise).

        • projected.sources.serviceAccountToken.path (string), required

          path is the path relative to the mount point of the file to project the token into.

        • projected.sources.serviceAccountToken.audience (string)

          audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.

        • projected.sources.serviceAccountToken.expirationSeconds (int64)

          expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.

Local / Temporary Directory

  • emptyDir (EmptyDirVolumeSource)

    emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

    Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.

    • emptyDir.medium (string)

      medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

    • emptyDir.sizeLimit (Quantity)

      sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

  • hostPath (HostPathVolumeSource)

    hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

    Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.

Persistent volumes

  • awsElasticBlockStore (AWSElasticBlockStoreVolumeSource)

    awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

    *Represents a Persistent Disk resource in AWS.

    An AWS EBS disk must exist before mounting to a container. The disk must also be in the same AWS zone as the kubelet. An AWS EBS disk can only be mounted as read/write once. AWS EBS volumes support ownership management and SELinux relabeling.*

  • azureDisk (AzureDiskVolumeSource)

    azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

    AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

    • azureDisk.diskName (string), required

      diskName is the Name of the data disk in the blob storage

    • azureDisk.diskURI (string), required

      diskURI is the URI of data disk in the blob storage

    • azureDisk.cachingMode (string)

      cachingMode is the Host Caching mode: None, Read Only, Read Write.

    • azureDisk.fsType (string)

      fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

    • azureDisk.kind (string)

      kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

    • azureDisk.readOnly (boolean)

      readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

  • azureFile (AzureFileVolumeSource)

    azureFile represents an Azure File Service mount on the host and bind mount to the pod.

    AzureFile represents an Azure File Service mount on the host and bind mount to the pod.

    • azureFile.secretName (string), required

      secretName is the name of secret that contains Azure Storage Account Name and Key

    • azureFile.shareName (string), required

      shareName is the azure share Name

    • azureFile.readOnly (boolean)

      readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

  • cephfs (CephFSVolumeSource)

    cephFS represents a Ceph FS mount on the host that shares a pod's lifetime

    Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.

  • cinder (CinderVolumeSource)

    cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

    Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.

  • csi (CSIVolumeSource)

    csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).

    Represents a source location of a volume to mount, managed by an external CSI driver

    • csi.driver (string), required

      driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.

    • csi.fsType (string)

      fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.

    • csi.nodePublishSecretRef (LocalObjectReference)

      nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

    • csi.readOnly (boolean)

      readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).

    • csi.volumeAttributes (map[string]string)

      volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.

  • ephemeral (EphemeralVolumeSource)

    ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

    Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim).

    Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

    Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

    A pod can use both types of ephemeral volumes and persistent volumes at the same time.

    Represents an ephemeral volume that is handled by a normal storage driver.

    • ephemeral.volumeClaimTemplate (PersistentVolumeClaimTemplate)

      Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be \<pod name>-\<volume name> where \<volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

      An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

      This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

      Required, must not be nil.

      PersistentVolumeClaimTemplate is used to produce PersistentVolumeClaim objects as part of an EphemeralVolumeSource.

      • ephemeral.volumeClaimTemplate.spec (PersistentVolumeClaimSpec), required

        The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

      • ephemeral.volumeClaimTemplate.metadata (ObjectMeta)

        May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

  • fc (FCVolumeSource)

    fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.

    Represents a Fibre Channel volume. Fibre Channel volumes can only be mounted as read/write once. Fibre Channel volumes support ownership management and SELinux relabeling.

    • fc.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

    • fc.lun (int32)

      lun is Optional: FC target lun number

    • fc.readOnly (boolean)

      readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • fc.targetWWNs ([]string)

      targetWWNs is Optional: FC target worldwide names (WWNs)

    • fc.wwids ([]string)

      wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

  • flexVolume (FlexVolumeSource)

    flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

    FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

    • flexVolume.driver (string), required

      driver is the name of the driver to use for this volume.

    • flexVolume.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.

    • flexVolume.options (map[string]string)

      options is Optional: this field holds extra command options if any.

    • flexVolume.readOnly (boolean)

      readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • flexVolume.secretRef (LocalObjectReference)

      secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

  • flocker (FlockerVolumeSource)

    flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running

    Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.

    • flocker.datasetName (string)

      datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated

    • flocker.datasetUUID (string)

      datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset

  • gcePersistentDisk (GCEPersistentDiskVolumeSource)

    gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

    *Represents a Persistent Disk resource in Google Compute Engine.

    A GCE PD must exist before mounting to a container. The disk must also be in the same GCE project and zone as the kubelet. A GCE PD can only be mounted as read/write once or read-only many times. GCE PDs support ownership management and SELinux relabeling.*

  • glusterfs (GlusterfsVolumeSource)

    glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md

    Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.

  • iscsi (ISCSIVolumeSource)

    iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md

    Represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.

    • iscsi.iqn (string), required

      iqn is the target iSCSI Qualified Name.

    • iscsi.lun (int32), required

      lun represents iSCSI Target Lun number.

    • iscsi.targetPortal (string), required

      targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

    • iscsi.chapAuthDiscovery (boolean)

      chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication

    • iscsi.chapAuthSession (boolean)

      chapAuthSession defines whether support iSCSI Session CHAP authentication

    • iscsi.fsType (string)

      fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi

    • iscsi.initiatorName (string)

      initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

    • iscsi.iscsiInterface (string)

      iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

    • iscsi.portals ([]string)

      portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

    • iscsi.readOnly (boolean)

      readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

    • iscsi.secretRef (LocalObjectReference)

      secretRef is the CHAP Secret for iSCSI target and initiator authentication

  • nfs (NFSVolumeSource)

    nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

    Represents an NFS mount that lasts the lifetime of a pod. NFS volumes do not support ownership management or SELinux relabeling.

  • photonPersistentDisk (PhotonPersistentDiskVolumeSource)

    photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

    Represents a Photon Controller persistent disk resource.

    • photonPersistentDisk.pdID (string), required

      pdID is the ID that identifies Photon Controller persistent disk

    • photonPersistentDisk.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

  • portworxVolume (PortworxVolumeSource)

    portworxVolume represents a portworx volume attached and mounted on kubelets host machine

    PortworxVolumeSource represents a Portworx volume resource.

    • portworxVolume.volumeID (string), required

      volumeID uniquely identifies a Portworx volume

    • portworxVolume.fsType (string)

      fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.

    • portworxVolume.readOnly (boolean)

      readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

  • quobyte (QuobyteVolumeSource)

    quobyte represents a Quobyte mount on the host that shares a pod's lifetime

    Represents a Quobyte mount that lasts the lifetime of a pod. Quobyte volumes do not support ownership management or SELinux relabeling.

    • quobyte.registry (string), required

      registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes

    • quobyte.volume (string), required

      volume is a string that references an already created Quobyte volume by name.

    • quobyte.group (string)

      group to map volume access to Default is no group

    • quobyte.readOnly (boolean)

      readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.

    • quobyte.tenant (string)

      tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin

    • quobyte.user (string)

      user to map volume access to Defaults to serivceaccount user

  • rbd (RBDVolumeSource)

    rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

    Represents a Rados Block Device mount that lasts the lifetime of a pod. RBD volumes support ownership management and SELinux relabeling.

  • scaleIO (ScaleIOVolumeSource)

    scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

    ScaleIOVolumeSource represents a persistent ScaleIO volume

    • scaleIO.gateway (string), required

      gateway is the host address of the ScaleIO API Gateway.

    • scaleIO.secretRef (LocalObjectReference), required

      secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

    • scaleIO.system (string), required

      system is the name of the storage system as configured in ScaleIO.

    • scaleIO.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".

    • scaleIO.protectionDomain (string)

      protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.

    • scaleIO.readOnly (boolean)

      readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • scaleIO.sslEnabled (boolean)

      sslEnabled Flag enable/disable SSL communication with Gateway, default false

    • scaleIO.storageMode (string)

      storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.

    • scaleIO.storagePool (string)

      storagePool is the ScaleIO Storage Pool associated with the protection domain.

    • scaleIO.volumeName (string)

      volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.

  • storageos (StorageOSVolumeSource)

    storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.

    Represents a StorageOS persistent volume resource.

    • storageos.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

    • storageos.readOnly (boolean)

      readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • storageos.secretRef (LocalObjectReference)

      secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

    • storageos.volumeName (string)

      volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.

    • storageos.volumeNamespace (string)

      volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.

  • vsphereVolume (VsphereVirtualDiskVolumeSource)

    vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

    Represents a vSphere volume resource.

    • vsphereVolume.volumePath (string), required

      volumePath is the path that identifies vSphere volume vmdk

    • vsphereVolume.fsType (string)

      fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

    • vsphereVolume.storagePolicyID (string)

      storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.

    • vsphereVolume.storagePolicyName (string)

      storagePolicyName is the storage Policy Based Management (SPBM) profile name.

Deprecated

  • gitRepo (GitRepoVolumeSource)

    gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.

    *Represents a volume that is populated with the contents of a git repository. Git repo volumes do not support ownership management. Git repo volumes support SELinux relabeling.

    DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.*

    • gitRepo.repository (string), required

      repository is the URL

    • gitRepo.directory (string)

      directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

    • gitRepo.revision (string)

      revision is the commit hash for the specified revision.

DownwardAPIVolumeFile

DownwardAPIVolumeFile represents information to create the file containing the pod field

  • path (string), required

    Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

  • fieldRef (ObjectFieldSelector)

    Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

  • mode (int32)

    Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

  • resourceFieldRef (ResourceFieldSelector)

    Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

KeyToPath

Maps a string key to a path within a volume.

  • key (string), required

    key is the key to project.

  • path (string), required

    path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

  • mode (int32)

    mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

4 - PersistentVolumeClaim

PersistentVolumeClaim is a user's request for and claim to a persistent volume.

apiVersion: v1

import "k8s.io/api/core/v1"

PersistentVolumeClaim

PersistentVolumeClaim is a user's request for and claim to a persistent volume

PersistentVolumeClaimSpec

PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes

  • accessModes ([]string)

    accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

  • selector (LabelSelector)

    selector is a label query over volumes to consider for binding.

  • resources (ResourceRequirements)

    resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

    ResourceRequirements describes the compute resource requirements.

    • resources.claims ([]ResourceClaim)

      Map: unique values on key name will be kept during a merge

      Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

      This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

      This field is immutable. It can only be set for containers.

      ResourceClaim references one entry in PodSpec.ResourceClaims.

      • resources.claims.name (string), required

        Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

    • resources.limits (map[string]Quantity)

      Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

    • resources.requests (map[string]Quantity)

      Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

  • volumeName (string)

    volumeName is the binding reference to the PersistentVolume backing this claim.

  • storageClassName (string)

    storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

  • volumeMode (string)

    volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.

Beta level

  • dataSource (TypedLocalObjectReference)

    dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

  • dataSourceRef (TypedObjectReference)

    dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.

    • While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified.
    • While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

    **

    • dataSourceRef.kind (string), required

      Kind is the type of resource being referenced

    • dataSourceRef.name (string), required

      Name is the name of resource being referenced

    • dataSourceRef.apiGroup (string)

      APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.

    • dataSourceRef.namespace (string)

      Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.

PersistentVolumeClaimStatus

PersistentVolumeClaimStatus is the current status of a persistent volume claim.

  • accessModes ([]string)

    accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

  • allocatedResourceStatuses (map[string]string)

    allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.

    ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeInProgress" - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeFailed" - pvc.status.allocatedResourceStatus['storage'] = "NodeResizePending" - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeInProgress" - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeFailed" When this field is not set, it means that no resize operation is in progress for the given PVC.

    A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.

    This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.

  • allocatedResources (map[string]Quantity)

    allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.

    Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.

    A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.

    This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.

  • capacity (map[string]Quantity)

    capacity represents the actual resources of the underlying volume.

  • conditions ([]PersistentVolumeClaimCondition)

    Patch strategy: merge on key type

    conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.

    PersistentVolumeClaimCondition contains details about state of pvc

    • conditions.status (string), required

    • conditions.type (string), required

    • conditions.lastProbeTime (Time)

      lastProbeTime is the time we probed the condition.

      Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.

    • conditions.lastTransitionTime (Time)

      lastTransitionTime is the time the condition transitioned from one status to another.

      Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.

    • conditions.message (string)

      message is the human-readable message indicating details about last transition.

    • conditions.reason (string)

      reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized.

  • phase (string)

    phase represents the current phase of PersistentVolumeClaim.

PersistentVolumeClaimList

PersistentVolumeClaimList is a list of PersistentVolumeClaim items.

Operations

get read the specified PersistentVolumeClaim

HTTP Request

GET /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}

Parameters

  • name (in path): string, required

    name of the PersistentVolumeClaim

  • namespace (in path): string, required

    namespace

  • pretty (in query): string

    pretty

Response

200 (PersistentVolumeClaim): OK

401: Unauthorized

get read status of the specified PersistentVolumeClaim

HTTP Request

GET /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}/status

Parameters

  • name (in path): string, required

    name of the PersistentVolumeClaim

  • namespace (in path): string, required

    namespace

  • pretty (in query): string

    pretty

Response

200 (PersistentVolumeClaim): OK

401: Unauthorized

list list or watch objects of kind PersistentVolumeClaim

HTTP Request

GET /api/v1/namespaces/{namespace}/persistentvolumeclaims

Parameters

Response

200 (PersistentVolumeClaimList): OK

401: Unauthorized

list list or watch objects of kind PersistentVolumeClaim

HTTP Request

GET /api/v1/persistentvolumeclaims

Parameters

Response

200 (PersistentVolumeClaimList): OK

401: Unauthorized

create create a PersistentVolumeClaim

HTTP Request

POST /api/v1/namespaces/{namespace}/persistentvolumeclaims

Parameters

Response

200 (PersistentVolumeClaim): OK

201 (PersistentVolumeClaim): Created

202 (PersistentVolumeClaim): Accepted

401: Unauthorized

update replace the specified PersistentVolumeClaim

HTTP Request

PUT /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}

Parameters

Response

200 (PersistentVolumeClaim): OK

201 (PersistentVolumeClaim): Created

401: Unauthorized

update replace status of the specified PersistentVolumeClaim

HTTP Request

PUT /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}/status

Parameters

Response

200 (PersistentVolumeClaim): OK

201 (PersistentVolumeClaim): Created

401: Unauthorized

patch partially update the specified PersistentVolumeClaim

HTTP Request

PATCH /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}

Parameters

  • name (in path): string, required

    name of the PersistentVolumeClaim

  • namespace (in path): string, required

    namespace

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (PersistentVolumeClaim): OK

201 (PersistentVolumeClaim): Created

401: Unauthorized

patch partially update status of the specified PersistentVolumeClaim

HTTP Request

PATCH /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}/status

Parameters

  • name (in path): string, required

    name of the PersistentVolumeClaim

  • namespace (in path): string, required

    namespace

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (PersistentVolumeClaim): OK

201 (PersistentVolumeClaim): Created

401: Unauthorized

delete delete a PersistentVolumeClaim

HTTP Request

DELETE /api/v1/namespaces/{namespace}/persistentvolumeclaims/{name}

Parameters

Response

200 (PersistentVolumeClaim): OK

202 (PersistentVolumeClaim): Accepted

401: Unauthorized

deletecollection delete collection of PersistentVolumeClaim

HTTP Request

DELETE /api/v1/namespaces/{namespace}/persistentvolumeclaims

Parameters

Response

200 (Status): OK

401: Unauthorized

5 - PersistentVolume

PersistentVolume (PV) is a storage resource provisioned by an administrator.

apiVersion: v1

import "k8s.io/api/core/v1"

PersistentVolume

PersistentVolume (PV) is a storage resource provisioned by an administrator. It is analogous to a node. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes

PersistentVolumeSpec

PersistentVolumeSpec is the specification of a persistent volume.

  • accessModes ([]string)

    accessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes

  • capacity (map[string]Quantity)

    capacity is the description of the persistent volume's resources and capacity. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity

  • claimRef (ObjectReference)

    claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding

  • mountOptions ([]string)

    mountOptions is the list of mount options, e.g. ["ro", "soft"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options

  • nodeAffinity (VolumeNodeAffinity)

    nodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.

    VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.

    • nodeAffinity.required (NodeSelector)

      required specifies hard node constraints that must be met.

      A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.

      • nodeAffinity.required.nodeSelectorTerms ([]NodeSelectorTerm), required

        Required. A list of node selector terms. The terms are ORed.

        A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.

        • nodeAffinity.required.nodeSelectorTerms.matchExpressions ([]NodeSelectorRequirement)

          A list of node selector requirements by node's labels.

        • nodeAffinity.required.nodeSelectorTerms.matchFields ([]NodeSelectorRequirement)

          A list of node selector requirements by node's fields.

  • persistentVolumeReclaimPolicy (string)

    persistentVolumeReclaimPolicy defines what happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming

  • storageClassName (string)

    storageClassName is the name of StorageClass to which this persistent volume belongs. Empty value means that this volume does not belong to any StorageClass.

  • volumeMode (string)

    volumeMode defines if a volume is intended to be used with a formatted filesystem or to remain in raw block state. Value of Filesystem is implied when not included in spec.

Local

  • hostPath (HostPathVolumeSource)

    hostPath represents a directory on the host. Provisioned by a developer or tester. This is useful for single-node development and testing only! On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

    Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.

  • local (LocalVolumeSource)

    local represents directly-attached storage with node affinity

    Local represents directly-attached storage with node affinity (Beta feature)

    • local.path (string), required

      path of the full path to the volume on the node. It can be either a directory or block device (disk, partition, ...).

    • local.fsType (string)

      fsType is the filesystem type to mount. It applies only when the Path is a block device. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a filesystem if unspecified.

Persistent volumes

  • awsElasticBlockStore (AWSElasticBlockStoreVolumeSource)

    awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

    *Represents a Persistent Disk resource in AWS.

    An AWS EBS disk must exist before mounting to a container. The disk must also be in the same AWS zone as the kubelet. An AWS EBS disk can only be mounted as read/write once. AWS EBS volumes support ownership management and SELinux relabeling.*

  • azureDisk (AzureDiskVolumeSource)

    azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

    AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

    • azureDisk.diskName (string), required

      diskName is the Name of the data disk in the blob storage

    • azureDisk.diskURI (string), required

      diskURI is the URI of data disk in the blob storage

    • azureDisk.cachingMode (string)

      cachingMode is the Host Caching mode: None, Read Only, Read Write.

    • azureDisk.fsType (string)

      fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

    • azureDisk.kind (string)

      kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

    • azureDisk.readOnly (boolean)

      readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

  • azureFile (AzureFilePersistentVolumeSource)

    azureFile represents an Azure File Service mount on the host and bind mount to the pod.

    AzureFile represents an Azure File Service mount on the host and bind mount to the pod.

    • azureFile.secretName (string), required

      secretName is the name of secret that contains Azure Storage Account Name and Key

    • azureFile.shareName (string), required

      shareName is the azure Share Name

    • azureFile.readOnly (boolean)

      readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • azureFile.secretNamespace (string)

      secretNamespace is the namespace of the secret that contains Azure Storage Account Name and Key default is the same as the Pod

  • cephfs (CephFSPersistentVolumeSource)

    cephFS represents a Ceph FS mount on the host that shares a pod's lifetime

    Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.

  • cinder (CinderPersistentVolumeSource)

    cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

    Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.

    • cinder.volumeID (string), required

      volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

    • cinder.fsType (string)

      fsType Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

    • cinder.readOnly (boolean)

      readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

    • cinder.secretRef (SecretReference)

      secretRef is Optional: points to a secret object containing parameters used to connect to OpenStack.

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • cinder.secretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • cinder.secretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

  • csi (CSIPersistentVolumeSource)

    csi represents storage that is handled by an external CSI driver (Beta feature).

    Represents storage that is managed by an external CSI volume driver (Beta feature)

    • csi.driver (string), required

      driver is the name of the driver to use for this volume. Required.

    • csi.volumeHandle (string), required

      volumeHandle is the unique volume name returned by the CSI volume plugin’s CreateVolume to refer to the volume on all subsequent calls. Required.

    • csi.controllerExpandSecretRef (SecretReference)

      controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • csi.controllerExpandSecretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • csi.controllerExpandSecretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

    • csi.controllerPublishSecretRef (SecretReference)

      controllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • csi.controllerPublishSecretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • csi.controllerPublishSecretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

    • csi.fsType (string)

      fsType to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs".

    • csi.nodeExpandSecretRef (SecretReference)

      nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • csi.nodeExpandSecretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • csi.nodeExpandSecretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

    • csi.nodePublishSecretRef (SecretReference)

      nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • csi.nodePublishSecretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • csi.nodePublishSecretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

    • csi.nodeStageSecretRef (SecretReference)

      nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • csi.nodeStageSecretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • csi.nodeStageSecretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

    • csi.readOnly (boolean)

      readOnly value to pass to ControllerPublishVolumeRequest. Defaults to false (read/write).

    • csi.volumeAttributes (map[string]string)

      volumeAttributes of the volume to publish.

  • fc (FCVolumeSource)

    fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.

    Represents a Fibre Channel volume. Fibre Channel volumes can only be mounted as read/write once. Fibre Channel volumes support ownership management and SELinux relabeling.

    • fc.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

    • fc.lun (int32)

      lun is Optional: FC target lun number

    • fc.readOnly (boolean)

      readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • fc.targetWWNs ([]string)

      targetWWNs is Optional: FC target worldwide names (WWNs)

    • fc.wwids ([]string)

      wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

  • flexVolume (FlexPersistentVolumeSource)

    flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

    FlexPersistentVolumeSource represents a generic persistent volume resource that is provisioned/attached using an exec based plugin.

    • flexVolume.driver (string), required

      driver is the name of the driver to use for this volume.

    • flexVolume.fsType (string)

      fsType is the Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.

    • flexVolume.options (map[string]string)

      options is Optional: this field holds extra command options if any.

    • flexVolume.readOnly (boolean)

      readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • flexVolume.secretRef (SecretReference)

      secretRef is Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • flexVolume.secretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • flexVolume.secretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

  • flocker (FlockerVolumeSource)

    flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running

    Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.

    • flocker.datasetName (string)

      datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated

    • flocker.datasetUUID (string)

      datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset

  • gcePersistentDisk (GCEPersistentDiskVolumeSource)

    gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

    *Represents a Persistent Disk resource in Google Compute Engine.

    A GCE PD must exist before mounting to a container. The disk must also be in the same GCE project and zone as the kubelet. A GCE PD can only be mounted as read/write once or read-only many times. GCE PDs support ownership management and SELinux relabeling.*

  • glusterfs (GlusterfsPersistentVolumeSource)

    glusterfs represents a Glusterfs volume that is attached to a host and exposed to the pod. Provisioned by an admin. More info: https://examples.k8s.io/volumes/glusterfs/README.md

    Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.

  • iscsi (ISCSIPersistentVolumeSource)

    iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. Provisioned by an admin.

    ISCSIPersistentVolumeSource represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.

    • iscsi.iqn (string), required

      iqn is Target iSCSI Qualified Name.

    • iscsi.lun (int32), required

      lun is iSCSI Target Lun number.

    • iscsi.targetPortal (string), required

      targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

    • iscsi.chapAuthDiscovery (boolean)

      chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication

    • iscsi.chapAuthSession (boolean)

      chapAuthSession defines whether support iSCSI Session CHAP authentication

    • iscsi.fsType (string)

      fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi

    • iscsi.initiatorName (string)

      initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

    • iscsi.iscsiInterface (string)

      iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).

    • iscsi.portals ([]string)

      portals is the iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

    • iscsi.readOnly (boolean)

      readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

    • iscsi.secretRef (SecretReference)

      secretRef is the CHAP Secret for iSCSI target and initiator authentication

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • iscsi.secretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • iscsi.secretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

  • nfs (NFSVolumeSource)

    nfs represents an NFS mount on the host. Provisioned by an admin. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

    Represents an NFS mount that lasts the lifetime of a pod. NFS volumes do not support ownership management or SELinux relabeling.

  • photonPersistentDisk (PhotonPersistentDiskVolumeSource)

    photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine

    Represents a Photon Controller persistent disk resource.

    • photonPersistentDisk.pdID (string), required

      pdID is the ID that identifies Photon Controller persistent disk

    • photonPersistentDisk.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

  • portworxVolume (PortworxVolumeSource)

    portworxVolume represents a portworx volume attached and mounted on kubelets host machine

    PortworxVolumeSource represents a Portworx volume resource.

    • portworxVolume.volumeID (string), required

      volumeID uniquely identifies a Portworx volume

    • portworxVolume.fsType (string)

      fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.

    • portworxVolume.readOnly (boolean)

      readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

  • quobyte (QuobyteVolumeSource)

    quobyte represents a Quobyte mount on the host that shares a pod's lifetime

    Represents a Quobyte mount that lasts the lifetime of a pod. Quobyte volumes do not support ownership management or SELinux relabeling.

    • quobyte.registry (string), required

      registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes

    • quobyte.volume (string), required

      volume is a string that references an already created Quobyte volume by name.

    • quobyte.group (string)

      group to map volume access to Default is no group

    • quobyte.readOnly (boolean)

      readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.

    • quobyte.tenant (string)

      tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin

    • quobyte.user (string)

      user to map volume access to Defaults to serivceaccount user

  • rbd (RBDPersistentVolumeSource)

    rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md

    Represents a Rados Block Device mount that lasts the lifetime of a pod. RBD volumes support ownership management and SELinux relabeling.

  • scaleIO (ScaleIOPersistentVolumeSource)

    scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.

    ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume

    • scaleIO.gateway (string), required

      gateway is the host address of the ScaleIO API Gateway.

    • scaleIO.secretRef (SecretReference), required

      secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.

      SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

      • scaleIO.secretRef.name (string)

        name is unique within a namespace to reference a secret resource.

      • scaleIO.secretRef.namespace (string)

        namespace defines the space within which the secret name must be unique.

    • scaleIO.system (string), required

      system is the name of the storage system as configured in ScaleIO.

    • scaleIO.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs"

    • scaleIO.protectionDomain (string)

      protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.

    • scaleIO.readOnly (boolean)

      readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • scaleIO.sslEnabled (boolean)

      sslEnabled is the flag to enable/disable SSL communication with Gateway, default false

    • scaleIO.storageMode (string)

      storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.

    • scaleIO.storagePool (string)

      storagePool is the ScaleIO Storage Pool associated with the protection domain.

    • scaleIO.volumeName (string)

      volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.

  • storageos (StorageOSPersistentVolumeSource)

    storageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://examples.k8s.io/volumes/storageos/README.md

    Represents a StorageOS persistent volume resource.

    • storageos.fsType (string)

      fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

    • storageos.readOnly (boolean)

      readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

    • storageos.secretRef (ObjectReference)

      secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.

    • storageos.volumeName (string)

      volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.

    • storageos.volumeNamespace (string)

      volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.

  • vsphereVolume (VsphereVirtualDiskVolumeSource)

    vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine

    Represents a vSphere volume resource.

    • vsphereVolume.volumePath (string), required

      volumePath is the path that identifies vSphere volume vmdk

    • vsphereVolume.fsType (string)

      fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.

    • vsphereVolume.storagePolicyID (string)

      storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.

    • vsphereVolume.storagePolicyName (string)

      storagePolicyName is the storage Policy Based Management (SPBM) profile name.

PersistentVolumeStatus

PersistentVolumeStatus is the current status of a persistent volume.

  • lastPhaseTransitionTime (Time)

    lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature.

    Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.

  • message (string)

    message is a human-readable message indicating details about why the volume is in this state.

  • phase (string)

    phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase

  • reason (string)

    reason is a brief CamelCase string that describes any failure and is meant for machine parsing and tidy display in the CLI.

PersistentVolumeList

PersistentVolumeList is a list of PersistentVolume items.

Operations

get read the specified PersistentVolume

HTTP Request

GET /api/v1/persistentvolumes/{name}

Parameters

  • name (in path): string, required

    name of the PersistentVolume

  • pretty (in query): string

    pretty

Response

200 (PersistentVolume): OK

401: Unauthorized

get read status of the specified PersistentVolume

HTTP Request

GET /api/v1/persistentvolumes/{name}/status

Parameters

  • name (in path): string, required

    name of the PersistentVolume

  • pretty (in query): string

    pretty

Response

200 (PersistentVolume): OK

401: Unauthorized

list list or watch objects of kind PersistentVolume

HTTP Request

GET /api/v1/persistentvolumes

Parameters

Response

200 (PersistentVolumeList): OK

401: Unauthorized

create create a PersistentVolume

HTTP Request

POST /api/v1/persistentvolumes

Parameters

Response

200 (PersistentVolume): OK

201 (PersistentVolume): Created

202 (PersistentVolume): Accepted

401: Unauthorized

update replace the specified PersistentVolume

HTTP Request

PUT /api/v1/persistentvolumes/{name}

Parameters

Response

200 (PersistentVolume): OK

201 (PersistentVolume): Created

401: Unauthorized

update replace status of the specified PersistentVolume

HTTP Request

PUT /api/v1/persistentvolumes/{name}/status

Parameters

Response

200 (PersistentVolume): OK

201 (PersistentVolume): Created

401: Unauthorized

patch partially update the specified PersistentVolume

HTTP Request

PATCH /api/v1/persistentvolumes/{name}

Parameters

  • name (in path): string, required

    name of the PersistentVolume

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (PersistentVolume): OK

201 (PersistentVolume): Created

401: Unauthorized

patch partially update status of the specified PersistentVolume

HTTP Request

PATCH /api/v1/persistentvolumes/{name}/status

Parameters

  • name (in path): string, required

    name of the PersistentVolume

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (PersistentVolume): OK

201 (PersistentVolume): Created

401: Unauthorized

delete delete a PersistentVolume

HTTP Request

DELETE /api/v1/persistentvolumes/{name}

Parameters

Response

200 (PersistentVolume): OK

202 (PersistentVolume): Accepted

401: Unauthorized

deletecollection delete collection of PersistentVolume

HTTP Request

DELETE /api/v1/persistentvolumes

Parameters

Response

200 (Status): OK

401: Unauthorized

6 - StorageClass

StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.

apiVersion: storage.k8s.io/v1

import "k8s.io/api/storage/v1"

StorageClass

StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.

StorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.

  • apiVersion: storage.k8s.io/v1

  • kind: StorageClass

  • metadata (ObjectMeta)

    Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

  • provisioner (string), required

    provisioner indicates the type of the provisioner.

  • allowVolumeExpansion (boolean)

    allowVolumeExpansion shows whether the storage class allow volume expand.

  • allowedTopologies ([]TopologySelectorTerm)

    Atomic: will be replaced during a merge

    allowedTopologies restrict the node topologies where volumes can be dynamically provisioned. Each volume plugin defines its own supported topology specifications. An empty TopologySelectorTerm list means there is no topology restriction. This field is only honored by servers that enable the VolumeScheduling feature.

    A topology selector term represents the result of label queries. A null or empty topology selector term matches no objects. The requirements of them are ANDed. It provides a subset of functionality as NodeSelectorTerm. This is an alpha feature and may change in the future.

    • allowedTopologies.matchLabelExpressions ([]TopologySelectorLabelRequirement)

      A list of topology selector requirements by labels.

      A topology selector requirement is a selector that matches given label. This is an alpha feature and may change in the future.

      • allowedTopologies.matchLabelExpressions.key (string), required

        The label key that the selector applies to.

      • allowedTopologies.matchLabelExpressions.values ([]string), required

        An array of string values. One value must match the label to be selected. Each entry in Values is ORed.

  • mountOptions ([]string)

    mountOptions controls the mountOptions for dynamically provisioned PersistentVolumes of this storage class. e.g. ["ro", "soft"]. Not validated - mount of the PVs will simply fail if one is invalid.

  • parameters (map[string]string)

    parameters holds the parameters for the provisioner that should create volumes of this storage class.

  • reclaimPolicy (string)

    reclaimPolicy controls the reclaimPolicy for dynamically provisioned PersistentVolumes of this storage class. Defaults to Delete.

  • volumeBindingMode (string)

    volumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound. When unset, VolumeBindingImmediate is used. This field is only honored by servers that enable the VolumeScheduling feature.

StorageClassList

StorageClassList is a collection of storage classes.

Operations

get read the specified StorageClass

HTTP Request

GET /apis/storage.k8s.io/v1/storageclasses/{name}

Parameters

  • name (in path): string, required

    name of the StorageClass

  • pretty (in query): string

    pretty

Response

200 (StorageClass): OK

401: Unauthorized

list list or watch objects of kind StorageClass

HTTP Request

GET /apis/storage.k8s.io/v1/storageclasses

Parameters

Response

200 (StorageClassList): OK

401: Unauthorized

create create a StorageClass

HTTP Request

POST /apis/storage.k8s.io/v1/storageclasses

Parameters

Response

200 (StorageClass): OK

201 (StorageClass): Created

202 (StorageClass): Accepted

401: Unauthorized

update replace the specified StorageClass

HTTP Request

PUT /apis/storage.k8s.io/v1/storageclasses/{name}

Parameters

Response

200 (StorageClass): OK

201 (StorageClass): Created

401: Unauthorized

patch partially update the specified StorageClass

HTTP Request

PATCH /apis/storage.k8s.io/v1/storageclasses/{name}

Parameters

  • name (in path): string, required

    name of the StorageClass

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (StorageClass): OK

201 (StorageClass): Created

401: Unauthorized

delete delete a StorageClass

HTTP Request

DELETE /apis/storage.k8s.io/v1/storageclasses/{name}

Parameters

Response

200 (StorageClass): OK

202 (StorageClass): Accepted

401: Unauthorized

deletecollection delete collection of StorageClass

HTTP Request

DELETE /apis/storage.k8s.io/v1/storageclasses

Parameters

Response

200 (Status): OK

401: Unauthorized

7 - VolumeAttachment

VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.

apiVersion: storage.k8s.io/v1

import "k8s.io/api/storage/v1"

VolumeAttachment

VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.

VolumeAttachment objects are non-namespaced.

VolumeAttachmentSpec

VolumeAttachmentSpec is the specification of a VolumeAttachment request.

  • attacher (string), required

    attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().

  • nodeName (string), required

    nodeName represents the node that the volume should be attached to.

  • source (VolumeAttachmentSource), required

    source represents the volume that should be attached.

    VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.

    • source.inlineVolumeSpec (PersistentVolumeSpec)

      inlineVolumeSpec contains all the information necessary to attach a persistent volume defined by a pod's inline VolumeSource. This field is populated only for the CSIMigration feature. It contains translated fields from a pod's inline VolumeSource to a PersistentVolumeSpec. This field is beta-level and is only honored by servers that enabled the CSIMigration feature.

    • source.persistentVolumeName (string)

      persistentVolumeName represents the name of the persistent volume to attach.

VolumeAttachmentStatus

VolumeAttachmentStatus is the status of a VolumeAttachment request.

  • attached (boolean), required

    attached indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.

  • attachError (VolumeError)

    attachError represents the last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.

    VolumeError captures an error encountered during a volume operation.

    • attachError.message (string)

      message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.

    • attachError.time (Time)

      time represents the time the error was encountered.

      Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.

  • attachmentMetadata (map[string]string)

    attachmentMetadata is populated with any information returned by the attach operation, upon successful attach, that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.

  • detachError (VolumeError)

    detachError represents the last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.

    VolumeError captures an error encountered during a volume operation.

    • detachError.message (string)

      message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.

    • detachError.time (Time)

      time represents the time the error was encountered.

      Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.

VolumeAttachmentList

VolumeAttachmentList is a collection of VolumeAttachment objects.

Operations

get read the specified VolumeAttachment

HTTP Request

GET /apis/storage.k8s.io/v1/volumeattachments/{name}

Parameters

  • name (in path): string, required

    name of the VolumeAttachment

  • pretty (in query): string

    pretty

Response

200 (VolumeAttachment): OK

401: Unauthorized

get read status of the specified VolumeAttachment

HTTP Request

GET /apis/storage.k8s.io/v1/volumeattachments/{name}/status

Parameters

  • name (in path): string, required

    name of the VolumeAttachment

  • pretty (in query): string

    pretty

Response

200 (VolumeAttachment): OK

401: Unauthorized

list list or watch objects of kind VolumeAttachment

HTTP Request

GET /apis/storage.k8s.io/v1/volumeattachments

Parameters

Response

200 (VolumeAttachmentList): OK

401: Unauthorized

create create a VolumeAttachment

HTTP Request

POST /apis/storage.k8s.io/v1/volumeattachments

Parameters

Response

200 (VolumeAttachment): OK

201 (VolumeAttachment): Created

202 (VolumeAttachment): Accepted

401: Unauthorized

update replace the specified VolumeAttachment

HTTP Request

PUT /apis/storage.k8s.io/v1/volumeattachments/{name}

Parameters

Response

200 (VolumeAttachment): OK

201 (VolumeAttachment): Created

401: Unauthorized

update replace status of the specified VolumeAttachment

HTTP Request

PUT /apis/storage.k8s.io/v1/volumeattachments/{name}/status

Parameters

Response

200 (VolumeAttachment): OK

201 (VolumeAttachment): Created

401: Unauthorized

patch partially update the specified VolumeAttachment

HTTP Request

PATCH /apis/storage.k8s.io/v1/volumeattachments/{name}

Parameters

  • name (in path): string, required

    name of the VolumeAttachment

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (VolumeAttachment): OK

201 (VolumeAttachment): Created

401: Unauthorized

patch partially update status of the specified VolumeAttachment

HTTP Request

PATCH /apis/storage.k8s.io/v1/volumeattachments/{name}/status

Parameters

  • name (in path): string, required

    name of the VolumeAttachment

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (VolumeAttachment): OK

201 (VolumeAttachment): Created

401: Unauthorized

delete delete a VolumeAttachment

HTTP Request

DELETE /apis/storage.k8s.io/v1/volumeattachments/{name}

Parameters

Response

200 (VolumeAttachment): OK

202 (VolumeAttachment): Accepted

401: Unauthorized

deletecollection delete collection of VolumeAttachment

HTTP Request

DELETE /apis/storage.k8s.io/v1/volumeattachments

Parameters

Response

200 (Status): OK

401: Unauthorized

8 - CSIDriver

CSIDriver captures information about a Container Storage Interface (CSI) volume driver deployed on the cluster.

apiVersion: storage.k8s.io/v1

import "k8s.io/api/storage/v1"

CSIDriver

CSIDriver captures information about a Container Storage Interface (CSI) volume driver deployed on the cluster. Kubernetes attach detach controller uses this object to determine whether attach is required. Kubelet uses this object to determine whether pod information needs to be passed on mount. CSIDriver objects are non-namespaced.

  • apiVersion: storage.k8s.io/v1

  • kind: CSIDriver

  • metadata (ObjectMeta)

    Standard object metadata. metadata.Name indicates the name of the CSI driver that this object refers to; it MUST be the same name returned by the CSI GetPluginName() call for that driver. The driver name must be 63 characters or less, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), dots (.), and alphanumerics between. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

  • spec (CSIDriverSpec), required

    spec represents the specification of the CSI Driver.

CSIDriverSpec

CSIDriverSpec is the specification of a CSIDriver.

  • attachRequired (boolean)

    attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.

    This field is immutable.

  • fsGroupPolicy (string)

    fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.

    This field is immutable.

    Defaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.

  • podInfoOnMount (boolean)

    podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.

    The CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.

    The following VolumeConext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. "csi.storage.k8s.io/pod.name": pod.Name "csi.storage.k8s.io/pod.namespace": pod.Namespace "csi.storage.k8s.io/pod.uid": string(pod.UID) "csi.storage.k8s.io/ephemeral": "true" if the volume is an ephemeral inline volume defined by a CSIVolumeSource, otherwise "false"

    "csi.storage.k8s.io/ephemeral" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the "Persistent" and "Ephemeral" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.

    This field is immutable.

  • requiresRepublish (boolean)

    requiresRepublish indicates the CSI driver wants NodePublishVolume being periodically called to reflect any possible change in the mounted volume. This field defaults to false.

    Note: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.

  • seLinuxMount (boolean)

    seLinuxMount specifies if the CSI driver supports "-o context" mount option.

    When "true", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different -o context options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with "-o context=xyz" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.

    When "false", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.

    Default is "false".

  • storageCapacity (boolean)

    storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.

    The check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.

    Alternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.

    This field was immutable in Kubernetes <= 1.22 and now is mutable.

  • tokenRequests ([]TokenRequest)

    Atomic: will be replaced during a merge

    tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: "csi.storage.k8s.io/serviceAccount.tokens": { "<audience>": { "token": <token>, "expirationTimestamp": <expiration timestamp in RFC3339>, }, ... }

    Note: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.

    TokenRequest contains parameters of a service account token.

    • tokenRequests.audience (string), required

      audience is the intended audience of the token in "TokenRequestSpec". It will default to the audiences of kube apiserver.

    • tokenRequests.expirationSeconds (int64)

      expirationSeconds is the duration of validity of the token in "TokenRequestSpec". It has the same default value of "ExpirationSeconds" in "TokenRequestSpec".

  • volumeLifecycleModes ([]string)

    Set: unique values will be kept during a merge

    volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is "Persistent", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.

    The other mode is "Ephemeral". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.

    For more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.

    This field is beta. This field is immutable.

CSIDriverList

CSIDriverList is a collection of CSIDriver objects.

Operations

get read the specified CSIDriver

HTTP Request

GET /apis/storage.k8s.io/v1/csidrivers/{name}

Parameters

  • name (in path): string, required

    name of the CSIDriver

  • pretty (in query): string

    pretty

Response

200 (CSIDriver): OK

401: Unauthorized

list list or watch objects of kind CSIDriver

HTTP Request

GET /apis/storage.k8s.io/v1/csidrivers

Parameters

Response

200 (CSIDriverList): OK

401: Unauthorized

create create a CSIDriver

HTTP Request

POST /apis/storage.k8s.io/v1/csidrivers

Parameters

Response

200 (CSIDriver): OK

201 (CSIDriver): Created

202 (CSIDriver): Accepted

401: Unauthorized

update replace the specified CSIDriver

HTTP Request

PUT /apis/storage.k8s.io/v1/csidrivers/{name}

Parameters

Response

200 (CSIDriver): OK

201 (CSIDriver): Created

401: Unauthorized

patch partially update the specified CSIDriver

HTTP Request

PATCH /apis/storage.k8s.io/v1/csidrivers/{name}

Parameters

  • name (in path): string, required

    name of the CSIDriver

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (CSIDriver): OK

201 (CSIDriver): Created

401: Unauthorized

delete delete a CSIDriver

HTTP Request

DELETE /apis/storage.k8s.io/v1/csidrivers/{name}

Parameters

Response

200 (CSIDriver): OK

202 (CSIDriver): Accepted

401: Unauthorized

deletecollection delete collection of CSIDriver

HTTP Request

DELETE /apis/storage.k8s.io/v1/csidrivers

Parameters

Response

200 (Status): OK

401: Unauthorized

9 - CSINode

CSINode holds information about all CSI drivers installed on a node.

apiVersion: storage.k8s.io/v1

import "k8s.io/api/storage/v1"

CSINode

CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need to create the CSINode object directly. As long as they use the node-driver-registrar sidecar container, the kubelet will automatically populate the CSINode object for the CSI driver as part of kubelet plugin registration. CSINode has the same name as a node. If the object is missing, it means either there are no CSI Drivers available on the node, or the Kubelet version is low enough that it doesn't create this object. CSINode has an OwnerReference that points to the corresponding node object.

  • apiVersion: storage.k8s.io/v1

  • kind: CSINode

  • metadata (ObjectMeta)

    Standard object's metadata. metadata.name must be the Kubernetes node name.

  • spec (CSINodeSpec), required

    spec is the specification of CSINode

CSINodeSpec

CSINodeSpec holds information about the specification of all CSI drivers installed on a node

  • drivers ([]CSINodeDriver), required

    Patch strategy: merge on key name

    drivers is a list of information of all CSI Drivers existing on a node. If all drivers in the list are uninstalled, this can become empty.

    CSINodeDriver holds information about the specification of one CSI driver installed on a node

    • drivers.name (string), required

      name represents the name of the CSI driver that this object refers to. This MUST be the same name returned by the CSI GetPluginName() call for that driver.

    • drivers.nodeID (string), required

      nodeID of the node from the driver point of view. This field enables Kubernetes to communicate with storage systems that do not share the same nomenclature for nodes. For example, Kubernetes may refer to a given node as "node1", but the storage system may refer to the same node as "nodeA". When Kubernetes issues a command to the storage system to attach a volume to a specific node, it can use this field to refer to the node name using the ID that the storage system will understand, e.g. "nodeA" instead of "node1". This field is required.

    • drivers.allocatable (VolumeNodeResources)

      allocatable represents the volume resources of a node that are available for scheduling. This field is beta.

      VolumeNodeResources is a set of resource limits for scheduling of volumes.

      • drivers.allocatable.count (int32)

        count indicates the maximum number of unique volumes managed by the CSI driver that can be used on a node. A volume that is both attached and mounted on a node is considered to be used once, not twice. The same rule applies for a unique volume that is shared among multiple pods on the same node. If this field is not specified, then the supported number of volumes on this node is unbounded.

    • drivers.topologyKeys ([]string)

      topologyKeys is the list of keys supported by the driver. When a driver is initialized on a cluster, it provides a set of topology keys that it understands (e.g. "company.com/zone", "company.com/region"). When a driver is initialized on a node, it provides the same topology keys along with values. Kubelet will expose these topology keys as labels on its own node object. When Kubernetes does topology aware provisioning, it can use this list to determine which labels it should retrieve from the node object and pass back to the driver. It is possible for different nodes to use different topology keys. This can be empty if driver does not support topology.

CSINodeList

CSINodeList is a collection of CSINode objects.

Operations

get read the specified CSINode

HTTP Request

GET /apis/storage.k8s.io/v1/csinodes/{name}

Parameters

  • name (in path): string, required

    name of the CSINode

  • pretty (in query): string

    pretty

Response

200 (CSINode): OK

401: Unauthorized

list list or watch objects of kind CSINode

HTTP Request

GET /apis/storage.k8s.io/v1/csinodes

Parameters

Response

200 (CSINodeList): OK

401: Unauthorized

create create a CSINode

HTTP Request

POST /apis/storage.k8s.io/v1/csinodes

Parameters

Response

200 (CSINode): OK

201 (CSINode): Created

202 (CSINode): Accepted

401: Unauthorized

update replace the specified CSINode

HTTP Request

PUT /apis/storage.k8s.io/v1/csinodes/{name}

Parameters

Response

200 (CSINode): OK

201 (CSINode): Created

401: Unauthorized

patch partially update the specified CSINode

HTTP Request

PATCH /apis/storage.k8s.io/v1/csinodes/{name}

Parameters

  • name (in path): string, required

    name of the CSINode

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (CSINode): OK

201 (CSINode): Created

401: Unauthorized

delete delete a CSINode

HTTP Request

DELETE /apis/storage.k8s.io/v1/csinodes/{name}

Parameters

Response

200 (CSINode): OK

202 (CSINode): Accepted

401: Unauthorized

deletecollection delete collection of CSINode

HTTP Request

DELETE /apis/storage.k8s.io/v1/csinodes

Parameters

Response

200 (Status): OK

401: Unauthorized

10 - CSIStorageCapacity

CSIStorageCapacity stores the result of one CSI GetCapacity call.

apiVersion: storage.k8s.io/v1

import "k8s.io/api/storage/v1"

CSIStorageCapacity

CSIStorageCapacity stores the result of one CSI GetCapacity call. For a given StorageClass, this describes the available capacity in a particular topology segment. This can be used when considering where to instantiate new PersistentVolumes.

For example this can express things like: - StorageClass "standard" has "1234 GiB" available in "topology.kubernetes.io/zone=us-east1" - StorageClass "localssd" has "10 GiB" available in "kubernetes.io/hostname=knode-abc123"

The following three cases all imply that no capacity is available for a certain combination: - no object exists with suitable topology and storage class name - such an object exists, but the capacity is unset - such an object exists, but the capacity is zero

The producer of these objects can decide which approach is more suitable.

They are consumed by the kube-scheduler when a CSI driver opts into capacity-aware scheduling with CSIDriverSpec.StorageCapacity. The scheduler compares the MaximumVolumeSize against the requested size of pending volumes to filter out unsuitable nodes. If MaximumVolumeSize is unset, it falls back to a comparison against the less precise Capacity. If that is also unset, the scheduler assumes that capacity is insufficient and tries some other node.

  • apiVersion: storage.k8s.io/v1

  • kind: CSIStorageCapacity

  • metadata (ObjectMeta)

    Standard object's metadata. The name has no particular meaning. It must be a DNS subdomain (dots allowed, 253 characters). To ensure that there are no conflicts with other CSI drivers on the cluster, the recommendation is to use csisc-<uuid>, a generated name, or a reverse-domain name which ends with the unique CSI driver name.

    Objects are namespaced.

    More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

  • storageClassName (string), required

    storageClassName represents the name of the StorageClass that the reported capacity applies to. It must meet the same requirements as the name of a StorageClass object (non-empty, DNS subdomain). If that object no longer exists, the CSIStorageCapacity object is obsolete and should be removed by its creator. This field is immutable.

  • capacity (Quantity)

    capacity is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.

    The semantic is currently (CSI spec 1.2) defined as: The available capacity, in bytes, of the storage that can be used to provision volumes. If not set, that information is currently unavailable.

  • maximumVolumeSize (Quantity)

    maximumVolumeSize is the value reported by the CSI driver in its GetCapacityResponse for a GetCapacityRequest with topology and parameters that match the previous fields.

    This is defined since CSI spec 1.4.0 as the largest size that may be used in a CreateVolumeRequest.capacity_range.required_bytes field to create a volume with the same parameters as those in GetCapacityRequest. The corresponding value in the Kubernetes API is ResourceRequirements.Requests in a volume claim.

  • nodeTopology (LabelSelector)

    nodeTopology defines which nodes have access to the storage for which capacity was reported. If not set, the storage is not accessible from any node in the cluster. If empty, the storage is accessible from all nodes. This field is immutable.

CSIStorageCapacityList

CSIStorageCapacityList is a collection of CSIStorageCapacity objects.

Operations

get read the specified CSIStorageCapacity

HTTP Request

GET /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities/{name}

Parameters

  • name (in path): string, required

    name of the CSIStorageCapacity

  • namespace (in path): string, required

    namespace

  • pretty (in query): string

    pretty

Response

200 (CSIStorageCapacity): OK

401: Unauthorized

list list or watch objects of kind CSIStorageCapacity

HTTP Request

GET /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities

Parameters

Response

200 (CSIStorageCapacityList): OK

401: Unauthorized

list list or watch objects of kind CSIStorageCapacity

HTTP Request

GET /apis/storage.k8s.io/v1/csistoragecapacities

Parameters

Response

200 (CSIStorageCapacityList): OK

401: Unauthorized

create create a CSIStorageCapacity

HTTP Request

POST /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities

Parameters

Response

200 (CSIStorageCapacity): OK

201 (CSIStorageCapacity): Created

202 (CSIStorageCapacity): Accepted

401: Unauthorized

update replace the specified CSIStorageCapacity

HTTP Request

PUT /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities/{name}

Parameters

Response

200 (CSIStorageCapacity): OK

201 (CSIStorageCapacity): Created

401: Unauthorized

patch partially update the specified CSIStorageCapacity

HTTP Request

PATCH /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities/{name}

Parameters

  • name (in path): string, required

    name of the CSIStorageCapacity

  • namespace (in path): string, required

    namespace

  • body: Patch, required

  • dryRun (in query): string

    dryRun

  • fieldManager (in query): string

    fieldManager

  • fieldValidation (in query): string

    fieldValidation

  • force (in query): boolean

    force

  • pretty (in query): string

    pretty

Response

200 (CSIStorageCapacity): OK

201 (CSIStorageCapacity): Created

401: Unauthorized

delete delete a CSIStorageCapacity

HTTP Request

DELETE /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities/{name}

Parameters

Response

200 (Status): OK

202 (Status): Accepted

401: Unauthorized

deletecollection delete collection of CSIStorageCapacity

HTTP Request

DELETE /apis/storage.k8s.io/v1/namespaces/{namespace}/csistoragecapacities

Parameters

Response

200 (Status): OK

401: Unauthorized